Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/KMV_MeO0hLhtZCjq1lqwJ3PvI5M.roa
File: KMV_MeO0hLhtZCjq1lqwJ3PvI5M.roa (raw, json)
Hash identifier: DLpQWgTnYXhTnfUhzszM/E2P2/bQ7PyHbo2We93BLHo=
Subject key identifier: 28:C5:7F:31:E3:B4:84:B8:6D:64:28:EA:D6:5A:B0:27:73:EF:23:93
Certificate issuer: /CN=1083a6411796bf726387f7a55cf84b57ca899beb
Certificate serial: 019B7C12A20B6085EA9F7322B4C1C0F081EA
Authority key identifier: 10:83:A6:41:17:96:BF:72:63:87:F7:A5:5C:F8:4B:57:CA:89:9B:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EIOmQReWv3Jjh_elXPhLV8qJm-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/KMV_MeO0hLhtZCjq1lqwJ3PvI5M.roa
Signing time: Fri 02 Jan 2026 00:19:14 +0000
ROA not before: Fri 02 Jan 2026 00:19:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199285
IP address blocks: 85.90.195.0/24 maxlen: 24
91.238.193.0/24 maxlen: 24
2a13:ce80::/29 maxlen: 29
2a13:ce80::/32 maxlen: 48
2a13:ce80:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/EIOmQReWv3Jjh_elXPhLV8qJm-s.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/EIOmQReWv3Jjh_elXPhLV8qJm-s.mft
rsync://rpki.ripe.net/repository/DEFAULT/EIOmQReWv3Jjh_elXPhLV8qJm-s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:a2:0b:60:85:ea:9f:73:22:b4:c1:c0:f0:81:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1083a6411796bf726387f7a55cf84b57ca899beb
Validity
Not Before: Jan 2 00:19:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28c57f31e3b484b86d6428ead65ab02773ef2393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:e3:3e:84:e0:23:29:f9:09:f7:b4:cd:56:
1c:f5:a9:05:68:15:45:73:c0:6b:6a:33:e8:69:06:
b2:69:e6:11:93:d4:d7:54:76:de:b8:02:d0:10:ee:
69:06:38:69:ef:99:4b:ef:17:41:60:8d:12:96:75:
02:17:b1:0a:f9:c4:56:85:dc:3a:48:29:15:e7:18:
1e:f1:fd:89:6b:d4:d8:22:79:f5:ad:23:8f:09:67:
68:26:87:c9:32:31:fc:50:15:43:a7:38:81:0c:75:
8c:a3:83:4d:71:b6:97:54:3d:6d:06:ac:4d:3f:80:
4a:8b:2f:06:f7:2a:e0:08:6e:64:94:3e:21:f4:a0:
12:be:75:38:b1:6b:29:9e:76:08:38:41:80:42:69:
c4:5b:9d:81:10:23:b4:6a:a8:e0:12:92:62:a3:fa:
12:ac:3e:0d:ae:ce:f9:ce:43:69:7e:cf:b4:4f:26:
f3:5b:ac:b4:e7:43:24:f4:4f:c9:5a:66:01:f5:ab:
cd:d2:07:48:4b:21:1f:4b:d5:82:a8:f8:b8:82:32:
25:71:15:59:46:44:72:13:1a:b5:6a:57:ad:27:39:
e9:8c:78:b3:ca:ee:88:b7:ce:5b:34:fa:75:23:88:
e7:11:1d:f2:f6:7d:74:48:c0:30:86:12:37:2c:83:
23:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:C5:7F:31:E3:B4:84:B8:6D:64:28:EA:D6:5A:B0:27:73:EF:23:93
X509v3 Authority Key Identifier:
keyid:10:83:A6:41:17:96:BF:72:63:87:F7:A5:5C:F8:4B:57:CA:89:9B:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EIOmQReWv3Jjh_elXPhLV8qJm-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/KMV_MeO0hLhtZCjq1lqwJ3PvI5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc330d-dad2-4e70-a149-91cf4fc703eb/1/EIOmQReWv3Jjh_elXPhLV8qJm-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.90.195.0/24
91.238.193.0/24
IPv6:
2a13:ce80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:04:fb:f1:50:f8:47:1d:8a:f7:79:6c:bd:37:84:1a:62:97:
45:07:c0:72:0e:29:4b:46:07:6f:c0:ce:db:96:0a:c4:3b:4a:
f0:b1:ff:93:af:2a:b1:a4:e9:61:48:4f:d7:c5:ff:fb:11:a5:
bf:00:3b:73:57:3a:86:b3:9c:3a:94:3a:3e:34:ad:c1:48:dc:
78:87:fa:54:f5:e9:12:df:8f:e5:01:50:6a:81:20:51:06:44:
f5:21:ba:29:26:11:de:04:ce:ee:b3:d6:dd:73:fb:44:19:51:
5b:98:30:fc:3e:80:e2:8f:07:ce:75:0b:2b:6f:b6:2d:60:71:
3b:56:fc:c0:4d:46:89:b1:d9:9f:32:3d:03:9c:7e:45:06:b7:
57:e0:20:7d:43:a5:a0:09:fd:13:ea:87:fd:ee:c8:f8:6a:d9:
48:17:b9:03:9a:44:f1:22:ea:58:73:81:15:aa:de:ec:74:da:
0d:a3:76:7a:0f:f1:f3:54:06:ba:a9:27:a0:57:90:28:62:7c:
ae:6d:aa:94:7e:eb:0f:8d:57:ae:fc:5d:ec:ac:f7:1b:c6:89:
f8:e1:a2:32:6f:67:9a:30:9e:4b:4b:86:c0:4a:ab:16:42:f7:
88:c2:1e:39:c0:b9:4e:ab:f0:23:6a:16:09:61:ce:e4:00:a3:
c0:c5:f2:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt8EqILYIXqn3MitMHA8IHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwODNhNjQxMTc5NmJmNzI2Mzg3ZjdhNTVjZjg0YjU3Y2E4
OTliZWIwHhcNMjYwMTAyMDAxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGM1N2YzMWUzYjQ4NGI4NmQ2NDI4ZWFkNjVhYjAyNzczZWYyMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoc3jPoTgIyn5Cfe0zVYc9akFaBVF
c8BrajPoaQayaeYRk9TXVHbeuALQEO5pBjhp75lL7xdBYI0SlnUCF7EK+cRWhdw6
SCkV5xge8f2Ja9TYInn1rSOPCWdoJofJMjH8UBVDpziBDHWMo4NNcbaXVD1tBqxN
P4BKiy8G9yrgCG5klD4h9KASvnU4sWspnnYIOEGAQmnEW52BECO0aqjgEpJio/oS
rD4Nrs75zkNpfs+0TybzW6y050Mk9E/JWmYB9avN0gdISyEfS9WCqPi4gjIlcRVZ
RkRyExq1aletJznpjHizyu6It85bNPp1I4jnER3y9n10SMAwhhI3LIMjwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCjFfzHjtIS4bWQo6tZasCdz7yOTMB8GA1UdIwQY
MBaAFBCDpkEXlr9yY4f3pVz4S1fKiZvrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUlPbVFSZVd2M0pqaF9lbFhQaExWOHFKbS1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzMzMGQtZGFkMi00ZTcwLWExNDkt
OTFjZjRmYzcwM2ViLzEvS01WX01lTzBoTGh0WkNqcTFscXdKM1B2STVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzMzMGQtZGFkMi00ZTcwLWExNDktOTFjZjRmYzcwM2Vi
LzEvRUlPbVFSZVd2M0pqaF9lbFhQaExWOHFKbS1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAVVrDAwQA
W+7BMA0EAgACMAcDBQMqE86AMA0GCSqGSIb3DQEBCwUAA4IBAQALBPvxUPhHHYr3
eWy9N4QaYpdFB8ByDilLRgdvwM7blgrEO0rwsf+TryqxpOlhSE/Xxf/7EaW/ADtz
VzqGs5w6lDo+NK3BSNx4h/pU9ekS34/lAVBqgSBRBkT1IbopJhHeBM7us9bdc/tE
GVFbmDD8PoDijwfOdQsrb7YtYHE7VvzATUaJsdmfMj0DnH5FBrdX4CB9Q6WgCf0T
6of97sj4atlIF7kDmkTxIupYc4EVqt7sdNoNo3Z6D/HzVAa6qSegV5AoYnyubaqU
fusPjVeu/F3srPcbxon44aIyb2eaMJ5LS4bASqsWQveIwh45wLlOq/AjahYJYc7k
AKPAxfIk
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:23:37 2026 by rpki-client