Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Kxzx0wubHKE7GQVGmSZiIxSXwjY.roa
File: Kxzx0wubHKE7GQVGmSZiIxSXwjY.roa (raw, json)
Hash identifier: g7diJoLt81jM6+9grEYlU0DkQcm2B8C3L0rb+PsIMgs=
Subject key identifier: 2B:1C:F1:D3:0B:9B:1C:A1:3B:19:05:46:99:26:62:23:14:97:C2:36
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019D54F268E26A99E5E80B462C5958AAD657
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Kxzx0wubHKE7GQVGmSZiIxSXwjY.roa
Signing time: Fri 03 Apr 2026 20:04:25 +0000
ROA not before: Fri 03 Apr 2026 20:04:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29182
IP address blocks: 188.119.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:54:f2:68:e2:6a:99:e5:e8:0b:46:2c:59:58:aa:d6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Apr 3 20:04:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2b1cf1d30b9b1ca13b190546992662231497c236
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b7:ee:00:87:ca:1c:96:c8:37:f3:6d:24:82:
02:0d:65:52:6f:fc:56:5b:9e:d4:62:db:42:00:d5:
bf:ac:0c:03:ad:e3:e5:bc:79:b2:fa:3b:61:0f:d3:
2b:59:d4:82:92:9e:38:09:8d:99:c3:e0:64:30:e1:
62:ee:15:c2:7d:a8:dd:08:15:20:a4:72:82:64:10:
9c:ad:6d:b2:b2:82:63:82:43:bc:03:cc:52:c9:d8:
fa:c5:9d:7a:22:f8:82:99:fb:09:8c:55:71:1a:78:
32:5d:34:94:39:42:be:23:8f:36:4f:f4:91:83:56:
48:76:49:79:2a:9d:87:73:3e:74:36:fb:71:3a:f1:
5a:20:04:9e:bf:6c:e7:5d:a8:92:1a:ef:3b:15:c8:
2f:cc:a9:34:04:f3:63:34:8b:b6:5e:a2:59:b8:e4:
84:92:a0:14:a6:ac:c4:5c:90:ce:54:86:bc:ee:08:
98:8a:9c:ca:14:7e:cc:55:ef:86:da:fb:47:d5:ec:
7e:34:18:8f:c6:4f:d4:0a:3f:8c:d7:c2:90:1a:8f:
59:23:13:a2:8b:93:ce:b4:58:d6:f7:f9:e7:ee:69:
5d:8e:4f:24:54:ad:2c:fa:f1:85:df:20:8c:04:2e:
66:4f:4a:f8:89:01:48:0a:a2:b6:65:fb:f4:4b:34:
de:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1C:F1:D3:0B:9B:1C:A1:3B:19:05:46:99:26:62:23:14:97:C2:36
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/Kxzx0wubHKE7GQVGmSZiIxSXwjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.114.0/24
Signature Algorithm: sha256WithRSAEncryption
23:1d:4a:00:75:d6:8c:bb:51:ed:21:9c:c2:59:b4:aa:5b:13:
ad:b7:4d:e5:08:5c:18:a4:9c:b4:39:9e:d8:9c:6e:bb:c6:63:
30:4e:a0:17:bf:6c:b6:0c:75:06:67:97:f5:ca:89:63:e4:c9:
11:c4:d4:f4:bd:86:50:fe:e4:c1:12:08:6a:61:42:a0:a1:c8:
b7:7c:16:67:e7:f5:05:f5:17:5c:42:c9:2c:e4:4a:1f:67:7b:
c3:f4:1d:cc:5c:db:4f:c5:21:bf:a2:3a:06:da:9c:be:c9:9f:
91:5e:3a:1f:47:70:fd:25:4a:f4:7f:65:42:1d:47:43:b2:9d:
7c:54:1e:84:b2:59:57:b2:bf:09:d0:44:5e:31:af:2d:ea:2c:
e4:bd:88:cb:31:35:aa:bb:05:dd:53:c7:c6:5c:57:d3:37:a3:
14:8d:34:bb:e0:e6:13:c9:dc:74:d9:93:09:a1:9c:59:45:95:
f4:11:2d:59:4d:dd:3c:e8:32:41:ce:ba:4c:93:3c:36:9e:6e:
37:97:aa:37:93:59:eb:3f:63:9d:16:2c:4f:12:51:de:43:05:
0b:2e:0a:c2:1f:be:f1:1c:87:d1:df:d5:3e:56:87:0b:63:8d:
ac:8f:64:b3:8b:7b:13:7e:65:37:d9:78:20:46:59:b9:b6:01:
ec:2f:57:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1U8mjiapnl6AtGLFlYqtZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwNDAzMjAwNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjFjZjFkMzBiOWIxY2ExM2IxOTA1NDY5OTI2NjIyMzE0OTdjMjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbfuAIfKHJbIN/NtJIICDWVSb/xW
W57UYttCANW/rAwDrePlvHmy+jthD9MrWdSCkp44CY2Zw+BkMOFi7hXCfajdCBUg
pHKCZBCcrW2ysoJjgkO8A8xSydj6xZ16IviCmfsJjFVxGngyXTSUOUK+I482T/SR
g1ZIdkl5Kp2Hcz50NvtxOvFaIASev2znXaiSGu87FcgvzKk0BPNjNIu2XqJZuOSE
kqAUpqzEXJDOVIa87giYipzKFH7MVe+G2vtH1ex+NBiPxk/UCj+M18KQGo9ZIxOi
i5POtFjW9/nn7mldjk8kVK0s+vGF3yCMBC5mT0r4iQFICqK2Zfv0SzTeOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCsc8dMLmxyhOxkFRpkmYiMUl8I2MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvS3h6eDB3dWJIS0U3R1FWR21TWmlJeFNYd2pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHdyMA0G
CSqGSIb3DQEBCwUAA4IBAQAjHUoAddaMu1HtIZzCWbSqWxOtt03lCFwYpJy0OZ7Y
nG67xmMwTqAXv2y2DHUGZ5f1yolj5MkRxNT0vYZQ/uTBEghqYUKgoci3fBZn5/UF
9RdcQsks5EofZ3vD9B3MXNtPxSG/ojoG2py+yZ+RXjofR3D9JUr0f2VCHUdDsp18
VB6EsllXsr8J0EReMa8t6izkvYjLMTWquwXdU8fGXFfTN6MUjTS74OYTydx02ZMJ
oZxZRZX0ES1ZTd086DJBzrpMkzw2nm43l6o3k1nrP2OdFixPElHeQwULLgrCH77x
HIfR39U+VocLY42sj2Szi3sTfmU32XggRlm5tgHsL1cK
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:13:07 2026 by rpki-client