
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/1-kr61b-3_aXUZGxRZ8mV21GduAM.roa
File: 1-kr61b-3_aXUZGxRZ8mV21GduAM.roa (raw, json)
Hash identifier: bZePdsV0VqjTYXEQCQFQ/dqlJA0q1rB9sV9slhxQu28=
Subject key identifier: FA:4A:FA:D5:BF:B7:FD:A5:D4:64:6C:51:67:C9:95:DB:51:9D:B8:03
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 0199B66BC6CB7DA28C5BC3C6F9D6DEEEE4B5
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/1-kr61b-3_aXUZGxRZ8mV21GduAM.roa
Signing time: Sun 05 Oct 2025 22:09:00 +0000
ROA not before: Sun 05 Oct 2025 22:09:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38047
IP address blocks: 2a14:67c1:d200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b6:6b:c6:cb:7d:a2:8c:5b:c3:c6:f9:d6:de:ee:e4:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Oct 5 22:09:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa4afad5bfb7fda5d4646c5167c995db519db803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fe:a5:f1:ef:f1:ab:6f:e3:9d:4a:69:39:17:
af:92:fa:77:cf:0b:95:76:b0:1e:d3:4c:ca:76:d0:
48:a1:c5:69:fd:6a:74:8f:42:90:33:eb:d7:7c:3d:
f1:01:9d:ac:78:e7:43:2a:86:e1:bc:aa:5c:b3:0e:
7d:88:95:e5:cd:a2:f2:0a:7c:19:b3:0e:6d:fb:3b:
27:1d:7a:64:46:ac:19:59:67:0c:e5:0e:67:16:5e:
72:71:ed:ba:0a:88:9a:c0:ae:93:23:85:8e:a5:83:
2b:f7:9a:41:5b:d3:a6:46:5d:26:69:ee:17:bd:a9:
83:ef:01:35:db:67:be:2f:2f:91:40:4d:49:17:68:
60:81:6a:2d:7b:1d:7d:65:a6:75:24:50:c3:2e:12:
9e:a3:1a:7c:6d:7e:82:76:45:eb:3f:60:b8:f0:d2:
de:df:d7:43:65:5b:50:15:3d:30:43:3e:59:ab:10:
df:43:20:b7:00:7f:13:be:a7:6e:9f:3b:cd:1f:84:
7f:ee:13:2c:55:3e:b8:ae:25:4c:42:0a:e1:da:bf:
9c:30:68:69:44:70:e6:68:1d:cf:0b:e0:f7:d5:9a:
8a:60:a5:b8:16:d9:77:9f:dd:95:f9:6d:5c:1f:e4:
b5:89:1d:d8:ac:62:9c:2a:89:cb:dc:76:93:e3:43:
4f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4A:FA:D5:BF:B7:FD:A5:D4:64:6C:51:67:C9:95:DB:51:9D:B8:03
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/1-kr61b-3_aXUZGxRZ8mV21GduAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:d200::/40
Signature Algorithm: sha256WithRSAEncryption
a7:24:85:7c:a2:db:d7:65:e8:c9:48:9f:c7:67:48:a9:ff:45:
65:8d:2c:b0:4e:37:36:8e:ca:82:01:fa:61:c7:c9:0a:94:d9:
a4:6d:05:6d:bc:55:7c:a0:5d:a8:d2:81:ee:09:bf:90:a8:6d:
4c:be:e5:06:1c:d9:2d:ee:1b:14:26:fb:12:19:76:9f:7d:3e:
65:51:57:eb:50:47:ff:d6:84:5e:72:57:e7:23:3b:b8:f2:9c:
01:7b:87:2b:98:1f:7a:78:a5:12:37:3b:8e:24:49:d7:bd:2c:
f5:c9:60:de:18:cb:db:1a:cd:46:61:32:8c:9a:5d:f3:7f:c9:
33:7e:55:b2:0a:20:1c:d9:b4:97:1c:6a:5b:99:72:cb:2a:81:
ac:e0:bb:27:9c:56:b1:72:d6:34:67:a2:99:af:64:5f:52:c6:
cf:2b:a7:d7:df:54:71:c1:f0:4a:2c:9e:de:e1:d5:da:38:e5:
c2:ca:b9:e2:5a:7c:dc:fe:a9:a8:98:d1:de:5f:e4:54:34:a2:
94:a6:62:eb:58:53:c8:ab:78:ed:39:9d:2e:23:78:67:dc:d0:
94:ad:3a:c9:a7:bc:54:27:f9:28:a3:7d:89:44:ca:18:40:de:
b5:81:2e:88:e1:ed:5a:a8:97:c6:38:eb:31:e0:60:ab:28:9c:
ae:9e:cd:87
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZm2a8bLfaKMW8PG+dbe7uS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUxMDA1MjIwOTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRhZmFkNWJmYjdmZGE1ZDQ2NDZjNTE2N2M5OTVkYjUxOWRiODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/6l8e/xq2/jnUppORevkvp3zwuV
drAe00zKdtBIocVp/Wp0j0KQM+vXfD3xAZ2seOdDKobhvKpcsw59iJXlzaLyCnwZ
sw5t+zsnHXpkRqwZWWcM5Q5nFl5yce26CoiawK6TI4WOpYMr95pBW9OmRl0mae4X
vamD7wE122e+Ly+RQE1JF2hggWotex19ZaZ1JFDDLhKeoxp8bX6CdkXrP2C48NLe
39dDZVtQFT0wQz5ZqxDfQyC3AH8TvqdunzvNH4R/7hMsVT64riVMQgrh2r+cMGhp
RHDmaB3PC+D31ZqKYKW4Ftl3n92V+W1cH+S1iR3YrGKcKonL3HaT40NPtQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPpK+tW/t/2l1GRsUWfJldtRnbgDMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvMS1rcjYxYi0zX2FYVVpHeFJaOG1WMjFHZHVBTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDAvNzMyYjZjLTQ4ZTQtNDM1MC04YTU2LWY2Y2M0ZWYwZjdk
Zi8xL1pfTWIza1pSWTBmMDdmeS1NTzJzbWduazRPQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoUZ8HS
MA0GCSqGSIb3DQEBCwUAA4IBAQCnJIV8otvXZejJSJ/HZ0ip/0VljSywTjc2jsqC
Afphx8kKlNmkbQVtvFV8oF2o0oHuCb+QqG1MvuUGHNkt7hsUJvsSGXaffT5lUVfr
UEf/1oReclfnIzu48pwBe4crmB96eKUSNzuOJEnXvSz1yWDeGMvbGs1GYTKMml3z
f8kzflWyCiAc2bSXHGpbmXLLKoGs4LsnnFaxctY0Z6KZr2RfUsbPK6fX31RxwfBK
LJ7e4dXaOOXCyrniWnzc/qmomNHeX+RUNKKUpmLrWFPIq3jtOZ0uI3hn3NCUrTrJ
p7xUJ/koo32JRMoYQN61gS6I4e1aqJfGOOsx4GCrKJyuns2H
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:29:28 2025 by rpki-client