Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KVRjxZ9s0_8Tlm3_5G1g5GCGPbY.roa
File: KVRjxZ9s0_8Tlm3_5G1g5GCGPbY.roa (raw, json)
Hash identifier: z7k03hsouFlLjW70rfVUo5HQwW0TZUHJjhGSz4YiiQw=
Subject key identifier: 29:54:63:C5:9F:6C:D3:FF:13:96:6D:FF:E4:6D:60:E4:60:86:3D:B6
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019961B608618A0BC30DAB18EA5062F89F22
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KVRjxZ9s0_8Tlm3_5G1g5GCGPbY.roa
Signing time: Fri 19 Sep 2025 11:22:23 +0000
ROA not before: Fri 19 Sep 2025 11:22:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 5.172.32.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.73.0/24 maxlen: 24
89.23.95.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:61:b6:08:61:8a:0b:c3:0d:ab:18:ea:50:62:f8:9f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Sep 19 11:22:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=295463c59f6cd3ff13966dffe46d60e460863db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:5b:6f:4a:e8:c1:25:23:4c:1f:66:81:7f:02:
b8:67:d8:97:da:b4:d9:c8:cc:f9:dd:26:3d:b3:4b:
bc:00:86:c1:b4:5e:56:2e:2f:b3:89:50:06:f9:52:
6a:49:7d:b0:04:eb:69:8c:e4:3b:73:2e:77:bb:b1:
08:d7:f3:66:56:64:d3:1a:2f:bc:09:be:c9:f6:40:
a2:4a:df:fc:7c:68:06:db:c7:67:b6:a1:6d:a8:a4:
2f:e5:b7:d4:7d:4f:27:af:44:80:f2:e5:82:6a:d8:
60:56:69:e4:94:50:14:39:83:cd:ca:b5:7a:fd:3e:
40:b1:73:b1:6b:ff:87:37:36:06:94:92:8f:44:98:
b9:fb:3d:a9:34:e0:72:cb:73:77:56:3b:f0:2e:20:
63:4c:58:ea:36:14:60:81:a9:a0:c9:93:f9:c6:e2:
7c:46:17:fa:ee:b2:bb:96:6f:6f:50:23:13:5c:f7:
be:80:c3:32:a8:43:a8:66:57:12:81:25:72:8b:65:
ed:cb:a8:e2:ff:f5:82:d8:92:7f:d3:34:7f:5d:d1:
11:1a:c7:15:87:3e:bc:50:f8:54:e0:92:7f:35:4c:
c6:b6:64:cd:e9:48:48:82:51:c0:ee:b2:eb:6a:86:
c7:85:1f:cf:5a:71:b9:ae:66:55:a0:2c:06:34:dd:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:54:63:C5:9F:6C:D3:FF:13:96:6D:FF:E4:6D:60:E4:60:86:3D:B6
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/KVRjxZ9s0_8Tlm3_5G1g5GCGPbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.73.0/24
89.23.95.0/24
109.111.241.0-109.111.242.255
109.111.251.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.185.0/24
185.157.45.0/24
185.157.47.0/24
Signature Algorithm: sha256WithRSAEncryption
57:c7:2d:af:bb:24:24:1f:a6:63:55:8b:c3:30:31:99:e7:d1:
f6:bd:ab:ca:ed:42:c7:6d:49:93:a7:6b:61:9b:ce:f1:00:a0:
af:aa:9f:cf:3e:0a:6f:e2:2f:04:54:48:fa:a2:6f:98:b9:8e:
4f:7b:90:af:0d:a0:c7:f2:a4:92:b7:5b:df:3e:c0:2b:77:1d:
ae:0d:30:0f:c7:c7:8a:9b:86:a9:3f:53:d0:ca:41:c2:ad:e9:
9c:0a:9b:53:20:70:2a:68:04:34:f2:14:ae:43:f9:6b:62:90:
ed:ce:77:5c:65:8f:cd:14:de:f3:34:42:4d:e6:5b:bd:78:4d:
92:5e:1c:65:ae:68:b9:77:c6:c0:78:a1:3d:19:20:86:8b:5a:
3c:1d:d2:f4:df:0e:aa:53:3b:9e:3b:e1:4b:05:e3:68:66:fa:
43:ee:b0:3d:98:b7:37:7a:df:ac:03:ec:4f:cf:94:47:25:3c:
71:d9:a0:b4:8c:b2:34:f9:ff:21:0b:fa:0f:6a:ee:f2:8e:6a:
4a:06:77:27:b7:fa:51:42:d8:c7:26:26:95:fb:5f:f9:a6:b1:
ed:6d:8c:46:a9:a0:e3:5f:cc:12:80:2b:2b:bb:68:88:f5:06:
11:03:74:ed:d2:0e:a8:63:74:22:99:f8:74:86:c9:8d:81:6a:
a8:ae:ae:b3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZlhtghhigvDDasY6lBi+J8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwOTE5MTEyMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU0NjNjNTlmNmNkM2ZmMTM5NjZkZmZlNDZkNjBlNDYwODYzZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VtvSujBJSNMH2aBfwK4Z9iX2rTZ
yMz53SY9s0u8AIbBtF5WLi+ziVAG+VJqSX2wBOtpjOQ7cy53u7EI1/NmVmTTGi+8
Cb7J9kCiSt/8fGgG28dntqFtqKQv5bfUfU8nr0SA8uWCathgVmnklFAUOYPNyrV6
/T5AsXOxa/+HNzYGlJKPRJi5+z2pNOByy3N3VjvwLiBjTFjqNhRggamgyZP5xuJ8
Rhf67rK7lm9vUCMTXPe+gMMyqEOoZlcSgSVyi2Xty6ji//WC2JJ/0zR/XdERGscV
hz68UPhU4JJ/NUzGtmTN6UhIglHA7rLraobHhR/PWnG5rmZVoCwGNN21SQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFClUY8WfbNP/E5Zt/+RtYORghj22MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvS1ZSanhaOXMwXzhUbG0zXzVHMWc1R0NHUGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABawgAwQA
WRdAAwQAWRdJAwQAWRdfMAwDBABtb/EDBABtb/IDBABtb/swDAMEBbL+oAMEALL+
ogMEALL+pAMEAbL+pjAMAwQAsv6tAwQAsv6uAwQAsv65AwQAuZ0tAwQAuZ0vMA0G
CSqGSIb3DQEBCwUAA4IBAQBXxy2vuyQkH6ZjVYvDMDGZ59H2vavK7ULHbUmTp2th
m87xAKCvqp/PPgpv4i8EVEj6om+YuY5Pe5CvDaDH8qSSt1vfPsArdx2uDTAPx8eK
m4apP1PQykHCremcCptTIHAqaAQ08hSuQ/lrYpDtzndcZY/NFN7zNEJN5lu9eE2S
Xhxlrmi5d8bAeKE9GSCGi1o8HdL03w6qUzueO+FLBeNoZvpD7rA9mLc3et+sA+xP
z5RHJTxx2aC0jLI0+f8hC/oPau7yjmpKBncnt/pRQtjHJiaV+1/5prHtbYxGqaDj
X8wSgCsru2iI9QYRA3Tt0g6oY3Qimfh0hsmNgWqorq6z
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:35:54 2025 by rpki-client