Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KP0a7UICooQ-3jHfqjEjBoGx1Qo.roa
File: KP0a7UICooQ-3jHfqjEjBoGx1Qo.roa (raw, json)
Hash identifier: uHH3yzbwsF8Yb5Wkc4gIQ80iaj+70XNOz0k++igvr0U=
Subject key identifier: 28:FD:1A:ED:42:02:A2:84:3E:DE:31:DF:AA:31:23:06:81:B1:D5:0A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01999AFEA183A832F63EB3AECFB37D6D7C68
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KP0a7UICooQ-3jHfqjEjBoGx1Qo.roa
Signing time: Tue 30 Sep 2025 14:20:02 +0000
ROA not before: Tue 30 Sep 2025 14:20:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44682
IP address blocks: 2a05:b680:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:fe:a1:83:a8:32:f6:3e:b3:ae:cf:b3:7d:6d:7c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 30 14:20:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28fd1aed4202a2843ede31dfaa31230681b1d50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:73:b2:79:d2:82:9c:06:d1:37:c5:3f:be:
fd:53:17:fa:f1:40:25:5d:67:5f:28:23:70:a5:df:
5a:17:ca:6e:dc:62:ce:d4:c0:de:a9:e2:65:d7:89:
1c:16:a7:ad:e7:a5:e8:45:7c:7f:c2:cb:16:22:0e:
fb:f3:94:cc:4d:d9:cc:74:58:22:df:58:f4:df:01:
16:05:97:d5:b2:f5:d0:d7:c4:7f:20:fa:5e:87:65:
07:89:ad:6e:44:b9:dc:44:58:d0:ed:bb:76:08:c9:
a0:71:77:28:54:9a:99:1a:d3:12:fe:40:73:f6:b4:
98:3e:69:d8:b7:ff:01:4d:d8:8e:a0:82:65:dc:73:
fb:22:cb:6a:00:ee:1b:5e:e0:4a:ae:d0:ae:f0:30:
b2:82:02:4f:3a:d1:de:e2:9d:d1:6d:d8:fd:45:e3:
88:56:4c:a9:83:dc:3c:e8:0a:ac:a3:5f:f2:09:09:
c5:03:d9:18:9f:31:ca:e3:1b:30:44:57:b7:22:d7:
3e:7d:dd:47:1b:d4:a6:01:28:6f:18:b2:2d:d5:3f:
73:da:24:79:86:0d:b8:8b:0b:f5:10:bb:04:4d:dc:
f0:12:f3:da:61:77:4e:46:9f:7e:b7:4b:39:d0:2f:
e6:5f:7c:6b:d8:fe:6b:82:91:96:a3:b9:7d:a5:ce:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FD:1A:ED:42:02:A2:84:3E:DE:31:DF:AA:31:23:06:81:B1:D5:0A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/KP0a7UICooQ-3jHfqjEjBoGx1Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b680:10::/48
Signature Algorithm: sha256WithRSAEncryption
ba:7a:d2:af:67:cc:aa:b1:79:8e:61:2f:a1:e3:a8:93:e4:31:
34:c6:99:b5:8d:f9:9d:10:18:35:68:8f:85:28:46:9b:28:36:
7b:aa:0e:f0:d6:d8:9a:d9:5c:08:f3:99:4f:c9:f2:f7:ea:7f:
49:43:b0:1b:73:ec:62:9b:e2:94:41:eb:ff:70:97:5b:5e:d4:
a0:65:a4:08:41:b7:53:d9:04:cf:7d:66:e8:3c:cb:b1:db:c8:
ad:eb:6e:fc:e3:65:86:2b:71:da:2b:70:5c:5d:4c:88:fc:81:
70:fd:a0:91:c0:b7:34:fc:91:bc:00:80:13:9d:48:c6:d3:26:
3b:82:fb:a3:e8:e0:66:b1:d2:f1:c6:18:c5:e4:7e:67:59:7a:
df:85:5a:c1:5a:2b:d0:28:87:1f:33:af:da:12:14:ff:57:8b:
98:6b:8c:87:0e:d0:1f:e1:3a:6d:da:1c:56:40:d7:cb:9e:51:
81:27:10:b0:c6:00:cf:f3:41:74:64:a7:ff:76:dc:4d:75:8d:
f0:1f:a8:67:e3:ff:16:8a:0d:00:73:5b:64:2b:24:ad:e8:1e:
0f:1f:94:5b:5c:68:40:4b:3e:5c:f8:2e:7b:70:66:e4:1c:ac:
0e:e3:f3:8d:11:65:83:1f:f6:28:5b:36:4c:20:a3:b9:87:79:
07:de:f6:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZma/qGDqDL2PrOuz7N9bXxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwOTMwMTQyMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZkMWFlZDQyMDJhMjg0M2VkZTMxZGZhYTMxMjMwNjgxYjFkNTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8tzsnnSgpwG0TfFP779Uxf68UAl
XWdfKCNwpd9aF8pu3GLO1MDeqeJl14kcFqet56XoRXx/wssWIg7785TMTdnMdFgi
31j03wEWBZfVsvXQ18R/IPpeh2UHia1uRLncRFjQ7bt2CMmgcXcoVJqZGtMS/kBz
9rSYPmnYt/8BTdiOoIJl3HP7IstqAO4bXuBKrtCu8DCyggJPOtHe4p3Rbdj9ReOI
Vkypg9w86Aqso1/yCQnFA9kYnzHK4xswRFe3Itc+fd1HG9SmAShvGLIt1T9z2iR5
hg24iwv1ELsETdzwEvPaYXdORp9+t0s50C/mX3xr2P5rgpGWo7l9pc73twIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCj9Gu1CAqKEPt4x36oxIwaBsdUKMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvS1AwYTdVSUNvb1EtM2pIZnFqRWpCb0d4MVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgW2gAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC6etKvZ8yqsXmOYS+h46iT5DE0xpm1jfmdEBg1
aI+FKEabKDZ7qg7w1tia2VwI85lPyfL36n9JQ7Abc+xim+KUQev/cJdbXtSgZaQI
QbdT2QTPfWboPMux28it627842WGK3HaK3BcXUyI/IFw/aCRwLc0/JG8AIATnUjG
0yY7gvuj6OBmsdLxxhjF5H5nWXrfhVrBWivQKIcfM6/aEhT/V4uYa4yHDtAf4Tpt
2hxWQNfLnlGBJxCwxgDP80F0ZKf/dtxNdY3wH6hn4/8Wig0Ac1tkKySt6B4PH5Rb
XGhASz5c+C57cGbkHKwO4/ONEWWDH/YoWzZMIKO5h3kH3vYm
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:04 2025 by rpki-client