Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/kmLiHNRRpwOnM7rn20oNf2vg9Dc.roa
File: kmLiHNRRpwOnM7rn20oNf2vg9Dc.roa (raw, json)
Hash identifier: 3Uo+lrCMzfAdaBvj61plQUI9wF4wWfccEoe9UjEWqq8=
Subject key identifier: 92:62:E2:1C:D4:51:A7:03:A7:33:BA:E7:DB:4A:0D:7F:6B:E0:F4:37
Certificate issuer: /CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Certificate serial: 0199CDAB472C82513C0DDE7406EB4F32ED83
Authority key identifier: 63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/kmLiHNRRpwOnM7rn20oNf2vg9Dc.roa
Signing time: Fri 10 Oct 2025 10:29:38 +0000
ROA not before: Fri 10 Oct 2025 10:29:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208909
IP address blocks: 46.253.32.0/24 maxlen: 24
46.253.33.0/24 maxlen: 24
46.253.34.0/24 maxlen: 24
46.253.35.0/24 maxlen: 24
46.253.36.0/24 maxlen: 24
46.253.37.0/24 maxlen: 24
46.253.38.0/24 maxlen: 24
46.253.39.0/24 maxlen: 24
185.58.172.0/24 maxlen: 24
185.58.173.0/24 maxlen: 24
185.58.174.0/24 maxlen: 24
185.58.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:ab:47:2c:82:51:3c:0d:de:74:06:eb:4f:32:ed:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63f14f8e144c6d50c38ab4faff5ac6e547fe1d47
Validity
Not Before: Oct 10 10:29:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9262e21cd451a703a733bae7db4a0d7f6be0f437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:a7:4a:89:d7:a2:20:49:36:aa:3b:6d:0f:
f3:cc:e0:d3:1f:cf:8e:e0:cb:30:88:63:ac:77:23:
a4:31:d9:64:78:a8:63:77:8c:30:0c:64:ca:55:64:
ae:88:13:78:ca:96:08:fb:72:58:ca:32:40:6f:fa:
ce:6b:d2:d0:27:d3:5b:9d:c3:65:65:11:96:25:ce:
99:72:22:9f:55:24:a7:d9:8e:33:36:79:b5:e4:5e:
16:67:22:a1:3d:99:39:73:7c:1b:26:8c:7d:36:98:
ff:c0:80:2c:84:e0:8c:0c:b0:cf:a5:b8:12:c8:8f:
01:33:83:4c:8e:a5:06:74:6d:ae:5e:26:cb:d7:84:
89:32:24:27:f3:e1:4f:70:a6:e7:d7:a3:12:a6:29:
d0:39:7d:c7:c4:1d:38:f5:4e:88:24:e7:f0:09:2f:
89:e8:3c:f6:de:c8:79:f5:51:7a:b7:d0:5a:03:ab:
a1:7a:63:d8:37:67:89:a0:64:53:d5:0d:31:ed:b6:
bd:76:47:67:46:70:5a:80:2d:7c:c1:12:0a:b4:37:
5d:71:e3:f5:56:ae:4f:6f:18:c6:e4:1e:6d:89:5e:
dc:64:d0:29:7a:6e:a4:98:9e:e4:d5:35:81:b8:39:
fc:c1:81:d6:e2:d8:3d:6a:be:5a:2b:f8:b9:7e:35:
68:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:62:E2:1C:D4:51:A7:03:A7:33:BA:E7:DB:4A:0D:7F:6B:E0:F4:37
X509v3 Authority Key Identifier:
keyid:63:F1:4F:8E:14:4C:6D:50:C3:8A:B4:FA:FF:5A:C6:E5:47:FE:1D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/kmLiHNRRpwOnM7rn20oNf2vg9Dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/7b0aae-9d27-4951-bab7-da394384e925/1/Y_FPjhRMbVDDirT6_1rG5Uf-HUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.32.0/21
185.58.172.0/22
Signature Algorithm: sha256WithRSAEncryption
36:6e:93:8b:7a:0c:3a:1b:d4:83:c2:1f:21:96:ab:3a:92:3a:
c0:24:7f:4c:15:27:5a:47:f8:cd:d9:a8:0d:f0:d5:ad:cd:34:
8a:bb:de:e1:a2:69:3f:84:a4:66:96:98:6d:ee:3b:87:90:9e:
25:f8:9f:80:bd:06:e5:33:79:89:fd:be:15:47:50:e2:a9:96:
fc:4b:a3:79:d1:62:ae:aa:9b:40:59:14:77:56:ed:78:c0:b9:
1b:a4:be:3b:5e:e2:99:ec:1d:b8:7c:b8:cb:de:4d:19:ae:b5:
3a:46:51:8a:ae:c7:46:c5:53:75:d8:5e:bb:d8:9a:5a:a9:0a:
bd:d7:ac:6c:bd:ef:62:55:51:04:72:4f:aa:ef:99:bb:bb:53:
18:26:73:49:56:66:d2:f5:fa:20:61:21:4f:c8:f1:6e:9f:e7:
df:13:47:ab:17:33:4b:6c:c7:71:60:d5:9d:7c:ef:19:3d:3f:
41:26:6b:e6:30:30:cb:60:85:4b:43:ce:53:fb:3d:49:61:ed:
72:18:10:b5:35:1c:64:f2:23:50:0d:d0:30:fe:27:79:76:82:
90:1d:21:26:41:f8:7d:0a:0d:94:ea:38:2d:34:fe:e3:54:1d:
78:ab:87:a0:42:c3:69:d2:ff:5f:a0:6e:c1:c9:26:da:89:57:
1f:ea:78:85
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnNq0csglE8Dd50ButPMu2DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZjE0ZjhlMTQ0YzZkNTBjMzhhYjRmYWZmNWFjNmU1NDdm
ZTFkNDcwHhcNMjUxMDEwMTAyOTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjYyZTIxY2Q0NTFhNzAzYTczM2JhZTdkYjRhMGQ3ZjZiZTBmNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovanSonXoiBJNqo7bQ/zzODTH8+O
4MswiGOsdyOkMdlkeKhjd4wwDGTKVWSuiBN4ypYI+3JYyjJAb/rOa9LQJ9NbncNl
ZRGWJc6ZciKfVSSn2Y4zNnm15F4WZyKhPZk5c3wbJox9Npj/wIAshOCMDLDPpbgS
yI8BM4NMjqUGdG2uXibL14SJMiQn8+FPcKbn16MSpinQOX3HxB049U6IJOfwCS+J
6Dz23sh59VF6t9BaA6uhemPYN2eJoGRT1Q0x7ba9dkdnRnBagC18wRIKtDddceP1
Vq5PbxjG5B5tiV7cZNApem6kmJ7k1TWBuDn8wYHW4tg9ar5aK/i5fjVonQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJJi4hzUUacDpzO659tKDX9r4PQ3MB8GA1UdIwQY
MBaAFGPxT44UTG1Qw4q0+v9axuVH/h1HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjct
ZGEzOTQzODRlOTI1LzEva21MaUhOUlJwd09uTTdybjIwb05mMnZnOURjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS83YjBhYWUtOWQyNy00OTUxLWJhYjctZGEzOTQzODRlOTI1
LzEvWV9GUGpoUk1iVkREaXJUNl8xckc1VWYtSFVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv0gAwQC
uTqsMA0GCSqGSIb3DQEBCwUAA4IBAQA2bpOLegw6G9SDwh8hlqs6kjrAJH9MFSda
R/jN2agN8NWtzTSKu97homk/hKRmlpht7juHkJ4l+J+AvQblM3mJ/b4VR1DiqZb8
S6N50WKuqptAWRR3Vu14wLkbpL47XuKZ7B24fLjL3k0ZrrU6RlGKrsdGxVN12F67
2JpaqQq916xsve9iVVEEck+q75m7u1MYJnNJVmbS9fogYSFPyPFun+ffE0erFzNL
bMdxYNWdfO8ZPT9BJmvmMDDLYIVLQ85T+z1JYe1yGBC1NRxk8iNQDdAw/id5doKQ
HSEmQfh9Cg2U6jgtNP7jVB14q4egQsNp0v9foG7BySbaiVcf6niF
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:47 2025 by rpki-client