Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/KPusJPflkaA3HKEey0SN_9T2Wr8.roa
File: KPusJPflkaA3HKEey0SN_9T2Wr8.roa (raw, json)
Hash identifier: at8Qiz6f/WIMARODTQHuRfCIPIz+vJxdjK5jeIoLjV4=
Subject key identifier: 28:FB:AC:24:F7:E5:91:A0:37:1C:A1:1E:CB:44:8D:FF:D4:F6:5A:BF
Certificate issuer: /CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Certificate serial: 019937AAF8F840850D01F21533311293A43F
Authority key identifier: 66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/KPusJPflkaA3HKEey0SN_9T2Wr8.roa
Signing time: Thu 11 Sep 2025 07:26:15 +0000
ROA not before: Thu 11 Sep 2025 07:26:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28918
IP address blocks: 185.55.232.0/22 maxlen: 24
188.95.0.0/21 maxlen: 24
194.59.172.0/22 maxlen: 24
194.59.172.0/24 maxlen: 24
194.147.133.0/24 maxlen: 24
2a00:b400::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 11:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:aa:f8:f8:40:85:0d:01:f2:15:33:31:12:93:a4:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d2f64c337465ed38da5f7cc4584df87d4a744
Validity
Not Before: Sep 11 07:26:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28fbac24f7e591a0371ca11ecb448dffd4f65abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:21:54:05:68:e7:d4:4b:3b:10:ec:28:30:
fb:ea:3e:72:53:10:7c:73:99:ea:f8:ee:53:09:f5:
5e:f1:9a:ec:7f:72:93:c5:a8:1a:d9:54:e4:35:24:
32:90:78:00:ac:ff:07:10:48:f9:29:66:34:b0:63:
9e:e0:54:02:80:26:0c:0e:90:2e:20:34:08:fb:1c:
c7:e4:93:f2:76:4b:01:72:33:4b:1d:d6:2c:73:6e:
d5:97:60:2b:c2:89:61:e4:ed:2c:46:37:13:ab:b0:
d6:a4:6f:8f:46:50:4c:b4:95:59:ef:0b:e1:db:0f:
f1:a4:17:62:9b:f8:5b:78:2b:db:96:44:73:1d:cd:
53:55:72:79:c6:6b:9f:15:1e:c3:8e:2f:b5:05:af:
62:f7:83:67:14:62:94:79:7c:52:0a:29:5c:ad:d4:
c5:cd:08:83:36:ec:cb:ea:e0:7f:6e:c1:d5:78:a5:
51:5c:c9:59:a3:3d:58:31:88:e0:3d:89:db:db:be:
68:a4:aa:3d:5e:d5:f5:46:81:b6:fd:b4:56:b7:67:
47:2d:da:99:c4:e8:49:34:2a:05:b0:8e:86:0f:f4:
58:95:2d:86:00:b9:5f:de:a4:e1:f7:e7:90:69:81:
f5:f8:c9:48:ea:c9:94:0d:c7:4d:da:fa:73:30:1f:
5f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FB:AC:24:F7:E5:91:A0:37:1C:A1:1E:CB:44:8D:FF:D4:F6:5A:BF
X509v3 Authority Key Identifier:
keyid:66:8D:2F:64:C3:37:46:5E:D3:8D:A5:F7:CC:45:84:DF:87:D4:A7:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/KPusJPflkaA3HKEey0SN_9T2Wr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/828b0f-80e8-427b-971d-38bbcfaee6ce/1/Zo0vZMM3Rl7TjaX3zEWE34fUp0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.55.232.0/22
188.95.0.0/21
194.59.172.0/22
194.147.133.0/24
IPv6:
2a00:b400::/29
Signature Algorithm: sha256WithRSAEncryption
08:ec:d1:19:94:49:1f:5e:0d:ba:04:21:35:31:e5:61:75:ed:
79:11:e3:85:bc:1a:af:17:68:b1:85:b2:01:f7:4d:f5:b3:69:
b2:9f:75:fd:9d:6d:89:c1:c0:ba:04:6e:5e:8e:5b:1e:71:65:
06:80:f7:ad:57:5f:48:c5:a8:8f:d0:26:d1:e2:eb:ff:60:a0:
75:e2:ba:9e:df:c3:41:70:74:05:b1:fa:46:2d:4f:c7:aa:41:
78:2e:21:70:ae:4c:18:18:ed:b7:f9:29:fe:a6:7b:de:7d:59:
13:a5:f2:84:f3:50:72:0c:03:2f:d1:f8:a5:54:22:02:97:39:
04:ed:ea:b1:d3:86:f1:ba:b1:d8:a0:57:d4:7b:88:fd:a9:39:
c2:7b:30:53:2f:04:14:e3:6f:1e:08:ec:d8:14:cf:bc:89:36:
ac:cc:62:da:ca:25:ee:c9:43:95:db:8a:70:c8:d7:a0:17:c2:
18:fd:2e:bc:dc:b6:33:19:4b:c6:68:51:12:0b:38:ab:58:39:
3b:5c:44:a6:c6:cb:3a:97:19:2b:d6:f6:d1:c9:01:9d:4e:2b:
83:79:49:67:91:49:69:28:fb:19:58:1e:dc:3a:75:e5:28:c6:
76:9e:36:da:3d:1f:51:e6:a4:0b:ce:69:de:52:c3:0a:1f:e3:
46:89:19:3e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZk3qvj4QIUNAfIVMzESk6Q/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2OGQyZjY0YzMzNzQ2NWVkMzhkYTVmN2NjNDU4NGRmODdk
NGE3NDQwHhcNMjUwOTExMDcyNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZiYWMyNGY3ZTU5MWEwMzcxY2ExMWVjYjQ0OGRmZmQ0ZjY1YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0khVAVo59RLOxDsKDD76j5yUxB8
c5nq+O5TCfVe8Zrsf3KTxaga2VTkNSQykHgArP8HEEj5KWY0sGOe4FQCgCYMDpAu
IDQI+xzH5JPydksBcjNLHdYsc27Vl2Arwolh5O0sRjcTq7DWpG+PRlBMtJVZ7wvh
2w/xpBdim/hbeCvblkRzHc1TVXJ5xmufFR7Dji+1Ba9i94NnFGKUeXxSCilcrdTF
zQiDNuzL6uB/bsHVeKVRXMlZoz1YMYjgPYnb275opKo9XtX1RoG2/bRWt2dHLdqZ
xOhJNCoFsI6GD/RYlS2GALlf3qTh9+eQaYH1+MlI6smUDcdN2vpzMB9fWwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCj7rCT35ZGgNxyhHstEjf/U9lq/MB8GA1UdIwQY
MBaAFGaNL2TDN0Ze042l98xFhN+H1KdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQt
MzhiYmNmYWVlNmNlLzEvS1B1c0pQZmxrYUEzSEtFZXkwU05fOVQyV3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS84MjhiMGYtODBlOC00MjdiLTk3MWQtMzhiYmNmYWVlNmNl
LzEvWm8wdlpNTTNSbDdUamFYM3pFV0UzNGZVcDBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuTfoAwQD
vF8AAwQCwjusAwQAwpOFMA0EAgACMAcDBQMqALQAMA0GCSqGSIb3DQEBCwUAA4IB
AQAI7NEZlEkfXg26BCE1MeVhde15EeOFvBqvF2ixhbIB9031s2myn3X9nW2JwcC6
BG5ejlsecWUGgPetV19IxaiP0CbR4uv/YKB14rqe38NBcHQFsfpGLU/HqkF4LiFw
rkwYGO23+Sn+pnvefVkTpfKE81ByDAMv0filVCIClzkE7eqx04bxurHYoFfUe4j9
qTnCezBTLwQU428eCOzYFM+8iTaszGLayiXuyUOV24pwyNegF8IY/S683LYzGUvG
aFESCzirWDk7XESmxss6lxkr1vbRyQGdTiuDeUlnkUlpKPsZWB7cOnXlKMZ2njba
PR9R5qQLzmneUsMKH+NGiRk+
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:22:42 2025 by rpki-client