Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/KGS-Ow6A03MOKlHJ9LJVMtiBgW0.roa
File: KGS-Ow6A03MOKlHJ9LJVMtiBgW0.roa (raw, json)
Hash identifier: lxkwB0qJKRw+RSgtKN8/eEY99vYwlT+z5ybpbYKDhpI=
Subject key identifier: 28:64:BE:3B:0E:80:D3:73:0E:2A:51:C9:F4:B2:55:32:D8:81:81:6D
Certificate issuer: /CN=f63fc5a11f96168267a08d8e50ada48383420b98
Certificate serial: 019C6F7C268AE14BC742A42BF80B855DAE03
Authority key identifier: F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/KGS-Ow6A03MOKlHJ9LJVMtiBgW0.roa
Signing time: Wed 18 Feb 2026 06:42:13 +0000
ROA not before: Wed 18 Feb 2026 06:42:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62288
IP address blocks: 185.33.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.mft
rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 06:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6f:7c:26:8a:e1:4b:c7:42:a4:2b:f8:0b:85:5d:ae:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f63fc5a11f96168267a08d8e50ada48383420b98
Validity
Not Before: Feb 18 06:42:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2864be3b0e80d3730e2a51c9f4b25532d881816d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2d:ee:96:cd:3e:e2:ee:10:70:6f:d0:5a:ee:
65:66:cf:e7:a2:2f:7a:18:13:ac:40:cd:99:65:4c:
47:ab:34:18:c8:01:39:75:7c:e6:24:0d:f7:8e:89:
09:1d:20:95:52:cc:40:96:d9:38:a2:f2:50:e2:41:
2e:5b:48:bf:4b:10:f5:60:32:51:5d:bd:62:a7:b2:
d4:6e:4b:ad:5d:70:6f:6f:0f:47:7d:3f:11:b6:09:
cd:2e:39:1f:65:06:66:40:a9:df:d9:1d:7b:05:e8:
01:4c:bb:d8:fe:a3:4f:f9:2a:82:0b:49:86:08:ca:
cf:77:7a:05:fa:f1:a8:c7:3b:de:b0:16:0d:b7:1b:
59:c5:aa:ae:3b:d0:11:e0:72:ca:fd:90:d2:33:38:
7a:89:6e:74:02:cb:3f:7b:a5:ce:65:90:55:21:90:
75:1c:c4:23:10:16:1e:0f:aa:42:51:dc:18:3b:06:
2e:8c:92:80:30:06:21:45:8f:0a:06:d9:b8:da:6c:
97:95:14:fa:21:6a:78:33:2b:3e:13:e1:ef:5d:f1:
f6:af:ef:e6:fe:56:da:0f:01:43:1c:f9:de:d1:a6:
10:a1:c9:06:d1:4c:64:19:29:09:af:ed:53:ba:bb:
5e:c4:d7:e7:46:ec:ef:7c:56:55:d1:81:39:f5:69:
b7:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:64:BE:3B:0E:80:D3:73:0E:2A:51:C9:F4:B2:55:32:D8:81:81:6D
X509v3 Authority Key Identifier:
keyid:F6:3F:C5:A1:1F:96:16:82:67:A0:8D:8E:50:AD:A4:83:83:42:0B:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9j_FoR-WFoJnoI2OUK2kg4NCC5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/KGS-Ow6A03MOKlHJ9LJVMtiBgW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/514437-93ea-48c1-9127-8b7716354c8d/1/9j_FoR-WFoJnoI2OUK2kg4NCC5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.160.0/24
Signature Algorithm: sha256WithRSAEncryption
78:6b:80:9b:91:3e:a1:47:c9:01:50:79:ed:cb:0e:c0:e2:c8:
b1:b6:02:73:21:8b:4d:a6:aa:6a:c2:39:02:a0:92:16:89:ce:
26:47:c9:f5:69:4f:80:d6:6a:c6:5f:af:7b:95:82:65:73:8a:
96:73:94:92:0b:b8:5a:13:1d:b7:e9:e7:b3:b9:13:d2:b9:b2:
58:8a:21:63:c2:f0:cc:9d:6e:17:3b:78:ef:e3:af:1c:72:7f:
2f:93:68:dc:59:84:a0:49:c2:75:be:88:c1:27:23:ad:f2:d2:
94:ee:ea:9a:ff:de:ca:99:7c:34:57:77:92:27:74:05:a2:e6:
43:7b:39:34:84:4b:78:3c:1c:04:c1:87:f9:ef:32:8c:95:02:
4f:81:71:4c:5a:8d:28:3a:30:3b:f6:7e:33:30:2c:31:3a:b1:
8e:f3:e2:a2:27:75:a0:e7:07:c8:bc:d9:d0:7d:bf:89:5e:4d:
99:0c:67:65:99:ce:ff:57:31:51:b0:dc:39:60:58:85:0a:10:
31:75:f2:c2:23:39:9e:7c:93:ec:08:10:d4:cb:bd:01:80:34:
1b:d1:27:52:75:6b:90:6b:8b:7a:2b:d9:3c:c6:a0:09:20:d8:
fd:73:2d:c7:62:14:7b:1b:50:68:df:72:ea:34:9d:fd:f8:a8:
79:55:d7:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxvfCaK4UvHQqQr+AuFXa4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2M2ZjNWExMWY5NjE2ODI2N2EwOGQ4ZTUwYWRhNDgzODM0
MjBiOTgwHhcNMjYwMjE4MDY0MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODY0YmUzYjBlODBkMzczMGUyYTUxYzlmNGIyNTUzMmQ4ODE4MTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6y3uls0+4u4QcG/QWu5lZs/noi96
GBOsQM2ZZUxHqzQYyAE5dXzmJA33jokJHSCVUsxAltk4ovJQ4kEuW0i/SxD1YDJR
Xb1ip7LUbkutXXBvbw9HfT8RtgnNLjkfZQZmQKnf2R17BegBTLvY/qNP+SqCC0mG
CMrPd3oF+vGoxzvesBYNtxtZxaquO9AR4HLK/ZDSMzh6iW50Ass/e6XOZZBVIZB1
HMQjEBYeD6pCUdwYOwYujJKAMAYhRY8KBtm42myXlRT6IWp4Mys+E+HvXfH2r+/m
/lbaDwFDHPne0aYQockG0UxkGSkJr+1TurtexNfnRuzvfFZV0YE59Wm31QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFChkvjsOgNNzDipRyfSyVTLYgYFtMB8GA1UdIwQY
MBaAFPY/xaEflhaCZ6CNjlCtpIODQguYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjct
OGI3NzE2MzU0YzhkLzEvS0dTLU93NkEwM01PS2xISjlMSlZNdGlCZ1cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi81MTQ0MzctOTNlYS00OGMxLTkxMjctOGI3NzE2MzU0Yzhk
LzEvOWpfRm9SLVdGb0pub0kyT1VLMmtnNE5DQzVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSGgMA0G
CSqGSIb3DQEBCwUAA4IBAQB4a4CbkT6hR8kBUHntyw7A4sixtgJzIYtNpqpqwjkC
oJIWic4mR8n1aU+A1mrGX697lYJlc4qWc5SSC7haEx236eezuRPSubJYiiFjwvDM
nW4XO3jv468ccn8vk2jcWYSgScJ1vojBJyOt8tKU7uqa/97KmXw0V3eSJ3QFouZD
ezk0hEt4PBwEwYf57zKMlQJPgXFMWo0oOjA79n4zMCwxOrGO8+KiJ3Wg5wfIvNnQ
fb+JXk2ZDGdlmc7/VzFRsNw5YFiFChAxdfLCIzmefJPsCBDUy70BgDQb0SdSdWuQ
a4t6K9k8xqAJINj9cy3HYhR7G1Bo33LqNJ39+Kh5VddN
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:49 2026 by rpki-client