
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/KbkgC7W04AC2dfiCKLffjYIdfm0.roa
File: KbkgC7W04AC2dfiCKLffjYIdfm0.roa (raw, json)
Hash identifier: b+1XnR1qClXgo0+h2XFqiEy+RpYXEzB0EWpEqBHm3rM=
Subject key identifier: 29:B9:20:0B:B5:B4:E0:00:B6:75:F8:82:28:B7:DF:8D:82:1D:7E:6D
Certificate issuer: /CN=6b6199e55c353ef7f3d2bf4a4fe38dd1a0ad8565
Certificate serial: 01997A6242745B4D957296ED93C227E1FE32
Authority key identifier: 6B:61:99:E5:5C:35:3E:F7:F3:D2:BF:4A:4F:E3:8D:D1:A0:AD:85:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/KbkgC7W04AC2dfiCKLffjYIdfm0.roa
Signing time: Wed 24 Sep 2025 06:21:23 +0000
ROA not before: Wed 24 Sep 2025 06:21:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61395
IP address blocks: 5.83.56.0/21 maxlen: 21
2a04:680::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:62:42:74:5b:4d:95:72:96:ed:93:c2:27:e1:fe:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b6199e55c353ef7f3d2bf4a4fe38dd1a0ad8565
Validity
Not Before: Sep 24 06:21:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29b9200bb5b4e000b675f88228b7df8d821d7e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:18:4b:61:fe:1f:4b:cb:14:01:51:09:07:e7:
b3:9c:7f:25:40:2f:25:05:d6:e8:af:8d:44:00:52:
f7:c0:f8:cb:8c:4a:3c:ec:57:d0:fd:65:56:63:c0:
e2:b2:c0:0d:56:db:ab:de:5b:74:09:ff:73:b2:0f:
11:b7:3b:55:41:b9:56:a3:2d:f3:fc:a9:ac:c9:74:
52:a5:2c:5e:a2:01:a3:1c:a7:eb:da:8d:2b:78:e0:
23:ec:56:c0:d0:3d:ad:8c:d4:68:f0:88:70:79:af:
af:a3:0b:64:4e:41:e3:a7:cc:45:08:72:bb:81:e4:
67:5c:e3:7d:77:db:bb:a3:1d:16:3f:54:56:39:ef:
8a:c1:f8:c0:97:e3:ef:80:db:f2:e1:cb:2e:07:42:
ed:9d:3f:69:c9:20:7f:8d:fa:fb:2e:05:26:29:e6:
2a:a0:ff:b5:1f:05:60:ca:f2:96:81:3e:9e:42:85:
02:06:2d:75:76:86:a0:b8:67:8b:45:e0:fb:1a:ee:
3b:76:9e:72:4f:ee:9e:12:ee:b2:b7:ed:1e:5e:a7:
33:2c:a8:98:7c:a3:90:5a:c1:bc:b2:4c:2f:f7:98:
82:df:1b:c2:de:f1:fe:1b:2c:69:f3:a0:f9:f5:05:
73:33:9c:b6:df:41:83:12:ea:d2:8a:69:c2:0e:3f:
08:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B9:20:0B:B5:B4:E0:00:B6:75:F8:82:28:B7:DF:8D:82:1D:7E:6D
X509v3 Authority Key Identifier:
keyid:6B:61:99:E5:5C:35:3E:F7:F3:D2:BF:4A:4F:E3:8D:D1:A0:AD:85:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/KbkgC7W04AC2dfiCKLffjYIdfm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/ff2ceb-e9a8-478c-88c1-3de4ece3ab2a/1/a2GZ5Vw1Pvfz0r9KT-ON0aCthWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.56.0/21
IPv6:
2a04:680::/29
Signature Algorithm: sha256WithRSAEncryption
40:16:a0:0d:65:07:5d:5b:19:63:a8:4b:02:08:a2:ea:38:86:
ff:04:d0:ad:60:26:43:c1:09:39:07:94:b0:ca:2d:e0:87:dc:
50:59:a8:c9:a7:1d:04:ea:ec:ea:cf:5a:f2:9a:89:4e:31:33:
4f:5d:1d:dd:99:3f:1c:f6:7b:00:54:51:ab:af:23:9b:e0:97:
e1:99:17:76:7b:3e:68:56:b4:d8:57:46:03:0f:6e:2c:0d:58:
e1:ff:12:d6:dc:a6:4f:80:b0:41:9d:5c:e3:45:c6:eb:86:0c:
b5:d4:fa:79:19:e4:99:8e:9f:11:c5:d5:28:02:d3:9c:17:35:
21:9a:aa:ae:fd:b9:75:a1:81:76:a7:2f:fc:1b:7a:b5:7e:6e:
94:09:88:db:71:6b:5f:8c:8b:da:b4:09:12:d7:ff:b9:76:b2:
a3:4b:22:bd:54:4d:97:d2:bc:5d:7a:37:9a:64:c9:e6:52:f5:
cb:99:d3:dd:87:c5:a9:e7:82:00:d4:6f:a2:99:e2:ce:8a:6a:
ad:9c:e7:00:ca:2b:c9:ee:cb:71:fe:64:9e:a6:53:25:c3:9f:
01:25:0f:b4:eb:09:7b:26:44:ca:30:bf:e2:f5:f7:94:fb:37:
da:c0:15:c1:27:52:5e:29:37:b8:10:33:9e:27:75:1a:35:78:
13:06:ef:c1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZl6YkJ0W02Vcpbtk8In4f4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNjE5OWU1NWMzNTNlZjdmM2QyYmY0YTRmZTM4ZGQxYTBh
ZDg1NjUwHhcNMjUwOTI0MDYyMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI5MjAwYmI1YjRlMDAwYjY3NWY4ODIyOGI3ZGY4ZDgyMWQ3ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRhLYf4fS8sUAVEJB+eznH8lQC8l
Bdbor41EAFL3wPjLjEo87FfQ/WVWY8DissANVtur3lt0Cf9zsg8RtztVQblWoy3z
/KmsyXRSpSxeogGjHKfr2o0reOAj7FbA0D2tjNRo8Ihwea+vowtkTkHjp8xFCHK7
geRnXON9d9u7ox0WP1RWOe+KwfjAl+PvgNvy4csuB0LtnT9pySB/jfr7LgUmKeYq
oP+1HwVgyvKWgT6eQoUCBi11doaguGeLReD7Gu47dp5yT+6eEu6yt+0eXqczLKiY
fKOQWsG8skwv95iC3xvC3vH+Gyxp86D59QVzM5y230GDEurSimnCDj8ITQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCm5IAu1tOAAtnX4gii3342CHX5tMB8GA1UdIwQY
MBaAFGthmeVcNT7389K/Sk/jjdGgrYVlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTJHWjVWdzFQdmZ6MHI5S1QtT04wYUN0aFdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9mZjJjZWItZTlhOC00NzhjLTg4YzEt
M2RlNGVjZTNhYjJhLzEvS2JrZ0M3VzA0QUMyZGZpQ0tMZmZqWUlkZm0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9mZjJjZWItZTlhOC00NzhjLTg4YzEtM2RlNGVjZTNhYjJh
LzEvYTJHWjVWdzFQdmZ6MHI5S1QtT04wYUN0aFdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBVM4MA0E
AgACMAcDBQMqBAaAMA0GCSqGSIb3DQEBCwUAA4IBAQBAFqANZQddWxljqEsCCKLq
OIb/BNCtYCZDwQk5B5Swyi3gh9xQWajJpx0E6uzqz1rymolOMTNPXR3dmT8c9nsA
VFGrryOb4JfhmRd2ez5oVrTYV0YDD24sDVjh/xLW3KZPgLBBnVzjRcbrhgy11Pp5
GeSZjp8RxdUoAtOcFzUhmqqu/bl1oYF2py/8G3q1fm6UCYjbcWtfjIvatAkS1/+5
drKjSyK9VE2X0rxdejeaZMnmUvXLmdPdh8Wp54IA1G+imeLOimqtnOcAyivJ7stx
/mSeplMlw58BJQ+06wl7JkTKML/i9feU+zfawBXBJ1JeKTe4EDOeJ3UaNXgTBu/B
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:44 2025 by rpki-client