Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KxFAsk_pGP2Pa6f07aaCC-CRB8M.roa
File: KxFAsk_pGP2Pa6f07aaCC-CRB8M.roa (raw, json)
Hash identifier: JAbgkUw87S+IKDAYPwMES7yth/c/8IRwqFtcxaVv4C8=
Subject key identifier: 2B:11:40:B2:4F:E9:18:FD:8F:6B:A7:F4:ED:A6:82:0B:E0:91:07:C3
Certificate issuer: /CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Certificate serial: 0197725D2A722EBCC344829A93D4B16F0DDA
Authority key identifier: 29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KxFAsk_pGP2Pa6f07aaCC-CRB8M.roa
Signing time: Sun 15 Jun 2025 06:53:17 +0000
ROA not before: Sun 15 Jun 2025 06:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207001
IP address blocks: 2a01:e901:163::/48 maxlen: 48
2a01:e901:173::/48 maxlen: 48
2a01:e901:183::/48 maxlen: 48
2a01:e901:193::/48 maxlen: 48
2a01:e901:1a3::/48 maxlen: 48
2a01:e901:1b3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:72:5d:2a:72:2e:bc:c3:44:82:9a:93:d4:b1:6f:0d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2968b4e0ef8106f0e12ab8e501d2aa4e36b783c2
Validity
Not Before: Jun 15 06:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b1140b24fe918fd8f6ba7f4eda6820be09107c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d7:f3:5f:42:d2:7f:fc:be:59:f0:db:bd:ad:
ac:7d:74:84:f5:a3:4c:3e:56:c9:cc:08:ad:29:77:
83:4b:d2:de:81:14:a5:05:d3:3d:4b:5d:b4:9d:e4:
58:a9:12:3a:f8:df:34:a6:37:a5:77:f3:6f:f3:a0:
0f:1e:40:1f:b5:9c:f3:71:8d:cd:09:0c:33:52:49:
de:77:74:31:ac:10:9b:37:57:84:73:34:96:cb:37:
e3:06:ca:ca:c2:eb:5d:9e:59:43:f6:11:cf:70:13:
59:99:db:cd:7c:a6:fd:22:dd:4b:16:2c:c4:44:62:
b8:ff:e5:f2:be:6e:ba:f6:64:17:d6:3d:84:b6:f9:
53:e2:69:e8:8d:a4:da:5e:b5:88:b5:b6:4c:96:71:
4f:a0:65:da:24:86:7e:c4:77:95:bd:2b:0b:90:97:
a5:64:fd:e4:03:14:5e:f9:39:07:f4:02:6b:5f:bb:
9e:10:b2:1a:cd:75:f2:d3:4c:64:29:10:f8:07:98:
18:a0:09:f3:1f:63:97:4e:d0:de:69:0c:3f:3c:e1:
b2:b2:81:48:25:6e:cf:76:a1:76:26:d8:30:e7:42:
a2:0e:c4:4a:c3:9a:d6:3b:85:7d:ad:65:c0:c5:e9:
c1:8d:73:f7:48:a6:b6:12:89:97:8b:79:96:d5:a5:
f7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:11:40:B2:4F:E9:18:FD:8F:6B:A7:F4:ED:A6:82:0B:E0:91:07:C3
X509v3 Authority Key Identifier:
keyid:29:68:B4:E0:EF:81:06:F0:E1:2A:B8:E5:01:D2:AA:4E:36:B7:83:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWi04O-BBvDhKrjlAdKqTja3g8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KxFAsk_pGP2Pa6f07aaCC-CRB8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/481637-6c1c-45e8-8fbd-44f8ed5d61d7/1/KWi04O-BBvDhKrjlAdKqTja3g8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:e901:163::/48
2a01:e901:173::/48
2a01:e901:183::/48
2a01:e901:193::/48
2a01:e901:1a3::/48
2a01:e901:1b3::/48
Signature Algorithm: sha256WithRSAEncryption
48:1d:4e:2f:4d:ae:b7:5a:d4:34:06:aa:fe:96:c5:33:13:90:
21:2d:2b:f4:6f:20:0e:6f:ae:d6:ff:e0:a7:b2:ec:e1:a6:0e:
af:29:b2:db:e8:90:39:73:5a:9c:50:23:5c:eb:15:6a:a6:a7:
3b:d3:9c:6a:b9:c5:56:e3:b1:46:22:86:05:e1:78:e9:2e:7a:
f9:7e:d4:bf:86:2d:a6:3c:22:bf:30:7b:99:8d:b3:9b:0d:65:
25:f6:ea:3a:c1:28:87:b9:f2:30:e2:19:e8:75:05:e7:d0:66:
5c:7d:b4:fd:d3:1d:d6:7d:bd:4c:c0:e7:96:db:6a:1b:46:fb:
ac:8a:2e:da:25:10:02:8a:73:0b:7e:b1:0e:7a:fb:5c:cb:79:
31:66:d2:c7:5c:9d:4e:17:2c:f7:7d:92:33:d0:d8:00:2d:2b:
91:4b:7d:ff:aa:2a:67:a5:27:3b:e9:35:72:89:c9:89:29:88:
19:d9:27:bc:fa:c0:ec:c7:bd:fc:68:69:00:34:36:59:b9:db:
2d:a3:35:a2:6e:6f:2c:0a:21:5b:ef:db:6c:b0:07:5e:a8:c7:
c6:f0:69:9d:71:91:89:6d:46:76:fa:eb:19:27:69:25:a8:fb:
85:31:70:fc:5b:35:9d:71:f2:0e:50:8d:e5:d5:c8:c8:80:96:
b1:ea:b1:ff
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZdyXSpyLrzDRIKak9Sxbw3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjhiNGUwZWY4MTA2ZjBlMTJhYjhlNTAxZDJhYTRlMzZi
NzgzYzIwHhcNMjUwNjE1MDY1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjExNDBiMjRmZTkxOGZkOGY2YmE3ZjRlZGE2ODIwYmUwOTEwN2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudfzX0LSf/y+WfDbva2sfXSE9aNM
PlbJzAitKXeDS9LegRSlBdM9S120neRYqRI6+N80pjeld/Nv86APHkAftZzzcY3N
CQwzUkned3QxrBCbN1eEczSWyzfjBsrKwutdnllD9hHPcBNZmdvNfKb9It1LFizE
RGK4/+Xyvm669mQX1j2EtvlT4mnojaTaXrWItbZMlnFPoGXaJIZ+xHeVvSsLkJel
ZP3kAxRe+TkH9AJrX7ueELIazXXy00xkKRD4B5gYoAnzH2OXTtDeaQw/POGysoFI
JW7PdqF2Jtgw50KiDsRKw5rWO4V9rWXAxenBjXP3SKa2EomXi3mW1aX3ZQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCsRQLJP6Rj9j2un9O2mggvgkQfDMB8GA1UdIwQY
MBaAFClotODvgQbw4Sq45QHSqk42t4PCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQt
NDRmOGVkNWQ2MWQ3LzEvS3hGQXNrX3BHUDJQYTZmMDdhYUNDLUNSQjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80ODE2MzctNmMxYy00NWU4LThmYmQtNDRmOGVkNWQ2MWQ3
LzEvS1dpMDRPLUJCdkRoS3JqbEFkS3FUamEzZzhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAKgHpAQFj
AwcAKgHpAQFzAwcAKgHpAQGDAwcAKgHpAQGTAwcAKgHpAQGjAwcAKgHpAQGzMA0G
CSqGSIb3DQEBCwUAA4IBAQBIHU4vTa63WtQ0Bqr+lsUzE5AhLSv0byAOb67W/+Cn
suzhpg6vKbLb6JA5c1qcUCNc6xVqpqc705xqucVW47FGIoYF4XjpLnr5ftS/hi2m
PCK/MHuZjbObDWUl9uo6wSiHufIw4hnodQXn0GZcfbT90x3Wfb1MwOeW22obRvus
ii7aJRACinMLfrEOevtcy3kxZtLHXJ1OFyz3fZIz0NgALSuRS33/qipnpSc76TVy
icmJKYgZ2Se8+sDsx738aGkANDZZudstozWibm8sCiFb79tssAdeqMfG8GmdcZGJ
bUZ2+usZJ2klqPuFMXD8WzWdcfIOUI3l1cjIgJax6rH/
-----END CERTIFICATE-----
Generated at Mon Jun 30 00:36:11 2025 by rpki-client