Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/6dKud0rBgn68px5_CQ8NbiAhK5I.roa
File: 6dKud0rBgn68px5_CQ8NbiAhK5I.roa (raw, json)
Hash identifier: c4iMueJ7H9gjm+Sm3ki0CfZIxEQXW4+lG2MfIuaVr6U=
Subject key identifier: E9:D2:AE:77:4A:C1:82:7E:BC:A7:1E:7F:09:0F:0D:6E:20:21:2B:92
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 019CB4DE81EE65F85AD338A9BB93FEB063A6
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/6dKud0rBgn68px5_CQ8NbiAhK5I.roa
Signing time: Tue 03 Mar 2026 18:03:26 +0000
ROA not before: Tue 03 Mar 2026 18:03:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
79.98.16.0/21 maxlen: 24
80.74.64.0/20 maxlen: 24
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
84.239.64.0/18 maxlen: 24
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
141.101.56.0/22 maxlen: 24
141.101.60.0/22 maxlen: 24
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 24
185.5.108.0/22 maxlen: 22
185.10.176.0/22 maxlen: 24
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 24
185.41.4.0/22 maxlen: 22
185.47.240.0/22 maxlen: 24
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.137.254.0/23 maxlen: 24
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a00:6900::/29 maxlen: 48
2a01:4e00::/32 maxlen: 32
2a03:5d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 21:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b4:de:81:ee:65:f8:5a:d3:38:a9:bb:93:fe:b0:63:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Mar 3 18:03:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e9d2ae774ac1827ebca71e7f090f0d6e20212b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:59:d3:36:05:f2:ce:36:c4:a8:3e:76:86:5d:
71:7a:90:a3:2a:67:60:70:02:ef:84:55:46:94:22:
d7:90:8e:81:2d:3b:33:26:80:62:f5:b6:b3:07:a0:
28:f0:94:51:3e:35:41:fe:cd:a4:9d:66:5f:80:61:
72:6f:b3:5d:44:26:75:a2:8c:77:52:26:3f:51:2a:
e0:8a:0e:25:47:ff:32:92:dc:92:84:a8:ce:a9:dd:
0d:70:04:56:90:a0:e7:66:ad:de:11:74:93:72:5c:
5a:0d:54:22:4e:ea:fa:fd:52:55:f1:c5:c5:e2:0c:
38:af:3d:f3:a7:59:36:bf:80:39:8b:77:65:3b:79:
67:90:a2:09:a2:96:50:c1:32:cd:1d:14:41:78:4a:
6a:f9:59:ef:38:96:27:f5:b7:41:2b:70:22:73:a1:
24:98:84:7a:ba:13:b1:9f:7f:7c:5f:8d:30:c4:88:
3c:9b:96:a5:19:9a:5c:f4:95:2c:b0:70:68:90:77:
87:8f:99:a0:ee:e6:64:af:be:ff:7a:9a:4a:a8:61:
8b:9e:61:24:45:98:86:36:af:e0:de:de:7f:20:d6:
f3:e3:7f:04:8f:73:80:25:08:a1:5b:02:1e:04:a1:
f5:17:2c:33:44:f9:05:bc:f7:0d:1d:7d:06:a4:49:
22:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D2:AE:77:4A:C1:82:7E:BC:A7:1E:7F:09:0F:0D:6E:20:21:2B:92
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/6dKud0rBgn68px5_CQ8NbiAhK5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
79.98.16.0/21
80.74.64.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
84.239.64.0/18
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
141.101.56.0/21
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.10.176.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.47.240.0/22
185.81.52.0/22
185.132.116.0/22
185.137.254.0/23
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a00:6900::/29
2a01:4e00::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
7c:2a:8d:8e:95:65:41:43:fd:d6:6b:f0:6f:cc:1c:0a:e9:b8:
d0:78:03:18:50:25:12:d6:ee:ec:99:dd:59:b2:b7:03:0d:5b:
f7:ac:5c:a9:f1:a6:a9:06:15:ad:0c:e9:17:65:af:14:76:be:
ed:39:e4:f0:4c:f5:45:f5:8f:3e:5d:b9:41:c4:bd:25:ad:5f:
07:cb:37:d8:a8:32:bb:75:f0:23:84:71:82:81:23:15:0d:0e:
84:06:dd:b3:1f:c5:6f:15:5d:e2:a8:fe:ee:1c:51:3f:f3:95:
4b:9c:72:04:77:18:db:9b:f1:7f:ed:0b:99:41:5d:30:94:0b:
61:a0:60:1a:48:9c:74:20:1b:15:15:fc:ed:dc:e1:69:80:dc:
3f:38:c0:d5:42:01:fb:95:63:03:b2:72:9f:3f:1d:c3:7b:7b:
a5:82:cb:a8:4f:7a:20:af:5c:72:a5:e7:d2:c5:0f:99:3e:fe:
9a:05:b8:bb:1f:a6:a7:d4:b6:4e:5d:12:24:be:77:65:13:99:
c8:d3:13:e7:d1:e6:81:64:25:3d:67:17:ba:4c:09:26:5c:04:
47:7d:cc:25:74:31:37:6d:0e:4a:d4:a6:94:af:84:88:5a:70:
dc:d1:3e:98:a4:bf:ae:f2:61:80:cd:9a:7d:49:e5:37:f0:d6:
82:9d:9e:69
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZy03oHuZfha0zipu5P+sGOmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjYwMzAzMTgwMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQyYWU3NzRhYzE4MjdlYmNhNzFlN2YwOTBmMGQ2ZTIwMjEyYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FnTNgXyzjbEqD52hl1xepCjKmdg
cALvhFVGlCLXkI6BLTszJoBi9bazB6Ao8JRRPjVB/s2knWZfgGFyb7NdRCZ1oox3
UiY/USrgig4lR/8yktyShKjOqd0NcARWkKDnZq3eEXSTclxaDVQiTur6/VJV8cXF
4gw4rz3zp1k2v4A5i3dlO3lnkKIJopZQwTLNHRRBeEpq+VnvOJYn9bdBK3Aic6Ek
mIR6uhOxn398X40wxIg8m5alGZpc9JUssHBokHeHj5mg7uZkr77/eppKqGGLnmEk
RZiGNq/g3t5/INbz438Ej3OAJQihWwIeBKH1FywzRPkFvPcNHX0GpEkiQwIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFOnSrndKwYJ+vKcefwkPDW4gISuSMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvNmRLdWQwckJnbjY4cHg1X0NROE5iaUFoSzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCASoEAgABMIIB
IgMEAgWFRAMEBT7BIDAMAwQCPvRUAwQBPvRYAwQCPvRgAwQCPvRwAwQAPvR1AwQA
PvR3AwQDTh8oAwQETm3wAwQDT2IQAwQEUEpAAwQEUPUQAwQGUtIAAwQFU3bAAwQD
U46QAwQGVO9AAwQDW1pgAwQEXuSwAwQEX41gAwQDjWU4AwQFn7TgAwQDsDkgAwQE
shCgAwQCuQQsAwQCuQVsAwQCuQqwAwQCuRLQAwQCuRMwAwQCuSkEAwQCuS/wAwQC
uVE0AwQCuYR0AwQBuYn+AwQCuZxQAwQCuaMcAwQCuaucAwQCubT0AwQCub9cAwQC
udMYAwQCudWgAwQCudr4AwQCufkcAwQBwtV8AwQGww+AAwQCwzGEAwQFw8igAwQF
1GpgMCIEAgACMBwDBQMgAQq4AwUDKgBpAAMFACoBTgADBQAqA11AMA0GCSqGSIb3
DQEBCwUAA4IBAQB8Ko2OlWVBQ/3Wa/BvzBwK6bjQeAMYUCUS1u7smd1ZsrcDDVv3
rFyp8aapBhWtDOkXZa8Udr7tOeTwTPVF9Y8+XblBxL0lrV8HyzfYqDK7dfAjhHGC
gSMVDQ6EBt2zH8VvFV3iqP7uHFE/85VLnHIEdxjbm/F/7QuZQV0wlAthoGAaSJx0
IBsVFfzt3OFpgNw/OMDVQgH7lWMDsnKfPx3De3ulgsuoT3ogr1xypefSxQ+ZPv6a
Bbi7H6an1LZOXRIkvndlE5nI0xPn0eaBZCU9Zxe6TAkmXARHfcwldDE3bQ5K1KaU
r4SIWnDc0T6YpL+u8mGAzZp9SeU38NaCnZ5p
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:39:59 2026 by rpki-client