Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/6adJkufM2vCd-z5ZhfO9iFInD5I.roa
File: 6adJkufM2vCd-z5ZhfO9iFInD5I.roa (raw, json)
Hash identifier: eStOI3RXAw0Itmdq+ACmIjyoC4OiC/7VPLcYAGLEjE8=
Subject key identifier: E9:A7:49:92:E7:CC:DA:F0:9D:FB:3E:59:85:F3:BD:88:52:27:0F:92
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 019DAC8C433497FBB24329B396580D879840
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/6adJkufM2vCd-z5ZhfO9iFInD5I.roa
Signing time: Mon 20 Apr 2026 20:19:26 +0000
ROA not before: Mon 20 Apr 2026 20:19:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61273
IP address blocks: 185.151.204.0/24 maxlen: 24
185.151.205.0/24 maxlen: 24
185.151.206.0/24 maxlen: 24
185.151.207.0/24 maxlen: 24
185.230.39.0/24 maxlen: 24
185.255.24.0/22 maxlen: 24
2a0b:14c0::/48 maxlen: 48
2a0b:14c0:2::/48 maxlen: 48
2a0b:14c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ac:8c:43:34:97:fb:b2:43:29:b3:96:58:0d:87:98:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Apr 20 20:19:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e9a74992e7ccdaf09dfb3e5985f3bd8852270f92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:ef:a3:af:b2:a8:5a:8b:1e:96:ee:55:7b:
b3:57:44:02:0d:f0:72:bf:cc:ad:f6:48:5f:92:f5:
f2:6f:b1:f4:62:d5:ed:d8:3b:4c:9b:67:3e:b2:f3:
4a:61:d9:70:eb:17:06:70:42:37:a6:84:6c:a9:ee:
51:1c:c7:63:73:0d:6d:5f:f1:a5:f9:a8:88:e9:90:
dc:e1:95:7e:b2:d6:07:c4:ab:b3:75:92:bf:ef:e6:
89:3a:02:35:f9:07:44:89:ec:08:b1:73:98:50:ed:
ee:26:5d:0f:87:bd:6c:f4:90:da:cc:ec:a9:3f:37:
58:7b:3f:77:33:5e:8b:8f:05:ac:7c:df:dc:15:db:
5d:72:97:e4:61:42:5e:6b:44:9e:a9:9d:e3:f9:0b:
ff:65:05:b0:2c:48:db:d2:0a:b0:98:ba:0c:bd:6e:
bb:3e:52:4f:a9:74:19:01:fc:66:e4:47:5f:a0:a8:
d2:16:d1:7f:41:f7:2f:75:88:b8:4b:99:1a:d5:8e:
21:72:1b:2b:e3:56:db:46:45:30:0e:cf:32:2e:96:
af:b1:e5:7d:4a:cd:f2:ab:e7:55:11:d7:32:fe:08:
11:09:5a:dd:9b:7f:bf:0d:b4:8a:64:8e:d7:c4:b3:
4d:79:65:34:6f:14:88:5d:9e:5a:b1:49:d7:0f:18:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:A7:49:92:E7:CC:DA:F0:9D:FB:3E:59:85:F3:BD:88:52:27:0F:92
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/6adJkufM2vCd-z5ZhfO9iFInD5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.204.0/22
185.230.39.0/24
185.255.24.0/22
IPv6:
2a0b:14c0::/48
2a0b:14c0:2::/48
2a0b:14c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
c2:60:02:bc:cc:20:09:73:95:da:9e:c2:c7:11:be:03:e5:61:
bf:c1:6b:1c:64:b5:7d:56:b7:ec:23:d1:05:9f:2d:2d:f9:da:
18:bd:97:18:59:19:e4:f7:98:97:d4:49:1c:eb:7f:55:cf:6e:
90:0d:cd:69:8a:86:3d:a9:ff:9b:e4:7a:b2:36:10:56:28:b1:
24:d3:cb:b6:d0:c7:1a:0c:19:e6:69:e8:3c:10:01:e7:21:76:
0a:d5:f1:12:c3:01:99:3c:0e:c6:2f:f1:f1:07:34:0a:35:1c:
ff:f4:ba:fc:75:2b:d1:b6:4f:ce:e4:32:e9:a8:76:5c:76:8f:
80:ff:cc:2a:4c:4e:4b:db:4c:30:ca:fc:a5:c0:e3:b9:d0:05:
8a:95:4c:58:af:77:e7:3b:19:de:a9:8e:f6:46:d3:53:4f:bf:
92:ea:14:21:49:04:0b:68:44:1a:d3:39:ef:33:78:26:ce:31:
36:6d:1e:38:c0:14:c9:0b:ec:ce:3d:a7:00:df:d0:5c:8f:ef:
13:10:d3:f6:51:ee:c2:63:61:35:18:99:a9:eb:2a:b1:9a:f4:
4a:d2:c2:46:45:ef:49:f3:08:33:43:12:3c:6d:ac:c6:ac:56:
b2:e0:c2:82:89:38:5c:f2:5a:49:ed:b9:54:5d:18:f6:0a:28:
40:1d:cb:57
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZ2sjEM0l/uyQymzllgNh5hAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjYwNDIwMjAxOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWE3NDk5MmU3Y2NkYWYwOWRmYjNlNTk4NWYzYmQ4ODUyMjcwZjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnzvo6+yqFqLHpbuVXuzV0QCDfBy
v8yt9khfkvXyb7H0YtXt2DtMm2c+svNKYdlw6xcGcEI3poRsqe5RHMdjcw1tX/Gl
+aiI6ZDc4ZV+stYHxKuzdZK/7+aJOgI1+QdEiewIsXOYUO3uJl0Ph71s9JDazOyp
PzdYez93M16LjwWsfN/cFdtdcpfkYUJea0SeqZ3j+Qv/ZQWwLEjb0gqwmLoMvW67
PlJPqXQZAfxm5EdfoKjSFtF/QfcvdYi4S5ka1Y4hchsr41bbRkUwDs8yLpavseV9
Ss3yq+dVEdcy/ggRCVrdm3+/DbSKZI7XxLNNeWU0bxSIXZ5asUnXDxgfYQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFOmnSZLnzNrwnfs+WYXzvYhSJw+SMB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvNmFkSmt1Zk0ydkNkLXo1WmhmTzlpRkluRDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQCuZfMAwQA
ueYnAwQCuf8YMCEEAgACMBsDBwAqCxTAAAADBwAqCxTAAAIDBwAqCxTAAAQwDQYJ
KoZIhvcNAQELBQADggEBAMJgArzMIAlzldqewscRvgPlYb/BaxxktX1Wt+wj0QWf
LS352hi9lxhZGeT3mJfUSRzrf1XPbpANzWmKhj2p/5vkerI2EFYosSTTy7bQxxoM
GeZp6DwQAechdgrV8RLDAZk8DsYv8fEHNAo1HP/0uvx1K9G2T87kMumodlx2j4D/
zCpMTkvbTDDK/KXA47nQBYqVTFivd+c7Gd6pjvZG01NPv5LqFCFJBAtoRBrTOe8z
eCbOMTZtHjjAFMkL7M49pwDf0FyP7xMQ0/ZR7sJjYTUYmanrKrGa9ErSwkZF70nz
CDNDEjxtrMasVrLgwoKJOFzyWkntuVRdGPYKKEAdy1c=
-----END CERTIFICATE-----
Generated at Wed May 13 09:15:17 2026 by rpki-client