Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/pt6HomTbAoxaO1S0_vsB7Nj7-8E.roa
File: pt6HomTbAoxaO1S0_vsB7Nj7-8E.roa (raw, json)
Hash identifier: UWZ5Wn1XW2WpHYmNUBiJ9UFuT5nRWCqGOKvCr/DsUlY=
Subject key identifier: A6:DE:87:A2:64:DB:02:8C:5A:3B:54:B4:FE:FB:01:EC:D8:FB:FB:C1
Certificate issuer: /CN=4abf42d1d323688b5a32716c229048cf9b4a29ca
Certificate serial: 019BFD67176B0641EA1B379F181188A0C415
Authority key identifier: 4A:BF:42:D1:D3:23:68:8B:5A:32:71:6C:22:90:48:CF:9B:4A:29:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sr9C0dMjaItaMnFsIpBIz5tKKco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/pt6HomTbAoxaO1S0_vsB7Nj7-8E.roa
Signing time: Tue 27 Jan 2026 03:02:30 +0000
ROA not before: Tue 27 Jan 2026 03:02:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203284
IP address blocks: 91.194.135.0/24 maxlen: 24
91.202.6.0/24 maxlen: 24
176.111.40.0/24 maxlen: 24
193.105.135.0/24 maxlen: 24
195.93.172.0/24 maxlen: 24
195.242.218.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/Sr9C0dMjaItaMnFsIpBIz5tKKco.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/Sr9C0dMjaItaMnFsIpBIz5tKKco.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sr9C0dMjaItaMnFsIpBIz5tKKco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 06:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fd:67:17:6b:06:41:ea:1b:37:9f:18:11:88:a0:c4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4abf42d1d323688b5a32716c229048cf9b4a29ca
Validity
Not Before: Jan 27 03:02:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6de87a264db028c5a3b54b4fefb01ecd8fbfbc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ca:f2:94:3a:1c:23:6e:00:44:71:98:9f:e8:
55:05:5e:64:57:f5:f4:38:e4:44:27:14:f8:ea:d9:
83:04:b1:e5:20:3c:3b:2d:22:7f:8d:84:a5:1f:ab:
76:02:68:13:1b:bc:e7:00:98:ae:24:1f:a5:fb:9e:
b1:cf:61:d8:9a:22:a0:cd:b6:05:f0:43:b1:f2:c2:
c3:14:48:8e:43:78:a1:86:e6:21:d6:a6:2f:40:bd:
5b:f2:fc:13:e2:5e:87:21:78:8a:ac:d6:77:2b:c6:
b5:b6:03:11:9f:a0:e0:7c:d5:44:b3:29:77:8a:6f:
a7:2f:1c:4f:bb:a7:e0:07:78:9e:06:1e:14:3a:18:
f7:4c:1c:ae:bb:c0:fb:64:0a:8d:a2:5b:8e:3a:b3:
7c:95:89:2d:97:bb:0e:3f:d5:d6:e3:fe:33:46:51:
d4:eb:f8:33:60:39:7b:11:39:02:22:cb:d3:ad:5f:
75:33:aa:1b:14:16:ca:a7:37:9d:d5:4e:97:ee:e1:
6b:c2:a2:f7:f9:9a:eb:0e:d2:54:b4:4b:23:ba:6a:
86:5c:a7:71:b1:32:b3:13:c8:a8:47:70:96:5f:4a:
00:96:ce:7b:e7:6e:64:e1:27:d2:65:4d:89:8a:90:
17:6a:9c:3c:4e:3e:ca:b2:28:86:d3:4b:eb:57:c1:
ec:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:DE:87:A2:64:DB:02:8C:5A:3B:54:B4:FE:FB:01:EC:D8:FB:FB:C1
X509v3 Authority Key Identifier:
keyid:4A:BF:42:D1:D3:23:68:8B:5A:32:71:6C:22:90:48:CF:9B:4A:29:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sr9C0dMjaItaMnFsIpBIz5tKKco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/pt6HomTbAoxaO1S0_vsB7Nj7-8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c33da4-c15d-4f2c-9dba-ea890a6d461d/1/Sr9C0dMjaItaMnFsIpBIz5tKKco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.135.0/24
91.202.6.0/24
176.111.40.0/24
193.105.135.0/24
195.93.172.0/24
195.242.218.0/23
Signature Algorithm: sha256WithRSAEncryption
87:1a:47:76:e2:19:50:c9:3d:1b:c0:77:ff:f7:a1:7e:f9:25:
4a:ca:9f:55:07:d0:60:08:ff:a3:de:3a:56:09:e4:fe:95:c6:
db:ed:a0:2f:7d:e9:2c:3f:36:8e:ba:54:6d:fe:5a:bd:88:ea:
a5:20:b5:a1:bf:eb:aa:8a:a5:29:a9:e9:a3:f4:35:64:36:f7:
a7:fa:c4:25:72:cc:94:27:66:60:87:cd:18:80:d2:5b:e8:97:
4d:fa:4a:3f:70:85:2a:27:1b:6a:9d:ce:56:29:f8:56:2c:c3:
b9:ae:63:e9:ed:7a:8d:da:36:9c:fd:bc:f3:2d:1c:fc:72:42:
13:0c:a0:3f:d7:92:89:e8:b2:75:64:1c:92:10:b3:e2:55:97:
f1:ce:4a:5d:7c:ec:4c:26:e7:dc:bb:ce:bb:75:4d:37:7e:8f:
c9:7e:16:af:9e:4f:30:b8:ad:ae:9c:e0:af:12:9d:0b:7c:e5:
d7:8c:cf:36:aa:83:90:26:b0:95:89:41:0e:4f:32:7c:0f:76:
ec:45:22:96:77:cb:ef:da:f5:1c:e0:64:69:6c:53:77:ce:6a:
77:e3:e8:ca:36:1b:02:f3:57:36:ac:a9:77:0c:b2:2a:df:f0:
cc:05:55:24:b3:70:f9:96:7a:a6:d2:d2:b1:59:79:f3:6c:35:
9a:86:1b:33
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZv9ZxdrBkHqGzefGBGIoMQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYmY0MmQxZDMyMzY4OGI1YTMyNzE2YzIyOTA0OGNmOWI0
YTI5Y2EwHhcNMjYwMTI3MDMwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmRlODdhMjY0ZGIwMjhjNWEzYjU0YjRmZWZiMDFlY2Q4ZmJmYmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMrylDocI24ARHGYn+hVBV5kV/X0
OOREJxT46tmDBLHlIDw7LSJ/jYSlH6t2AmgTG7znAJiuJB+l+56xz2HYmiKgzbYF
8EOx8sLDFEiOQ3ihhuYh1qYvQL1b8vwT4l6HIXiKrNZ3K8a1tgMRn6DgfNVEsyl3
im+nLxxPu6fgB3ieBh4UOhj3TByuu8D7ZAqNoluOOrN8lYktl7sOP9XW4/4zRlHU
6/gzYDl7ETkCIsvTrV91M6obFBbKpzed1U6X7uFrwqL3+ZrrDtJUtEsjumqGXKdx
sTKzE8ioR3CWX0oAls57525k4SfSZU2JipAXapw8Tj7KsiiG00vrV8HsEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKbeh6Jk2wKMWjtUtP77AezY+/vBMB8GA1UdIwQY
MBaAFEq/QtHTI2iLWjJxbCKQSM+bSinKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3I5QzBkTWphSXRhTW5Gc0lwQkl6NXRLS2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jMzNkYTQtYzE1ZC00ZjJjLTlkYmEt
ZWE4OTBhNmQ0NjFkLzEvcHQ2SG9tVGJBb3hhTzFTMF92c0I3Tmo3LThFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jMzNkYTQtYzE1ZC00ZjJjLTlkYmEtZWE4OTBhNmQ0NjFk
LzEvU3I5QzBkTWphSXRhTW5Gc0lwQkl6NXRLS2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8KHAwQA
W8oGAwQAsG8oAwQAwWmHAwQAw12sAwQBw/LaMA0GCSqGSIb3DQEBCwUAA4IBAQCH
Gkd24hlQyT0bwHf/96F++SVKyp9VB9BgCP+j3jpWCeT+lcbb7aAvfeksPzaOulRt
/lq9iOqlILWhv+uqiqUpqemj9DVkNven+sQlcsyUJ2Zgh80YgNJb6JdN+ko/cIUq
Jxtqnc5WKfhWLMO5rmPp7XqN2jac/bzzLRz8ckITDKA/15KJ6LJ1ZBySELPiVZfx
zkpdfOxMJufcu867dU03fo/Jfhavnk8wuK2unOCvEp0LfOXXjM82qoOQJrCViUEO
TzJ8D3bsRSKWd8vv2vUc4GRpbFN3zmp34+jKNhsC81c2rKl3DLIq3/DMBVUks3D5
lnqm0tKxWXnzbDWahhsz
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:59:16 2026 by rpki-client