Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/_6hmu4GFNhmBqCCRqDNxKXY1fbk.roa
File: _6hmu4GFNhmBqCCRqDNxKXY1fbk.roa (raw, json)
Hash identifier: FrvAixUNPJAiTcwGMH2vfi0uNBTHI7SiZ+ky1/2nJX4=
Subject key identifier: FF:A8:66:BB:81:85:36:19:81:A8:20:91:A8:33:71:29:76:35:7D:B9
Certificate issuer: /CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Certificate serial: 019D24554196262079832A8FB2CBADA6D7D8
Authority key identifier: F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/_6hmu4GFNhmBqCCRqDNxKXY1fbk.roa
Signing time: Wed 25 Mar 2026 09:31:00 +0000
ROA not before: Wed 25 Mar 2026 09:31:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206774
IP address blocks: 94.142.224.0/24 maxlen: 24
185.176.246.0/23 maxlen: 23
2a0a:2784::/32 maxlen: 32
2a0a:2787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:55:41:96:26:20:79:83:2a:8f:b2:cb:ad:a6:d7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50bae60970a2dfc86dd607c5b915ad5c534b413
Validity
Not Before: Mar 25 09:31:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ffa866bb8185361981a82091a833712976357db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:e8:e2:14:7e:29:da:d2:47:bf:69:ca:18:
c6:ab:b1:73:e3:56:db:3f:85:96:84:30:66:4b:c5:
cf:4b:00:e3:c9:1a:52:d0:f7:6c:01:ec:9c:88:f6:
96:a7:64:28:a4:b8:9e:c3:38:11:7b:fb:c0:89:93:
ae:d6:f6:80:ba:85:68:06:1b:90:c2:34:d4:e9:8a:
04:ad:5a:9d:68:9f:9a:35:98:d5:dd:ff:87:ac:1d:
cf:41:0b:7f:3a:bb:44:55:9b:29:38:83:e6:11:db:
4e:19:47:ab:59:2e:88:30:37:28:dc:a4:82:04:ce:
98:2f:43:3a:f5:6c:f1:20:dd:ce:80:32:05:1c:13:
77:3e:c0:11:6d:02:2e:bd:55:07:55:43:ce:47:01:
a8:d5:4a:3a:d7:8e:76:a1:73:43:7a:f0:65:bf:e3:
70:c8:0c:ac:29:2a:f7:00:e3:85:fc:69:d9:1c:11:
16:46:fa:ff:be:f0:46:65:29:8d:86:b3:17:6f:2d:
89:10:c3:cf:7a:46:09:a2:60:46:1a:69:24:1a:dd:
09:32:6d:f4:84:96:47:91:60:b5:56:90:c9:33:0d:
d8:71:0f:7f:fa:4b:7f:3e:b3:4c:c0:c1:a7:b3:fa:
3b:cb:7e:a3:18:31:36:04:85:b6:27:6c:ed:b9:b3:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:A8:66:BB:81:85:36:19:81:A8:20:91:A8:33:71:29:76:35:7D:B9
X509v3 Authority Key Identifier:
keyid:F5:0B:AE:60:97:0A:2D:FC:86:DD:60:7C:5B:91:5A:D5:C5:34:B4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/_6hmu4GFNhmBqCCRqDNxKXY1fbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/f71dcb-9e92-44e7-b042-3665067db256/1/9QuuYJcKLfyG3WB8W5Fa1cU0tBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.224.0/24
185.176.246.0/23
IPv6:
2a0a:2784::/32
2a0a:2787::/32
Signature Algorithm: sha256WithRSAEncryption
7b:7c:9d:ab:2f:ce:50:10:f7:a7:cc:57:45:42:10:5f:ce:58:
f4:61:50:65:8e:e7:af:42:fb:ce:bb:a5:9f:89:77:19:83:21:
a1:cc:92:27:07:19:48:52:c7:1c:0c:0c:69:fd:79:b6:62:e4:
b6:e2:c7:ec:12:71:c2:a5:5f:61:dc:3e:e9:a2:a3:88:c6:98:
b5:9c:c5:fb:ba:64:14:38:28:c1:22:d2:d3:6b:5a:81:7e:f9:
b3:1f:1d:09:6f:70:f8:6c:b5:98:bc:94:49:0b:8b:cc:18:df:
80:7d:92:cd:a3:26:e5:d0:e3:9a:d3:7d:cb:6e:9a:96:6c:f9:
6a:a9:39:b8:fb:d8:dd:b8:34:ed:85:ed:de:c1:a5:50:d4:c0:
44:5c:f5:4d:81:ff:a6:fb:b4:b1:8f:08:9d:d0:3e:80:6c:3b:
90:66:55:10:c6:61:72:60:4f:4d:d0:14:1f:85:92:81:53:70:
13:f0:c6:34:a6:0d:de:91:3f:46:74:1c:22:6e:d6:8f:40:b1:
ab:31:38:77:ea:7b:d1:93:b7:9b:ab:18:d3:75:a9:f7:d1:fd:
7b:20:35:47:03:20:fb:e1:46:ff:a3:8c:c2:01:35:4a:26:19:
79:06:6f:90:77:24:18:61:75:ac:f6:eb:bc:bb:0a:3c:3b:4c:
2a:e1:a7:d5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ0kVUGWJiB5gyqPssutptfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGJhZTYwOTcwYTJkZmM4NmRkNjA3YzViOTE1YWQ1YzUz
NGI0MTMwHhcNMjYwMzI1MDkzMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmE4NjZiYjgxODUzNjE5ODFhODIwOTFhODMzNzEyOTc2MzU3ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq/o4hR+KdrSR79pyhjGq7Fz41bb
P4WWhDBmS8XPSwDjyRpS0PdsAeyciPaWp2QopLiewzgRe/vAiZOu1vaAuoVoBhuQ
wjTU6YoErVqdaJ+aNZjV3f+HrB3PQQt/OrtEVZspOIPmEdtOGUerWS6IMDco3KSC
BM6YL0M69WzxIN3OgDIFHBN3PsARbQIuvVUHVUPORwGo1Uo61452oXNDevBlv+Nw
yAysKSr3AOOF/GnZHBEWRvr/vvBGZSmNhrMXby2JEMPPekYJomBGGmkkGt0JMm30
hJZHkWC1VpDJMw3YcQ9/+kt/PrNMwMGns/o7y36jGDE2BIW2J2ztubMpvwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP+oZruBhTYZgaggkagzcSl2NX25MB8GA1UdIwQY
MBaAFPULrmCXCi38ht1gfFuRWtXFNLQTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDIt
MzY2NTA2N2RiMjU2LzEvXzZobXU0R0ZOaG1CcUNDUnFETnhLWFkxZmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9mNzFkY2ItOWU5Mi00NGU3LWIwNDItMzY2NTA2N2RiMjU2
LzEvOVF1dVlKY0tMZnlHM1dCOFc1RmExY1UwdEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAXo7gAwQB
ubD2MBQEAgACMA4DBQAqCieEAwUAKgonhzANBgkqhkiG9w0BAQsFAAOCAQEAe3yd
qy/OUBD3p8xXRUIQX85Y9GFQZY7nr0L7zruln4l3GYMhocySJwcZSFLHHAwMaf15
tmLktuLH7BJxwqVfYdw+6aKjiMaYtZzF+7pkFDgowSLS02tagX75sx8dCW9w+Gy1
mLyUSQuLzBjfgH2SzaMm5dDjmtN9y26almz5aqk5uPvY3bg07YXt3sGlUNTARFz1
TYH/pvu0sY8IndA+gGw7kGZVEMZhcmBPTdAUH4WSgVNwE/DGNKYN3pE/RnQcIm7W
j0CxqzE4d+p70ZO3m6sY03Wp99H9eyA1RwMg++FG/6OMwgE1SiYZeQZvkHckGGF1
rPbrvLsKPDtMKuGn1Q==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:31 2026 by rpki-client