Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/keT3omf7-NXyk-kE1wNKarUPPiw.roa
File: keT3omf7-NXyk-kE1wNKarUPPiw.roa (raw, json)
Hash identifier: zW7rA1OFkwrQYYDc4dIPZLN23erA5qtrmOvDFRqqFAA=
Subject key identifier: 91:E4:F7:A2:67:FB:F8:D5:F2:93:E9:04:D7:03:4A:6A:B5:0F:3E:2C
Certificate issuer: /CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Certificate serial: 019DAA6B6E5B1066500D020393CEA04E6430
Authority key identifier: 6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/keT3omf7-NXyk-kE1wNKarUPPiw.roa
Signing time: Mon 20 Apr 2026 10:24:20 +0000
ROA not before: Mon 20 Apr 2026 10:24:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 269822
IP address blocks: 185.91.192.0/22 maxlen: 22
185.91.192.0/23 maxlen: 23
185.91.192.0/24 maxlen: 24
185.91.193.0/24 maxlen: 24
185.91.194.0/23 maxlen: 23
185.91.194.0/24 maxlen: 24
185.91.195.0/24 maxlen: 24
185.104.164.0/22 maxlen: 22
185.104.164.0/23 maxlen: 23
185.104.164.0/24 maxlen: 24
185.104.165.0/24 maxlen: 24
185.104.166.0/23 maxlen: 23
185.104.166.0/24 maxlen: 24
185.104.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:6b:6e:5b:10:66:50:0d:02:03:93:ce:a0:4e:64:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Validity
Not Before: Apr 20 10:24:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=91e4f7a267fbf8d5f293e904d7034a6ab50f3e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:22:20:75:73:79:dd:c7:54:da:7a:0b:a9:71:
47:5f:aa:87:a9:6d:67:1c:fb:9c:68:b5:72:ce:fa:
6f:df:ea:be:20:ef:96:ae:56:f4:a9:2e:52:5b:6a:
02:36:a4:e4:93:74:00:53:0a:6d:ea:e7:fd:db:74:
cc:3e:07:63:b4:c7:cf:00:fd:fd:00:3d:ee:8e:72:
9e:3e:f4:71:5b:73:96:b3:ba:c4:c2:9b:b5:52:f5:
91:64:d1:f8:ed:a1:30:19:1b:ab:1d:65:d5:59:85:
98:c6:f1:f2:74:2b:25:72:45:1a:2a:d8:b4:4f:2d:
13:1c:a4:7e:43:3f:9b:9f:36:e5:d7:c4:c4:09:93:
d6:fc:8a:b3:25:7f:cb:d3:b5:82:f0:1d:63:11:55:
ed:91:e2:3b:0c:b2:6d:33:7a:1c:6a:cf:4a:e3:43:
23:a1:0a:b5:d3:c8:28:e8:95:15:e3:03:fc:2c:33:
2c:f2:f9:b4:0c:4e:59:6b:11:37:9b:a3:83:1c:d3:
1f:34:0e:a8:6c:3b:be:4d:38:43:79:ab:ef:5d:d9:
93:b8:ec:09:e1:4a:aa:fe:20:63:8e:d9:22:10:62:
bc:4c:75:61:39:d7:f2:43:5f:99:ad:b4:7e:38:66:
b4:b6:15:4e:18:f3:99:d8:f1:96:3d:f1:c8:da:b5:
e3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:E4:F7:A2:67:FB:F8:D5:F2:93:E9:04:D7:03:4A:6A:B5:0F:3E:2C
X509v3 Authority Key Identifier:
keyid:6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/keT3omf7-NXyk-kE1wNKarUPPiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.192.0/22
185.104.164.0/22
Signature Algorithm: sha256WithRSAEncryption
45:f8:8d:1e:94:e6:92:f1:a7:9e:69:1b:4b:30:f7:13:3a:29:
6d:5f:78:53:ad:e1:2c:65:9c:8e:7e:b2:93:a4:05:b5:84:1c:
cf:60:af:b5:69:35:da:c3:04:37:fd:dc:dd:10:73:73:45:20:
24:92:f5:c1:07:ba:31:c1:7f:84:39:99:da:19:61:10:03:d9:
c2:b2:a3:eb:b1:c8:fc:8f:d6:ac:d8:52:95:1b:f0:81:31:cb:
5d:02:2e:53:17:e9:51:af:81:d3:e0:be:b8:82:77:db:ce:6f:
54:49:59:5c:ad:4d:42:9e:5a:88:0b:f3:70:e6:1e:29:4a:11:
33:ab:79:32:81:70:d0:5f:9c:51:29:b3:9d:d6:11:3f:15:ca:
37:d2:c0:a7:a2:10:68:7b:c5:40:af:94:a2:f4:74:d9:19:6b:
8a:24:45:f8:21:2f:68:4d:08:da:c4:bb:b3:69:65:03:86:e6:
99:69:25:e7:79:a0:da:9f:9d:d8:22:04:0c:f2:81:28:39:1a:
c5:1a:cf:0a:40:1e:8b:54:4a:c1:bd:c3:62:19:44:1e:5a:f9:
d5:e3:3b:05:c8:59:c8:a5:fd:a5:d2:76:dd:b6:59:4e:db:c8:
67:88:21:52:38:b1:2d:fc:3f:1a:48:37:cb:9c:63:7e:e0:30:
e0:41:6a:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2qa25bEGZQDQIDk86gTmQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGVkZGEyZjIxYzg4NWZiZTY3Mjg2MjE4YjgzMThkNmFk
MjM4OTYwHhcNMjYwNDIwMTAyNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWU0ZjdhMjY3ZmJmOGQ1ZjI5M2U5MDRkNzAzNGE2YWI1MGYzZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliIgdXN53cdU2noLqXFHX6qHqW1n
HPucaLVyzvpv3+q+IO+Wrlb0qS5SW2oCNqTkk3QAUwpt6uf923TMPgdjtMfPAP39
AD3ujnKePvRxW3OWs7rEwpu1UvWRZNH47aEwGRurHWXVWYWYxvHydCslckUaKti0
Ty0THKR+Qz+bnzbl18TECZPW/IqzJX/L07WC8B1jEVXtkeI7DLJtM3ocas9K40Mj
oQq108go6JUV4wP8LDMs8vm0DE5ZaxE3m6ODHNMfNA6obDu+TThDeavvXdmTuOwJ
4Uqq/iBjjtkiEGK8THVhOdfyQ1+ZrbR+OGa0thVOGPOZ2PGWPfHI2rXjFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJHk96Jn+/jV8pPpBNcDSmq1Dz4sMB8GA1UdIwQY
MBaAFGqO3aLyHIhfvmcoYhi4MY1q0jiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2Et
MGM2Njg0MDE5OGQwLzEva2VUM29tZjctTlh5ay1rRTF3TkthclVQUGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2EtMGM2Njg0MDE5OGQw
LzEvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVvAAwQC
uWikMA0GCSqGSIb3DQEBCwUAA4IBAQBF+I0elOaS8aeeaRtLMPcTOiltX3hTreEs
ZZyOfrKTpAW1hBzPYK+1aTXawwQ3/dzdEHNzRSAkkvXBB7oxwX+EOZnaGWEQA9nC
sqPrscj8j9as2FKVG/CBMctdAi5TF+lRr4HT4L64gnfbzm9USVlcrU1CnlqIC/Nw
5h4pShEzq3kygXDQX5xRKbOd1hE/Fco30sCnohBoe8VAr5Si9HTZGWuKJEX4IS9o
TQjaxLuzaWUDhuaZaSXneaDan53YIgQM8oEoORrFGs8KQB6LVErBvcNiGUQeWvnV
4zsFyFnIpf2l0nbdtllO28hniCFSOLEt/D8aSDfLnGN+4DDgQWpl
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:24 2026 by rpki-client