Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/6I-XOJQCbqzINKRTA5FkbiUtVKk.roa
File: 6I-XOJQCbqzINKRTA5FkbiUtVKk.roa (raw, json)
Hash identifier: 8IJ1FF4HTyQEaH/mehBRIc6TzRQtROpPJ0AvFUYLeqE=
Subject key identifier: E8:8F:97:38:94:02:6E:AC:C8:34:A4:53:03:91:64:6E:25:2D:54:A9
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 019CD8AD6F858724B8076CCDC7C43BD711DB
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/6I-XOJQCbqzINKRTA5FkbiUtVKk.roa
Signing time: Tue 10 Mar 2026 16:56:10 +0000
ROA not before: Tue 10 Mar 2026 16:56:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34606
IP address blocks: 77.72.32.0/21 maxlen: 21
77.108.0.0/18 maxlen: 18
81.30.0.0/20 maxlen: 20
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
85.159.176.0/21 maxlen: 21
85.208.232.0/22 maxlen: 22
88.87.96.0/19 maxlen: 19
95.140.136.0/21 maxlen: 21
185.73.244.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
185.127.32.0/22 maxlen: 22
185.167.20.0/22 maxlen: 24
194.116.0.0/18 maxlen: 18
194.176.126.0/24 maxlen: 24
2a02:260::/32 maxlen: 32
2a03:4560::/32 maxlen: 32
2a06:8580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:ad:6f:85:87:24:b8:07:6c:cd:c7:c4:3b:d7:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Mar 10 16:56:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e88f973894026eacc834a4530391646e252d54a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6a:67:c5:a8:09:06:ca:2e:b3:15:4a:d1:48:
ea:b5:e9:83:23:ad:8f:4c:69:34:c2:14:95:31:cd:
61:62:17:64:62:36:32:27:0c:30:73:fd:63:da:20:
fa:b3:2f:94:c0:68:ec:13:a3:14:8a:83:c7:d5:e8:
04:fb:9c:6e:4e:19:a2:0e:8d:6c:71:82:45:1b:a7:
3a:15:f3:b3:d9:7f:48:f9:e9:f1:2e:39:4f:24:b4:
2f:72:12:4b:e3:51:6e:3f:30:ee:ec:34:d7:67:b3:
b4:d0:74:ea:6f:13:3c:1c:22:48:8e:6f:ed:d5:f4:
08:6c:f1:f7:ab:64:b6:d5:91:82:1a:4c:2c:c2:60:
4c:33:40:05:50:c3:48:fd:3b:b2:3f:8a:4a:69:61:
58:ea:ca:0b:03:28:1c:09:0e:84:ad:5e:14:1a:ad:
f4:55:57:fd:5f:7b:2f:25:c3:b9:f9:f9:63:38:f8:
c6:54:42:94:c6:f7:98:34:c3:d2:6a:aa:1b:38:4a:
81:29:6d:e7:4b:c5:22:3b:87:10:93:9b:56:62:07:
e9:79:1d:0f:9d:21:ca:ea:73:72:e6:e0:19:9d:17:
cc:79:25:7d:2c:d9:7f:6c:32:ff:aa:8d:3e:1b:cc:
e9:65:70:57:08:3d:85:98:d7:aa:4f:a6:00:4a:0f:
17:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8F:97:38:94:02:6E:AC:C8:34:A4:53:03:91:64:6E:25:2D:54:A9
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/6I-XOJQCbqzINKRTA5FkbiUtVKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
81.30.0.0/20
82.215.128.0/18
85.159.176.0/21
85.208.232.0/22
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
185.127.32.0/22
185.167.20.0/22
194.116.0.0/18
194.176.126.0/24
IPv6:
2a02:260::/32
2a03:4560::/32
2a06:8580::/29
Signature Algorithm: sha256WithRSAEncryption
6f:53:fb:7b:42:08:1b:59:d0:20:98:f8:f0:4a:6b:04:e1:07:
6f:d3:9d:dd:3b:60:59:84:07:cd:e7:81:d0:1d:75:2d:d0:4b:
c1:99:3e:31:bd:1a:6d:0c:6d:c4:4c:9e:da:ec:ee:ba:a9:12:
c6:f0:64:1a:dd:07:24:ba:14:d4:a4:1d:05:f6:b4:89:64:76:
81:59:c4:22:d1:eb:45:01:c2:fd:bc:ee:d8:7f:49:e6:54:eb:
c9:8c:91:01:13:51:30:a6:61:95:c8:8d:ec:07:3c:bf:d3:0e:
28:0e:0a:db:d4:17:b0:d9:06:cd:b2:0d:3f:b2:13:ca:f8:0d:
e8:a9:ae:6c:94:0a:7a:2f:19:d0:a9:6a:f3:9d:7e:a2:ab:8d:
d7:db:f3:2a:83:14:46:98:99:04:95:41:ff:4e:4c:7d:42:97:
3f:22:ed:45:b6:07:7b:84:a1:11:ef:3a:4b:e1:07:da:af:73:
90:4f:30:6f:5f:3a:f3:07:e7:6b:70:09:92:29:8e:6e:5b:29:
fc:f9:0d:81:6c:39:21:7a:87:df:84:36:aa:61:20:2f:9d:21:
9d:b4:be:a0:8e:3b:8f:29:53:14:ba:e6:2c:d2:cf:19:a8:7f:
37:db:d2:31:d4:b8:28:2d:fa:f4:7c:bc:ff:79:20:48:dc:17:
f8:c5:51:24
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZzYrW+FhyS4B2zNx8Q71xHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjYwMzEwMTY1NjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhmOTczODk0MDI2ZWFjYzgzNGE0NTMwMzkxNjQ2ZTI1MmQ1NGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12pnxagJBsousxVK0UjqtemDI62P
TGk0whSVMc1hYhdkYjYyJwwwc/1j2iD6sy+UwGjsE6MUioPH1egE+5xuThmiDo1s
cYJFG6c6FfOz2X9I+enxLjlPJLQvchJL41FuPzDu7DTXZ7O00HTqbxM8HCJIjm/t
1fQIbPH3q2S21ZGCGkwswmBMM0AFUMNI/TuyP4pKaWFY6soLAygcCQ6ErV4UGq30
VVf9X3svJcO5+fljOPjGVEKUxveYNMPSaqobOEqBKW3nS8UiO4cQk5tWYgfpeR0P
nSHK6nNy5uAZnRfMeSV9LNl/bDL/qo0+G8zpZXBXCD2FmNeqT6YASg8XLQIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFOiPlziUAm6syDSkUwORZG4lLVSpMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvNkktWE9KUUNicXpJTktSVEE1RmtiaVV0VktrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEA01IIAME
Bk1sAAMEBFEeAAMEBlLXgAMEA1WfsAMEAlXQ6AMEBVhXYAMEA1+MiAMEArlJ9AME
Arl12AMEArl/IAMEArmnFAMEBsJ0AAMEAMKwfjAbBAIAAjAVAwUAKgICYAMFACoD
RWADBQMqBoWAMA0GCSqGSIb3DQEBCwUAA4IBAQBvU/t7QggbWdAgmPjwSmsE4Qdv
053dO2BZhAfN54HQHXUt0EvBmT4xvRptDG3ETJ7a7O66qRLG8GQa3QckuhTUpB0F
9rSJZHaBWcQi0etFAcL9vO7Yf0nmVOvJjJEBE1EwpmGVyI3sBzy/0w4oDgrb1Bew
2QbNsg0/shPK+A3oqa5slAp6LxnQqWrznX6iq43X2/MqgxRGmJkElUH/Tkx9Qpc/
Iu1Ftgd7hKER7zpL4Qfar3OQTzBvXzrzB+drcAmSKY5uWyn8+Q2BbDkheoffhDaq
YSAvnSGdtL6gjjuPKVMUuuYs0s8ZqH8329Ix1LgoLfr0fLz/eSBI3Bf4xVEk
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:14:40 2026 by rpki-client