Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/b_C6-vRVgU9-ZGu5iPetXhBiGd0.roa
File: b_C6-vRVgU9-ZGu5iPetXhBiGd0.roa (raw, json)
Hash identifier: 2gUqRWsgOMEHr5aKvlRadKgrnBBP2u9PjUCeJ2rack0=
Subject key identifier: 6F:F0:BA:FA:F4:55:81:4F:7E:64:6B:B9:88:F7:AD:5E:10:62:19:DD
Certificate issuer: /CN=c4406c9c06132fce40edc046e069ae3452ba68e3
Certificate serial: 019C9FC0510493607CD16C7552BBC251FDDF
Authority key identifier: C4:40:6C:9C:06:13:2F:CE:40:ED:C0:46:E0:69:AE:34:52:BA:68:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xEBsnAYTL85A7cBG4GmuNFK6aOM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/b_C6-vRVgU9-ZGu5iPetXhBiGd0.roa
Signing time: Fri 27 Feb 2026 15:38:26 +0000
ROA not before: Fri 27 Feb 2026 15:38:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51159
IP address blocks: 91.142.134.0/24 maxlen: 24
91.228.115.0/24 maxlen: 24
91.239.124.0/23 maxlen: 23
185.62.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/xEBsnAYTL85A7cBG4GmuNFK6aOM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/xEBsnAYTL85A7cBG4GmuNFK6aOM.mft
rsync://rpki.ripe.net/repository/DEFAULT/xEBsnAYTL85A7cBG4GmuNFK6aOM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:c0:51:04:93:60:7c:d1:6c:75:52:bb:c2:51:fd:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4406c9c06132fce40edc046e069ae3452ba68e3
Validity
Not Before: Feb 27 15:38:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ff0bafaf455814f7e646bb988f7ad5e106219dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f1:97:9f:b8:73:a5:97:ba:2b:cd:58:04:d2:
24:82:07:30:8c:00:64:0d:7e:5c:c6:6f:57:cc:f3:
ce:85:93:2c:ca:3a:77:a7:9e:88:2f:ae:bf:76:e7:
c1:de:2e:f1:46:7b:0d:e7:4c:70:62:35:18:70:6a:
22:4c:e5:a5:fb:62:fc:38:93:e7:55:30:0e:9b:f6:
41:82:fb:1f:8c:49:6d:95:f0:8b:f1:bd:c9:17:0f:
c9:bc:98:da:dd:24:26:d9:74:ed:01:b1:1d:41:b4:
62:53:30:79:85:d7:a4:82:2c:70:cd:31:0e:3f:43:
58:73:31:5e:85:05:6a:44:a7:02:df:25:8d:04:b2:
dd:af:de:21:08:59:d5:00:0e:cc:61:1a:7e:5c:d1:
df:ab:8f:cc:b6:52:7e:14:3b:f4:96:af:e9:a8:63:
f6:cd:6e:ea:0e:fe:78:3a:f0:50:ea:72:71:8b:83:
67:1d:71:9e:29:ca:4c:09:7a:9e:47:91:ee:44:bc:
15:dc:35:75:91:d8:cc:3f:e5:77:36:a9:15:2b:aa:
3c:71:30:17:d0:ff:51:dd:b9:5c:49:5b:86:6f:99:
d9:5c:f7:de:bc:ab:5c:a4:10:e0:51:2b:68:50:1d:
dc:7f:4a:c1:b1:bc:6e:7e:d3:52:9a:4b:19:3a:a3:
4e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:F0:BA:FA:F4:55:81:4F:7E:64:6B:B9:88:F7:AD:5E:10:62:19:DD
X509v3 Authority Key Identifier:
keyid:C4:40:6C:9C:06:13:2F:CE:40:ED:C0:46:E0:69:AE:34:52:BA:68:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xEBsnAYTL85A7cBG4GmuNFK6aOM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/b_C6-vRVgU9-ZGu5iPetXhBiGd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7eecd9-a4c4-41aa-a6ec-42ac69e5e8dc/1/xEBsnAYTL85A7cBG4GmuNFK6aOM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.134.0/24
91.228.115.0/24
91.239.124.0/23
185.62.84.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:e6:ea:d6:f1:c9:96:8d:19:05:87:41:6f:0a:ea:6a:8c:9a:
94:1d:b9:e7:04:cf:3d:7f:a8:d3:ed:80:4c:2d:a3:ba:38:56:
fc:e2:0e:9a:48:2b:49:38:e1:31:73:e4:b6:c4:8e:33:1e:67:
ed:a5:05:77:0b:ac:3b:9f:dc:4b:0d:9a:3c:c0:0c:09:03:63:
55:f0:11:d9:b7:b8:4b:69:b8:54:3b:65:74:7b:02:fb:0c:15:
83:23:b7:44:6f:fa:c0:53:bd:2a:66:de:af:e2:3d:73:85:0a:
fe:d3:d2:10:22:74:1a:2f:af:db:9f:58:37:5f:0a:c5:49:54:
b6:96:de:ca:09:00:41:b6:b1:33:61:28:59:80:50:56:8b:39:
12:be:3e:d4:cf:8b:ca:25:21:ed:22:2b:7f:a4:d4:13:24:bd:
ff:5d:91:2a:25:66:da:f4:e8:c1:71:c2:e5:c0:5f:24:ad:0d:
51:88:a6:e5:5b:58:74:4d:df:7a:0d:a7:f5:33:d6:ad:bf:39:
e1:f8:1d:28:2f:20:96:9a:d9:f1:d8:cc:96:60:e9:18:ac:09:
d0:24:16:31:c4:aa:be:33:9e:74:a6:1b:eb:2a:ac:0d:07:91:
73:21:b4:2a:cb:5a:e2:4c:01:76:0d:bb:f1:a3:4a:5d:e3:56:
b9:da:70:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyfwFEEk2B80Wx1UrvCUf3fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NDA2YzljMDYxMzJmY2U0MGVkYzA0NmUwNjlhZTM0NTJi
YTY4ZTMwHhcNMjYwMjI3MTUzODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmYwYmFmYWY0NTU4MTRmN2U2NDZiYjk4OGY3YWQ1ZTEwNjIxOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/GXn7hzpZe6K81YBNIkggcwjABk
DX5cxm9XzPPOhZMsyjp3p56IL66/dufB3i7xRnsN50xwYjUYcGoiTOWl+2L8OJPn
VTAOm/ZBgvsfjEltlfCL8b3JFw/JvJja3SQm2XTtAbEdQbRiUzB5hdekgixwzTEO
P0NYczFehQVqRKcC3yWNBLLdr94hCFnVAA7MYRp+XNHfq4/MtlJ+FDv0lq/pqGP2
zW7qDv54OvBQ6nJxi4NnHXGeKcpMCXqeR5HuRLwV3DV1kdjMP+V3NqkVK6o8cTAX
0P9R3blcSVuGb5nZXPfevKtcpBDgUStoUB3cf0rBsbxuftNSmksZOqNOzwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG/wuvr0VYFPfmRruYj3rV4QYhndMB8GA1UdIwQY
MBaAFMRAbJwGEy/OQO3ARuBprjRSumjjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEVCc25BWVRMODVBN2NCRzRHbXVORks2YU9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83ZWVjZDktYTRjNC00MWFhLWE2ZWMt
NDJhYzY5ZTVlOGRjLzEvYl9DNi12UlZnVTktWkd1NWlQZXRYaEJpR2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83ZWVjZDktYTRjNC00MWFhLWE2ZWMtNDJhYzY5ZTVlOGRj
LzEveEVCc25BWVRMODVBN2NCRzRHbXVORks2YU9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW46GAwQA
W+RzAwQBW+98AwQCuT5UMA0GCSqGSIb3DQEBCwUAA4IBAQAL5urW8cmWjRkFh0Fv
CupqjJqUHbnnBM89f6jT7YBMLaO6OFb84g6aSCtJOOExc+S2xI4zHmftpQV3C6w7
n9xLDZo8wAwJA2NV8BHZt7hLabhUO2V0ewL7DBWDI7dEb/rAU70qZt6v4j1zhQr+
09IQInQaL6/bn1g3XwrFSVS2lt7KCQBBtrEzYShZgFBWizkSvj7Uz4vKJSHtIit/
pNQTJL3/XZEqJWba9OjBccLlwF8krQ1RiKblW1h0Td96Daf1M9atvznh+B0oLyCW
mtnx2MyWYOkYrAnQJBYxxKq+M550phvrKqwNB5FzIbQqy1riTAF2Dbvxo0pd41a5
2nD0
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:57:12 2026 by rpki-client