Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/0k4uhWX2tXs6kn4QDDQyW9bCkYc.roa
File: 0k4uhWX2tXs6kn4QDDQyW9bCkYc.roa (raw, json)
Hash identifier: 6Eugvm0/9Fesv15b1kgGMNxIPO6CcT7Ckl1hTPHgrgM=
Subject key identifier: D2:4E:2E:85:65:F6:B5:7B:3A:92:7E:10:0C:34:32:5B:D6:C2:91:87
Certificate issuer: /CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Certificate serial: 019B791148FF0A56E4FA5206793EE78E21C1
Authority key identifier: 3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/0k4uhWX2tXs6kn4QDDQyW9bCkYc.roa
Signing time: Thu 01 Jan 2026 10:18:54 +0000
ROA not before: Thu 01 Jan 2026 10:18:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43376
IP address blocks: 86.104.176.0/24 maxlen: 24
86.104.177.0/24 maxlen: 24
86.104.178.0/24 maxlen: 24
86.104.179.0/24 maxlen: 24
86.104.180.0/24 maxlen: 24
86.104.182.0/24 maxlen: 24
86.104.183.0/24 maxlen: 24
91.194.234.0/24 maxlen: 24
93.115.243.0/24 maxlen: 24
185.163.104.0/24 maxlen: 24
185.163.105.0/24 maxlen: 24
185.163.106.0/24 maxlen: 24
185.163.107.0/24 maxlen: 24
188.240.82.0/24 maxlen: 24
2001:67c:2170::/48 maxlen: 48
2a0b:8800::/48 maxlen: 48
2a0b:8800:1::/48 maxlen: 48
2a0b:8800:2::/48 maxlen: 48
2a0b:8800:3::/48 maxlen: 48
2a0b:8800:580::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:11:48:ff:0a:56:e4:fa:52:06:79:3e:e7:8e:21:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Validity
Not Before: Jan 1 10:18:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d24e2e8565f6b57b3a927e100c34325bd6c29187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:db:92:18:03:46:0d:4a:cf:22:4a:e7:51:5c:
38:7e:63:de:9b:1c:b0:0d:8d:9d:9f:34:68:5c:82:
77:a6:07:26:52:ae:a3:f5:da:f0:db:e5:18:b4:0b:
cf:e7:a4:bc:c4:9a:03:f1:35:5f:d2:72:1b:64:4f:
9d:80:7a:3d:85:74:4d:b5:0f:e8:1f:fa:7d:cc:54:
6f:5b:05:76:3c:79:0a:55:60:6e:64:16:92:b3:ee:
57:b0:23:7e:38:b1:4d:3c:6d:c1:cf:ed:4c:06:ac:
3c:35:07:c2:ac:6d:1d:68:52:8f:8c:b6:59:ff:3b:
b6:d1:92:33:93:4a:07:c2:5c:c0:56:a7:0c:92:c4:
11:59:25:6e:b7:4d:12:49:a3:6d:16:1d:3e:5d:c1:
29:2b:1f:8b:99:9b:bf:14:d5:bf:f4:a6:65:e6:eb:
bd:fa:fa:1b:4d:24:58:80:e2:94:3c:76:91:c3:ac:
c0:b2:f0:c0:04:87:6a:7f:45:be:15:57:cd:f8:72:
cc:ba:d0:8e:0e:19:1e:f7:d8:e5:2d:03:50:41:61:
f5:cd:83:af:97:d0:41:c4:b8:06:5a:8a:bd:f6:1c:
76:f8:2f:96:49:30:ce:70:75:9e:43:ad:99:4e:37:
a6:f1:70:c9:e4:09:ab:bd:3c:10:dc:45:10:10:c5:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4E:2E:85:65:F6:B5:7B:3A:92:7E:10:0C:34:32:5B:D6:C2:91:87
X509v3 Authority Key Identifier:
keyid:3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/0k4uhWX2tXs6kn4QDDQyW9bCkYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.176.0-86.104.180.255
86.104.182.0/23
91.194.234.0/24
93.115.243.0/24
185.163.104.0/22
188.240.82.0/24
IPv6:
2001:67c:2170::/48
2a0b:8800::/46
2a0b:8800:580::/48
Signature Algorithm: sha256WithRSAEncryption
93:9e:34:2b:5a:4d:54:c8:d1:13:df:7a:97:92:6e:fc:a3:a3:
c1:39:cc:45:f6:2f:96:51:ad:77:2b:2c:ef:e3:53:e7:69:28:
86:6d:40:8a:bc:c0:7a:ec:57:1e:66:a8:27:09:6b:1a:be:07:
7f:a5:06:58:6d:9a:ef:26:80:6a:a3:91:72:36:31:14:7e:c5:
3f:06:ab:7a:eb:87:00:57:b9:0b:4a:ef:8f:25:67:91:01:4a:
ac:fd:9d:7e:6a:be:d3:f9:7e:4a:e7:2a:10:60:b3:6d:a9:5b:
13:e1:cc:28:e2:fb:68:98:71:37:fc:64:a5:a5:91:4c:92:0e:
bc:9f:04:78:f6:da:48:c7:a2:47:dc:a7:c8:f4:01:29:3d:90:
19:25:c9:b9:1c:f3:8d:be:ca:26:47:a2:84:0d:70:30:34:1e:
0c:ff:1b:0b:07:25:81:7d:67:7c:5f:a1:8c:0b:61:5c:81:1e:
d3:f8:25:7e:a8:48:33:56:05:df:4f:0b:f4:8c:e0:a6:3b:23:
bb:ba:b4:b3:70:7e:fc:90:65:81:fa:fe:53:6c:d2:28:60:e1:
d9:b9:89:2b:ed:9a:f7:cc:da:fc:66:86:07:0b:7e:46:26:3a:
7d:e2:02:02:45:44:e8:25:3f:45:84:5e:ff:31:ff:8b:f0:57:
ad:5e:a1:ab
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZt5EUj/Clbk+lIGeT7njiHBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNTBkMWRkMzFiYzc0NDliYWNjMTg2NGIwMWFmOTk0YzU0
N2VmZDMwHhcNMjYwMTAxMTAxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjRlMmU4NTY1ZjZiNTdiM2E5MjdlMTAwYzM0MzI1YmQ2YzI5MTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9uSGANGDUrPIkrnUVw4fmPemxyw
DY2dnzRoXIJ3pgcmUq6j9drw2+UYtAvP56S8xJoD8TVf0nIbZE+dgHo9hXRNtQ/o
H/p9zFRvWwV2PHkKVWBuZBaSs+5XsCN+OLFNPG3Bz+1MBqw8NQfCrG0daFKPjLZZ
/zu20ZIzk0oHwlzAVqcMksQRWSVut00SSaNtFh0+XcEpKx+LmZu/FNW/9KZl5uu9
+vobTSRYgOKUPHaRw6zAsvDABIdqf0W+FVfN+HLMutCODhke99jlLQNQQWH1zYOv
l9BBxLgGWoq99hx2+C+WSTDOcHWeQ62ZTjem8XDJ5AmrvTwQ3EUQEMUEqwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFNJOLoVl9rV7OpJ+EAw0MlvWwpGHMB8GA1UdIwQY
MBaAFD5Q0d0xvHRJuswYZLAa+ZTFR+/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEt
NGYwNjUwZGE1NDViLzEvMGs0dWhXWDJ0WHM2a240UUREUXlXOWJDa1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEtNGYwNjUwZGE1NDVi
LzEvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAyBAIAATAsMAwDBARWaLAD
BABWaLQDBAFWaLYDBABbwuoDBABdc/MDBAK5o2gDBAC88FIwIQQCAAIwGwMHACAB
BnwhcAMHAioLiAAAAAMHACoLiAAFgDANBgkqhkiG9w0BAQsFAAOCAQEAk540K1pN
VMjRE996l5Ju/KOjwTnMRfYvllGtdyss7+NT52kohm1AirzAeuxXHmaoJwlrGr4H
f6UGWG2a7yaAaqORcjYxFH7FPwareuuHAFe5C0rvjyVnkQFKrP2dfmq+0/l+Sucq
EGCzbalbE+HMKOL7aJhxN/xkpaWRTJIOvJ8EePbaSMeiR9ynyPQBKT2QGSXJuRzz
jb7KJkeihA1wMDQeDP8bCwclgX1nfF+hjAthXIEe0/glfqhIM1YF308L9Izgpjsj
u7q0s3B+/JBlgfr+U2zSKGDh2bmJK+2a98za/GaGBwt+RiY6feICAkVE6CU/RYRe
/zH/i/BXrV6hqw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:36:57 2026 by rpki-client