Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/C6w6OnyaGaLXKt2ep9lzVxm0Fno.roa
File: C6w6OnyaGaLXKt2ep9lzVxm0Fno.roa (raw, json)
Hash identifier: frICVB5ClHVwxok02gXdecv4n7rH6iBhgS7U0lcYMyI=
Subject key identifier: 0B:AC:3A:3A:7C:9A:19:A2:D7:2A:DD:9E:A7:D9:73:57:19:B4:16:7A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019D3EA24FE7E656197C77B9CA1C6873BD9F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/C6w6OnyaGaLXKt2ep9lzVxm0Fno.roa
Signing time: Mon 30 Mar 2026 12:05:17 +0000
ROA not before: Mon 30 Mar 2026 12:05:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.225.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:a2:4f:e7:e6:56:19:7c:77:b9:ca:1c:68:73:bd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 30 12:05:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0bac3a3a7c9a19a2d72add9ea7d9735719b4167a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cb:f3:68:64:c2:5d:0d:4f:6d:f7:84:80:23:
d2:f5:a3:25:07:9a:28:c7:c7:07:7c:c9:50:39:c7:
26:29:10:15:8f:58:02:8b:b6:e4:68:ac:7c:e6:43:
63:2e:fb:a9:78:29:30:d5:8f:39:9f:ba:5b:e7:99:
6e:49:4f:e0:70:80:3f:4a:5b:33:8b:f2:e8:3a:ca:
90:cc:b6:f5:5c:8f:03:1e:04:5c:3b:a6:7c:0a:ec:
79:fe:1a:28:59:d4:28:4d:3c:8e:62:bb:9f:20:8a:
30:23:34:14:5a:93:aa:48:b3:de:a4:89:da:8f:b7:
54:73:e0:16:95:32:a8:25:51:0a:6d:10:6f:17:79:
df:9f:38:8b:b8:41:1f:56:15:41:44:4b:9b:57:13:
8b:82:b2:08:19:01:af:d5:54:d5:50:34:23:53:ac:
a7:95:7a:fc:fe:09:92:b6:1e:57:8f:bb:44:20:ab:
b8:b8:11:56:a2:89:03:c5:1b:f4:86:4f:27:2b:38:
59:25:2a:02:66:e2:1a:bf:35:2e:d8:53:db:73:9f:
5d:ae:29:8a:06:bb:e8:f0:af:3c:4f:c5:cc:a8:e3:
a0:70:4b:4f:29:f2:b3:3d:85:89:f6:88:73:47:74:
69:88:3b:c5:e7:dc:84:5b:52:07:af:04:b9:e2:ce:
eb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AC:3A:3A:7C:9A:19:A2:D7:2A:DD:9E:A7:D9:73:57:19:B4:16:7A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/C6w6OnyaGaLXKt2ep9lzVxm0Fno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0-159.148.226.255
Signature Algorithm: sha256WithRSAEncryption
14:09:bf:00:0e:ce:1c:7e:25:46:6b:e2:f4:46:db:02:91:48:
0e:52:dc:ab:ab:39:a8:75:93:c1:1e:67:e5:9e:ce:b5:f6:8c:
78:4c:7e:ad:10:80:86:c9:d6:60:f2:b0:a3:ce:eb:8f:bd:5b:
f4:aa:a7:6f:5f:7e:ae:58:36:0e:e3:49:f1:97:ed:ad:6d:3b:
62:30:2d:30:81:79:11:14:52:77:9a:3f:88:28:3b:30:f0:db:
05:0d:41:09:6c:ad:0c:ff:70:87:19:2f:3d:91:4a:a2:30:98:
61:c7:64:00:a5:65:61:93:21:3b:88:4a:d1:a9:d4:2c:09:7e:
12:ec:a5:36:ed:7c:8d:fb:0c:c5:9d:a1:2b:61:d8:c6:f9:6d:
41:b9:73:64:65:4f:6a:c4:ba:b2:7c:d9:34:c1:69:ad:41:11:
d6:2c:0f:b9:4b:1f:b0:e1:be:73:fe:b2:22:e4:53:6c:49:72:
68:59:a7:61:a3:bb:41:5e:ea:10:10:4a:db:47:9d:22:e6:4b:
28:cd:f3:dd:e6:d7:a6:87:49:aa:1f:47:fb:50:f1:60:24:9f:
35:cc:d5:34:9e:ce:0f:1c:f9:2d:83:9c:83:87:b0:02:80:97:
41:83:2f:7c:bc:35:0c:75:da:cd:b0:bd:00:66:84:37:57:c9:
ba:0e:db:67
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ0+ok/n5lYZfHe5yhxoc72fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMzMwMTIwNTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmFjM2EzYTdjOWExOWEyZDcyYWRkOWVhN2Q5NzM1NzE5YjQxNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcvzaGTCXQ1PbfeEgCPS9aMlB5oo
x8cHfMlQOccmKRAVj1gCi7bkaKx85kNjLvupeCkw1Y85n7pb55luSU/gcIA/Slsz
i/LoOsqQzLb1XI8DHgRcO6Z8Cux5/hooWdQoTTyOYrufIIowIzQUWpOqSLPepIna
j7dUc+AWlTKoJVEKbRBvF3nfnziLuEEfVhVBREubVxOLgrIIGQGv1VTVUDQjU6yn
lXr8/gmSth5Xj7tEIKu4uBFWookDxRv0hk8nKzhZJSoCZuIavzUu2FPbc59drimK
Brvo8K88T8XMqOOgcEtPKfKzPYWJ9ohzR3RpiDvF59yEW1IHrwS54s7rDQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAusOjp8mhmi1yrdnqfZc1cZtBZ6MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQzZ3Nk9ueWFHYUxYS3QyZXA5bHpWeG0wRm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4MAwDBAWflOADBACflOIwDQYJKoZIhvcNAQELBQADggEB
ABQJvwAOzhx+JUZr4vRG2wKRSA5S3KurOah1k8EeZ+WezrX2jHhMfq0QgIbJ1mDy
sKPO64+9W/Sqp29ffq5YNg7jSfGX7a1tO2IwLTCBeREUUneaP4goOzDw2wUNQQls
rQz/cIcZLz2RSqIwmGHHZAClZWGTITuIStGp1CwJfhLspTbtfI37DMWdoSth2Mb5
bUG5c2RlT2rEurJ82TTBaa1BEdYsD7lLH7DhvnP+siLkU2xJcmhZp2Gju0Fe6hAQ
SttHnSLmSyjN893m16aHSaofR/tQ8WAknzXM1TSezg8c+S2DnIOHsAKAl0GDL3y8
NQx12s2wvQBmhDdXyboO22c=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:41:29 2026 by rpki-client