Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0H6OsPKc9Cn6xVwU-sMeX-aEEII.roa
File: 0H6OsPKc9Cn6xVwU-sMeX-aEEII.roa (raw, json)
Hash identifier: xwsVWakw+x28jhWY0Coi0m/7f/xKAGYT9zdsjIu1sdk=
Subject key identifier: D0:7E:8E:B0:F2:9C:F4:29:FA:C5:5C:14:FA:C3:1E:5F:E6:84:10:82
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019E98B79AB134941D077EB3705A03C80765
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0H6OsPKc9Cn6xVwU-sMeX-aEEII.roa
Signing time: Fri 05 Jun 2026 16:57:09 +0000
ROA not before: Fri 05 Jun 2026 16:57:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397044
IP address blocks: 94.131.52.0/24 maxlen: 24
94.131.55.0/24 maxlen: 24
94.131.57.0/24 maxlen: 24
94.131.58.0/24 maxlen: 24
94.131.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:b7:9a:b1:34:94:1d:07:7e:b3:70:5a:03:c8:07:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jun 5 16:57:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d07e8eb0f29cf429fac55c14fac31e5fe6841082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f2:c5:d0:4b:8e:91:1f:05:3b:98:c0:2c:c1:
2c:21:b1:00:5b:6f:94:62:81:eb:19:35:8e:e3:75:
77:e1:74:d9:d8:a0:ea:46:e2:8d:7e:57:f0:11:2b:
ab:92:e8:96:50:49:90:94:26:83:e9:e7:b7:4b:83:
5b:ac:51:a6:ae:01:44:41:95:67:ae:a8:d7:30:8a:
ff:d1:be:60:00:50:11:11:4b:46:fb:3b:84:e8:62:
63:33:28:a4:77:72:b2:5b:87:0c:b9:ab:4c:e7:15:
23:93:d5:64:58:9b:37:21:7c:40:96:89:2f:7b:b0:
bd:37:af:67:e7:cf:b4:7d:d9:4b:14:cf:07:b2:6a:
94:3a:2e:87:57:2b:2d:06:e6:b3:6a:e7:b6:a2:eb:
dc:02:e9:38:df:9f:2b:4a:5e:c8:dd:69:eb:10:39:
49:73:36:6a:f4:f8:f6:81:04:51:f3:27:8f:cc:f6:
5a:94:e4:6d:c1:d0:20:a5:30:68:64:73:c3:b1:d3:
4f:d3:db:5f:0b:e0:9a:61:73:c7:f3:f2:37:d4:6b:
85:b2:16:8c:91:fb:fc:d9:46:bc:a5:12:24:6a:46:
b8:2e:81:d8:e3:99:03:ac:67:ce:9d:c3:53:13:b6:
9b:0a:4e:38:50:7d:7c:9a:21:e2:cc:e9:0e:06:e9:
df:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:7E:8E:B0:F2:9C:F4:29:FA:C5:5C:14:FA:C3:1E:5F:E6:84:10:82
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0H6OsPKc9Cn6xVwU-sMeX-aEEII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.52.0/24
94.131.55.0/24
94.131.57.0-94.131.59.255
Signature Algorithm: sha256WithRSAEncryption
2a:df:b0:18:52:38:2f:eb:75:62:dc:e9:26:42:88:5e:26:36:
9e:0f:3b:af:15:6e:f6:78:ec:25:88:74:bd:c0:7f:13:ff:8a:
f5:ba:84:82:f0:c2:27:fd:3b:ff:21:6f:9f:70:97:aa:65:da:
1a:a1:58:5d:8b:3e:be:36:55:cd:7a:fc:62:f6:47:bc:cd:f1:
c8:e4:a5:37:10:73:92:01:39:15:3f:2a:97:c0:e5:1f:c6:26:
62:52:ef:f6:4e:4d:4b:ee:9b:f8:8f:fa:dc:70:09:e1:5e:34:
ca:2b:9a:ed:d6:d8:99:55:e2:f2:d3:09:08:b9:3e:18:0f:34:
02:c9:8e:56:e6:a3:02:46:b4:b6:61:4a:b2:f6:76:d4:c8:5c:
88:c4:15:0f:b7:64:45:a8:56:6c:bd:fe:2c:d1:f7:29:da:a6:
29:ca:dc:3c:0e:d2:35:f0:de:25:e7:ec:44:a2:84:bd:ba:82:
3b:a8:a9:1f:c0:21:df:eb:c8:ac:74:75:98:41:c4:ef:4b:12:
01:7b:82:70:bf:37:c6:47:f2:fc:4b:cf:b0:1d:3e:63:98:70:
ab:44:70:43:7e:3c:0c:e0:55:b3:56:70:84:d6:6d:89:d6:8e:
84:11:e5:ba:47:7d:77:3a:fc:b9:5e:cf:b0:c0:89:e5:06:08:
40:b0:6b:03
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ6Yt5qxNJQdB36zcFoDyAdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjYwNjA1MTY1NzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDdlOGViMGYyOWNmNDI5ZmFjNTVjMTRmYWMzMWU1ZmU2ODQxMDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfLF0EuOkR8FO5jALMEsIbEAW2+U
YoHrGTWO43V34XTZ2KDqRuKNflfwESurkuiWUEmQlCaD6ee3S4NbrFGmrgFEQZVn
rqjXMIr/0b5gAFAREUtG+zuE6GJjMyikd3KyW4cMuatM5xUjk9VkWJs3IXxAlokv
e7C9N69n58+0fdlLFM8HsmqUOi6HVystBuazaue2ouvcAuk4358rSl7I3WnrEDlJ
czZq9Pj2gQRR8yePzPZalORtwdAgpTBoZHPDsdNP09tfC+CaYXPH8/I31GuFshaM
kfv82Ua8pRIkaka4LoHY45kDrGfOncNTE7abCk44UH18miHizOkOBunfFQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNB+jrDynPQp+sVcFPrDHl/mhBCCMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMEg2T3NQS2M5Q242eFZ3VS1zTWVYLWFFRUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXoM0AwQA
XoM3MAwDBABegzkDBAJegzgwDQYJKoZIhvcNAQELBQADggEBACrfsBhSOC/rdWLc
6SZCiF4mNp4PO68VbvZ47CWIdL3AfxP/ivW6hILwwif9O/8hb59wl6pl2hqhWF2L
Pr42Vc16/GL2R7zN8cjkpTcQc5IBORU/KpfA5R/GJmJS7/ZOTUvum/iP+txwCeFe
NMormu3W2JlV4vLTCQi5PhgPNALJjlbmowJGtLZhSrL2dtTIXIjEFQ+3ZEWoVmy9
/izR9ynapinK3DwO0jXw3iXn7ESihL26gjuoqR/AId/ryKx0dZhBxO9LEgF7gnC/
N8ZH8vxLz7AdPmOYcKtEcEN+PAzgVbNWcITWbYnWjoQR5bpHfXc6/Llez7DAieUG
CECwawM=
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:08:01 2026 by rpki-client