Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/q6FdEbUTkcmQxKz71XoZa0Aun_k.roa
File: q6FdEbUTkcmQxKz71XoZa0Aun_k.roa (raw, json)
Hash identifier: Jsw8sTSd/nzWh2DV/v+wn+93UYk6RFxUeX5+lJ7woas=
Subject key identifier: AB:A1:5D:11:B5:13:91:C9:90:C4:AC:FB:D5:7A:19:6B:40:2E:9F:F9
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019CA01F8A20718033B124E4F246D21AFC89
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/q6FdEbUTkcmQxKz71XoZa0Aun_k.roa
Signing time: Fri 27 Feb 2026 17:22:27 +0000
ROA not before: Fri 27 Feb 2026 17:22:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 138.249.0.0/24 maxlen: 24
138.249.1.0/24 maxlen: 24
138.249.14.0/24 maxlen: 24
170.168.4.0/24 maxlen: 24
170.168.5.0/24 maxlen: 24
170.168.26.0/24 maxlen: 24
170.168.27.0/24 maxlen: 24
170.168.32.0/24 maxlen: 24
170.168.41.0/24 maxlen: 24
170.168.43.0/24 maxlen: 24
170.168.48.0/24 maxlen: 24
170.168.49.0/24 maxlen: 24
170.168.50.0/24 maxlen: 24
170.168.51.0/24 maxlen: 24
170.168.112.0/24 maxlen: 24
170.168.113.0/24 maxlen: 24
170.168.117.0/24 maxlen: 24
170.168.118.0/24 maxlen: 24
170.168.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:1f:8a:20:71:80:33:b1:24:e4:f2:46:d2:1a:fc:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Feb 27 17:22:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aba15d11b51391c990c4acfbd57a196b402e9ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1b:fa:2e:93:25:65:c9:24:6b:2e:90:96:1e:
83:24:d5:b8:df:4b:d7:b1:6a:46:dc:ef:d4:8c:79:
7d:42:5c:aa:3b:ad:28:28:4b:92:a9:5d:d2:cd:e6:
39:6b:d5:97:38:2c:96:38:d4:c9:84:7b:27:27:7d:
40:62:a6:13:5a:99:f7:d3:9b:13:8f:b7:5f:d4:c1:
2f:22:19:d3:36:2e:3e:58:c8:a6:d7:78:39:2a:00:
e8:ad:fa:d4:2e:4b:0a:0d:24:0d:d9:75:71:a1:45:
80:80:0f:72:89:9d:fc:9a:69:88:7d:17:00:90:22:
0a:0e:1b:0a:4b:14:17:e6:c8:36:31:02:14:d6:a9:
37:d0:7c:ba:ad:6b:7e:e3:5b:f1:49:55:96:80:05:
f6:86:0d:90:18:51:d3:f9:a7:5d:62:3c:02:eb:bc:
a2:f0:d1:a6:a1:4c:bb:b7:86:44:1f:f5:05:b5:cb:
0d:a1:8c:ac:74:45:ec:23:97:81:69:9c:a5:24:07:
a0:ca:21:e7:58:8a:7f:69:76:f4:f3:0a:74:1a:15:
a2:3e:7b:13:9b:b3:c6:3a:fd:f4:a6:82:f5:81:7a:
fb:ba:f1:54:d3:38:11:8c:fc:66:51:ae:55:b5:ea:
cb:12:ab:c7:45:db:80:b7:7a:45:b6:e7:67:21:c5:
df:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:A1:5D:11:B5:13:91:C9:90:C4:AC:FB:D5:7A:19:6B:40:2E:9F:F9
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/q6FdEbUTkcmQxKz71XoZa0Aun_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.0.0/23
138.249.14.0/24
170.168.4.0/23
170.168.26.0/23
170.168.32.0/24
170.168.41.0/24
170.168.43.0/24
170.168.48.0/22
170.168.112.0/23
170.168.117.0-170.168.119.255
Signature Algorithm: sha256WithRSAEncryption
50:12:85:59:1e:46:10:80:a9:0e:f9:ea:c8:92:22:60:f9:38:
ef:54:11:5b:12:9a:ef:2f:5c:07:a0:54:a0:8a:66:7a:00:4c:
cf:71:f1:f0:7b:3c:00:a2:a6:02:6a:20:b1:1d:4b:6e:b5:69:
60:1e:02:c4:87:24:27:e8:53:d9:64:48:94:71:fb:45:fe:91:
00:e2:63:e1:13:68:97:2a:f7:d3:7c:7b:d5:c6:28:e3:e4:2c:
ca:09:4d:8f:d8:f5:29:b2:6d:e1:b5:1f:a8:8c:3f:20:91:9a:
a5:60:92:2d:85:5a:ab:fd:03:6d:30:b6:d5:a4:d3:4f:60:fb:
d7:a9:1a:1c:c0:81:e3:54:70:b3:3b:55:1c:95:86:2e:12:22:
76:7f:c0:e5:02:b9:6e:ef:f5:5f:17:5f:e1:d2:48:01:3f:28:
ca:25:6b:00:71:eb:34:98:3e:da:97:87:46:e7:25:25:19:ca:
e4:29:53:cc:f0:c1:0a:5d:4c:fd:64:1e:18:c9:48:21:11:03:
3e:7e:81:48:fc:98:30:69:cc:b0:5f:16:a0:3e:b9:80:08:d8:
7c:b9:df:51:af:0b:35:0d:a0:bd:d2:21:f5:4f:07:90:15:bf:
3f:20:33:26:44:74:a4:09:0b:26:a2:dd:a0:d9:47:73:e1:d3:
12:f2:66:e4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZygH4ogcYAzsSTk8kbSGvyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwMjI3MTcyMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmExNWQxMWI1MTM5MWM5OTBjNGFjZmJkNTdhMTk2YjQwMmU5ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxv6LpMlZckkay6Qlh6DJNW430vX
sWpG3O/UjHl9QlyqO60oKEuSqV3SzeY5a9WXOCyWONTJhHsnJ31AYqYTWpn305sT
j7df1MEvIhnTNi4+WMim13g5KgDorfrULksKDSQN2XVxoUWAgA9yiZ38mmmIfRcA
kCIKDhsKSxQX5sg2MQIU1qk30Hy6rWt+41vxSVWWgAX2hg2QGFHT+addYjwC67yi
8NGmoUy7t4ZEH/UFtcsNoYysdEXsI5eBaZylJAegyiHnWIp/aXb08wp0GhWiPnsT
m7PGOv30poL1gXr7uvFU0zgRjPxmUa5VterLEqvHRduAt3pFtudnIcXf1QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKuhXRG1E5HJkMSs+9V6GWtALp/5MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvcTZGZEViVVRrY21ReEt6NzFYb1phMEF1bl9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBivkAAwQA
ivkOAwQBqqgEAwQBqqgaAwQAqqggAwQAqqgpAwQAqqgrAwQCqqgwAwQBqqhwMAwD
BACqqHUDBAOqqHAwDQYJKoZIhvcNAQELBQADggEBAFAShVkeRhCAqQ756siSImD5
OO9UEVsSmu8vXAegVKCKZnoATM9x8fB7PACipgJqILEdS261aWAeAsSHJCfoU9lk
SJRx+0X+kQDiY+ETaJcq99N8e9XGKOPkLMoJTY/Y9SmybeG1H6iMPyCRmqVgki2F
Wqv9A20wttWk009g+9epGhzAgeNUcLM7VRyVhi4SInZ/wOUCuW7v9V8XX+HSSAE/
KMolawBx6zSYPtqXh0bnJSUZyuQpU8zwwQpdTP1kHhjJSCERAz5+gUj8mDBpzLBf
FqA+uYAI2Hy531GvCzUNoL3SIfVPB5AVvz8gMyZEdKQJCyai3aDZR3Ph0xLyZuQ=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:06:22 2026 by rpki-client