Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/6CjF8Jlu6tuK8zsCRGmRKkMW1aY.roa
File: 6CjF8Jlu6tuK8zsCRGmRKkMW1aY.roa (raw, json)
Hash identifier: cbJEUas+h/1ENIgGWWNamGqYchFhfCj4L7NJTrlZrxc=
Subject key identifier: E8:28:C5:F0:99:6E:EA:DB:8A:F3:3B:02:44:69:91:2A:43:16:D5:A6
Certificate issuer: /CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Certificate serial: 019D678C7C68E78F44434D05C6B577CF7557
Authority key identifier: EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/6CjF8Jlu6tuK8zsCRGmRKkMW1aY.roa
Signing time: Tue 07 Apr 2026 10:45:53 +0000
ROA not before: Tue 07 Apr 2026 10:45:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34476
IP address blocks: 45.139.200.0/22 maxlen: 24
152.114.206.0/24 maxlen: 24
153.56.155.0/24 maxlen: 24
185.86.82.0/24 maxlen: 24
185.254.94.0/24 maxlen: 24
212.102.103.0/24 maxlen: 24
2a0f:8c80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:8c:7c:68:e7:8f:44:43:4d:05:c6:b5:77:cf:75:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee2259f158b9aa76aad0b1adfa62c1eed4559d14
Validity
Not Before: Apr 7 10:45:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e828c5f0996eeadb8af33b024469912a4316d5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:dd:57:49:9e:aa:29:e5:16:aa:0a:c4:d9:7f:
c6:9d:4b:42:d0:85:bd:70:5b:c0:62:a5:75:59:4a:
60:a6:14:21:70:95:3e:56:28:62:f3:93:45:07:ac:
c1:f8:95:cc:65:1a:7a:83:a4:4a:5e:bd:e0:87:c4:
56:df:51:5a:b0:63:30:b6:55:32:29:d7:16:8e:d1:
c3:bf:27:cc:3a:23:f5:a8:11:96:c6:0f:76:55:c9:
e2:7e:98:60:5e:59:2a:de:af:38:cf:f7:47:53:04:
f5:40:9e:75:18:16:5c:c7:f7:6b:a2:5e:82:a5:05:
b9:82:ee:a1:69:e7:49:a6:d4:55:3f:57:1b:f3:65:
a7:04:6f:7a:a0:85:30:45:ee:e0:e7:da:8c:a9:ca:
9c:88:8f:8e:02:5f:fe:cc:bc:ed:4b:c1:6b:d5:6a:
42:8d:7f:cd:86:e8:b6:56:0c:f8:db:87:fb:29:19:
bb:a5:17:66:60:aa:36:79:6b:b3:cf:59:df:fd:57:
c2:ed:dd:62:1f:e2:70:fb:72:69:a2:13:a2:be:19:
ba:4f:1e:30:eb:33:cb:67:2a:f0:29:59:f3:fc:ef:
4c:4b:10:15:f6:87:8f:91:10:d2:a2:6d:44:ec:cd:
5c:5b:05:f1:37:84:a2:52:37:55:d4:59:50:0a:ce:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:28:C5:F0:99:6E:EA:DB:8A:F3:3B:02:44:69:91:2A:43:16:D5:A6
X509v3 Authority Key Identifier:
keyid:EE:22:59:F1:58:B9:AA:76:AA:D0:B1:AD:FA:62:C1:EE:D4:55:9D:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/6CjF8Jlu6tuK8zsCRGmRKkMW1aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/41012e-7885-4f40-bdf4-3497ce1b71bf/1/7iJZ8Vi5qnaq0LGt-mLB7tRVnRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.200.0/22
152.114.206.0/24
153.56.155.0/24
185.86.82.0/24
185.254.94.0/24
212.102.103.0/24
IPv6:
2a0f:8c80::/29
Signature Algorithm: sha256WithRSAEncryption
0f:47:0b:2a:73:a2:3f:44:51:54:5a:5e:87:7a:f8:2a:f8:8b:
0e:b6:a7:4d:4b:8e:fd:7c:b1:f8:bf:e5:a0:8f:3b:4f:9d:6a:
af:d1:24:83:b4:fc:fa:ca:85:af:9b:4d:ef:37:90:ef:80:e7:
7f:9f:85:e4:1c:93:6e:58:44:fb:f5:a1:aa:74:1a:5b:68:87:
98:28:1d:51:0e:49:2e:ae:35:52:09:00:32:c1:be:9c:4e:83:
34:b4:4f:57:33:61:73:c3:91:08:0c:b9:f2:a4:21:5e:04:9e:
a9:c4:9f:43:4a:0b:61:b6:fd:11:cf:c7:6d:e8:e4:c7:51:5d:
00:b2:04:5e:47:71:f5:60:57:87:69:d3:94:6c:b6:e7:43:b8:
d2:b3:cc:bd:cc:01:42:94:e1:98:94:44:79:03:5f:2c:60:0d:
98:48:98:f0:7c:35:03:43:d0:fe:8b:0c:d4:3c:27:c1:7c:a3:
29:54:4e:45:31:44:d0:9e:e2:07:fc:f8:ba:fc:41:f8:f6:a3:
1b:b6:65:70:1d:7f:9a:cc:5a:6d:5e:f6:8f:6f:e7:b0:a4:c9:
5c:4f:f1:2e:8d:5e:d7:1d:e3:47:20:16:7c:51:63:e7:8a:54:
4e:32:f1:a1:c0:7f:69:88:64:df:1a:31:23:e0:c9:57:a2:6c:
14:e5:28:7e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ1njHxo549EQ00FxrV3z3VXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMjI1OWYxNThiOWFhNzZhYWQwYjFhZGZhNjJjMWVlZDQ1
NTlkMTQwHhcNMjYwNDA3MTA0NTUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODI4YzVmMDk5NmVlYWRiOGFmMzNiMDI0NDY5OTEyYTQzMTZkNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN1XSZ6qKeUWqgrE2X/GnUtC0IW9
cFvAYqV1WUpgphQhcJU+Vihi85NFB6zB+JXMZRp6g6RKXr3gh8RW31FasGMwtlUy
KdcWjtHDvyfMOiP1qBGWxg92VcnifphgXlkq3q84z/dHUwT1QJ51GBZcx/drol6C
pQW5gu6haedJptRVP1cb82WnBG96oIUwRe7g59qMqcqciI+OAl/+zLztS8Fr1WpC
jX/Nhui2Vgz424f7KRm7pRdmYKo2eWuzz1nf/VfC7d1iH+Jw+3JpohOivhm6Tx4w
6zPLZyrwKVnz/O9MSxAV9oePkRDSom1E7M1cWwXxN4SiUjdV1FlQCs5+BwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOgoxfCZburbivM7AkRpkSpDFtWmMB8GA1UdIwQY
MBaAFO4iWfFYuap2qtCxrfpiwe7UVZ0UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQt
MzQ5N2NlMWI3MWJmLzEvNkNqRjhKbHU2dHVLOHpzQ1JHbVJLa01XMWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80MTAxMmUtNzg4NS00ZjQwLWJkZjQtMzQ5N2NlMWI3MWJm
LzEvN2lKWjhWaTVxbmFxMExHdC1tTEI3dFJWblJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYvIAwQA
mHLOAwQAmTibAwQAuVZSAwQAuf5eAwQA1GZnMA0EAgACMAcDBQMqD4yAMA0GCSqG
SIb3DQEBCwUAA4IBAQAPRwsqc6I/RFFUWl6Hevgq+IsOtqdNS479fLH4v+WgjztP
nWqv0SSDtPz6yoWvm03vN5DvgOd/n4XkHJNuWET79aGqdBpbaIeYKB1RDkkurjVS
CQAywb6cToM0tE9XM2Fzw5EIDLnypCFeBJ6pxJ9DSgthtv0Rz8dt6OTHUV0AsgRe
R3H1YFeHadOUbLbnQ7jSs8y9zAFClOGYlER5A18sYA2YSJjwfDUDQ9D+iwzUPCfB
fKMpVE5FMUTQnuIH/Pi6/EH49qMbtmVwHX+azFptXvaPb+ewpMlcT/EujV7XHeNH
IBZ8UWPnilROMvGhwH9piGTfGjEj4MlXomwU5Sh+
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:43:02 2026 by rpki-client