Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/2xyGd4qEniBlKou_7ihYJc4dy5Y.roa
File: 2xyGd4qEniBlKou_7ihYJc4dy5Y.roa (raw, json)
Hash identifier: lqEk1LL+Y5wccVFTi2AQMzn54se+0I/4Xp16c+5zeQA=
Subject key identifier: DB:1C:86:77:8A:84:9E:20:65:2A:8B:BF:EE:28:58:25:CE:1D:CB:96
Certificate issuer: /CN=b65e3b74fc934b092193aded7eca01da1ef186ad
Certificate serial: 019C96D991D7A768FA8881B7F76B29B6ED22
Authority key identifier: B6:5E:3B:74:FC:93:4B:09:21:93:AD:ED:7E:CA:01:DA:1E:F1:86:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tl47dPyTSwkhk63tfsoB2h7xhq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/2xyGd4qEniBlKou_7ihYJc4dy5Y.roa
Signing time: Wed 25 Feb 2026 22:09:26 +0000
ROA not before: Wed 25 Feb 2026 22:09:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60491
IP address blocks: 185.30.92.0/22 maxlen: 22
185.30.92.0/23 maxlen: 23
185.30.94.0/24 maxlen: 24
185.30.95.0/24 maxlen: 24
2a00:afe0::/32 maxlen: 32
2a00:afe1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/tl47dPyTSwkhk63tfsoB2h7xhq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/tl47dPyTSwkhk63tfsoB2h7xhq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/tl47dPyTSwkhk63tfsoB2h7xhq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:96:d9:91:d7:a7:68:fa:88:81:b7:f7:6b:29:b6:ed:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b65e3b74fc934b092193aded7eca01da1ef186ad
Validity
Not Before: Feb 25 22:09:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db1c86778a849e20652a8bbfee285825ce1dcb96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e7:1b:35:9c:7f:fb:6a:7f:18:1e:cc:7a:13:
44:fb:75:0e:0f:43:a9:1a:e7:97:28:56:c7:b6:9c:
7e:47:78:f2:a2:4d:ba:fb:4d:4c:40:a9:c2:b5:d1:
2b:b1:6e:c6:2e:0e:2d:95:ed:fb:b9:0d:3c:29:dd:
16:2c:22:02:3f:eb:4d:82:52:fb:dc:b0:0d:c1:c2:
5c:6c:47:a6:9a:75:c1:9e:6e:63:c1:56:c4:de:9b:
83:a9:ab:b6:93:c7:78:bd:7a:ff:b9:08:94:7e:df:
70:9f:66:95:a8:80:34:42:ff:f2:3d:24:1c:33:78:
0f:bd:b8:2f:f5:73:e2:ad:b9:c3:91:80:bd:12:29:
0f:84:3e:c2:d0:76:af:3e:76:3b:f9:d7:47:a7:fa:
d1:e1:1a:98:12:ea:0d:ab:ce:b2:15:39:78:85:9e:
66:5c:70:fe:91:cc:e9:79:7d:a3:05:6e:4e:95:41:
c2:92:d7:ae:fb:5e:ca:33:15:32:1d:04:d7:68:4c:
45:60:f9:0e:4a:42:9e:67:fa:c2:5e:54:0a:84:40:
17:45:f9:6c:96:0e:3b:14:55:b8:a1:72:2d:4d:43:
f4:39:25:46:ec:95:54:ed:d9:66:25:78:38:64:c4:
d8:80:88:ce:6b:e1:15:56:a7:14:11:12:1a:0a:fc:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:86:77:8A:84:9E:20:65:2A:8B:BF:EE:28:58:25:CE:1D:CB:96
X509v3 Authority Key Identifier:
keyid:B6:5E:3B:74:FC:93:4B:09:21:93:AD:ED:7E:CA:01:DA:1E:F1:86:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tl47dPyTSwkhk63tfsoB2h7xhq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/2xyGd4qEniBlKou_7ihYJc4dy5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/f59f8e-f544-4fbe-95c3-cff00e4cd2be/1/tl47dPyTSwkhk63tfsoB2h7xhq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.92.0/22
IPv6:
2a00:afe0::/31
Signature Algorithm: sha256WithRSAEncryption
51:b9:d8:40:eb:0b:2e:d6:71:95:60:c4:fe:33:8e:33:d2:a4:
20:62:0c:08:87:33:b7:07:8f:84:46:ca:d6:d4:8e:41:b0:ce:
50:6c:bc:95:d8:c5:8b:44:78:1e:df:69:1c:90:7a:59:22:1d:
fb:ff:96:10:09:3d:87:c1:66:5f:95:0a:5c:64:1b:df:fd:93:
37:be:3a:c5:69:bc:e4:46:a8:ff:20:31:a3:c0:34:13:2a:56:
7c:17:89:68:46:db:16:3f:de:62:2b:0a:b8:cc:66:b0:fa:e1:
a1:86:ff:5c:fb:88:ce:64:e3:9e:03:cc:e3:98:0c:26:5b:62:
b7:ba:c6:55:32:3a:06:99:7b:7f:a4:cc:47:dd:ff:fc:a4:b1:
15:9d:05:1f:e6:74:85:4a:58:60:27:1f:86:ab:a6:28:db:c3:
82:1a:a3:cb:a0:a0:5c:d6:c4:cf:59:6d:a9:00:be:3c:1a:b0:
77:37:31:eb:df:09:19:88:71:60:88:9b:30:09:9b:d3:43:dc:
bc:16:f8:90:57:26:6f:08:42:f4:8b:90:c7:21:d7:4b:8c:44:
3b:f7:34:74:60:47:1b:5c:ec:d2:8b:0b:b3:99:c2:c5:26:6a:
22:b6:81:8c:07:b7:2b:ee:bf:33:ed:ce:eb:30:64:98:7c:63:
62:06:cb:5a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZyW2ZHXp2j6iIG392sptu0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NWUzYjc0ZmM5MzRiMDkyMTkzYWRlZDdlY2EwMWRhMWVm
MTg2YWQwHhcNMjYwMjI1MjIwOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFjODY3NzhhODQ5ZTIwNjUyYThiYmZlZTI4NTgyNWNlMWRjYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArucbNZx/+2p/GB7MehNE+3UOD0Op
GueXKFbHtpx+R3jyok26+01MQKnCtdErsW7GLg4tle37uQ08Kd0WLCICP+tNglL7
3LANwcJcbEemmnXBnm5jwVbE3puDqau2k8d4vXr/uQiUft9wn2aVqIA0Qv/yPSQc
M3gPvbgv9XPirbnDkYC9EikPhD7C0HavPnY7+ddHp/rR4RqYEuoNq86yFTl4hZ5m
XHD+kczpeX2jBW5OlUHCkteu+17KMxUyHQTXaExFYPkOSkKeZ/rCXlQKhEAXRfls
lg47FFW4oXItTUP0OSVG7JVU7dlmJXg4ZMTYgIjOa+EVVqcUERIaCvxZ+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNschneKhJ4gZSqLv+4oWCXOHcuWMB8GA1UdIwQY
MBaAFLZeO3T8k0sJIZOt7X7KAdoe8YatMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGw0N2RQeVRTd2toazYzdGZzb0IyaDd4aHEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9mNTlmOGUtZjU0NC00ZmJlLTk1YzMt
Y2ZmMDBlNGNkMmJlLzEvMnh5R2Q0cUVuaUJsS291XzdpaFlKYzRkeTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9mNTlmOGUtZjU0NC00ZmJlLTk1YzMtY2ZmMDBlNGNkMmJl
LzEvdGw0N2RQeVRTd2toazYzdGZzb0IyaDd4aHEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR5cMA0E
AgACMAcDBQEqAK/gMA0GCSqGSIb3DQEBCwUAA4IBAQBRudhA6wsu1nGVYMT+M44z
0qQgYgwIhzO3B4+ERsrW1I5BsM5QbLyV2MWLRHge32kckHpZIh37/5YQCT2HwWZf
lQpcZBvf/ZM3vjrFabzkRqj/IDGjwDQTKlZ8F4loRtsWP95iKwq4zGaw+uGhhv9c
+4jOZOOeA8zjmAwmW2K3usZVMjoGmXt/pMxH3f/8pLEVnQUf5nSFSlhgJx+Gq6Yo
28OCGqPLoKBc1sTPWW2pAL48GrB3NzHr3wkZiHFgiJswCZvTQ9y8FviQVyZvCEL0
i5DHIddLjEQ79zR0YEcbXOzSiwuzmcLFJmoitoGMB7cr7r8z7c7rMGSYfGNiBsta
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:31:44 2026 by rpki-client