Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/m_r6hctErR3_jgQlPwKkgnBk2tU.roa
File: m_r6hctErR3_jgQlPwKkgnBk2tU.roa (raw, json)
Hash identifier: KXx40jXtbmtw6ajhFP0DQOuS7ckxrGITSIMdiBIrYtg=
Subject key identifier: 9B:FA:FA:85:CB:44:AD:1D:FF:8E:04:25:3F:02:A4:82:70:64:DA:D5
Certificate issuer: /CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Certificate serial: 019EB6F29492B6FE53E568099D917986AEEC
Authority key identifier: 32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/m_r6hctErR3_jgQlPwKkgnBk2tU.roa
Signing time: Thu 11 Jun 2026 13:50:11 +0000
ROA not before: Thu 11 Jun 2026 13:50:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203020
IP address blocks: 65.38.102.0/23 maxlen: 32
65.38.104.0/23 maxlen: 32
66.45.17.0/24 maxlen: 32
66.45.18.0/23 maxlen: 32
66.45.38.0/23 maxlen: 32
66.45.61.0/24 maxlen: 32
66.45.63.0/24 maxlen: 32
66.45.114.0/23 maxlen: 32
66.179.36.0/23 maxlen: 32
66.179.88.0/23 maxlen: 32
66.179.99.0/24 maxlen: 32
66.179.106.0/23 maxlen: 32
66.179.161.0/24 maxlen: 32
66.179.204.0/23 maxlen: 32
66.179.207.0/24 maxlen: 32
66.179.213.0/24 maxlen: 32
66.179.247.0/24 maxlen: 32
67.202.232.0/24 maxlen: 32
69.48.213.0/24 maxlen: 32
69.71.220.0/24 maxlen: 32
69.161.128.0/20 maxlen: 32
69.161.144.0/20 maxlen: 32
69.161.144.0/24 maxlen: 24
69.161.145.0/24 maxlen: 24
69.161.146.0/23 maxlen: 32
69.161.146.0/24 maxlen: 32
69.161.147.0/24 maxlen: 32
69.161.148.0/23 maxlen: 23
69.161.150.0/24 maxlen: 24
69.161.151.0/24 maxlen: 24
69.161.152.0/24 maxlen: 24
69.161.153.0/24 maxlen: 24
69.161.154.0/23 maxlen: 23
69.161.156.0/24 maxlen: 24
69.161.157.0/24 maxlen: 24
69.161.158.0/24 maxlen: 32
69.161.159.0/24 maxlen: 24
69.164.84.0/23 maxlen: 32
69.164.87.0/24 maxlen: 32
69.164.88.0/23 maxlen: 32
69.164.96.0/24 maxlen: 32
74.205.245.0/24 maxlen: 32
108.60.0.0/20 maxlen: 32
153.52.192.0/19 maxlen: 32
173.209.230.0/23 maxlen: 32
209.46.56.0/23 maxlen: 32
216.177.153.0/24 maxlen: 32
216.177.154.0/24 maxlen: 32
216.183.118.0/23 maxlen: 32
216.183.126.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b6:f2:94:92:b6:fe:53:e5:68:09:9d:91:79:86:ae:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d44919fdd08afb9a4d0a8778923011251dd7f0
Validity
Not Before: Jun 11 13:50:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9bfafa85cb44ad1dff8e04253f02a4827064dad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:af:01:36:19:2d:c1:c5:96:1d:e1:43:5a:d9:
08:76:79:b1:d3:a5:9c:ae:f7:32:4d:74:40:6c:28:
dd:61:f3:44:af:b1:2b:06:41:a3:43:e0:12:e8:4f:
bd:b8:80:f8:6d:b7:26:5a:d9:7f:b2:26:41:a4:ed:
19:3c:2c:db:59:e6:be:ab:52:12:ca:b9:67:a5:fa:
7e:46:50:df:96:02:60:3f:f8:3f:2c:ca:78:bb:fb:
cc:3f:d8:5a:a7:21:74:84:4b:4a:9e:46:b8:22:1c:
7b:2a:9e:50:70:c7:e9:c9:e0:a4:4a:7d:a7:1f:fc:
7e:6a:26:9a:19:e5:a5:e8:cb:e3:04:af:62:52:cb:
f1:2d:2b:13:0d:8c:7c:a7:7c:37:77:c0:fb:02:17:
5f:1a:ef:0b:71:a2:05:1f:c6:25:84:1b:dd:f5:60:
03:74:82:14:33:4f:af:2f:0c:d1:7e:b7:ab:2c:a6:
0e:97:22:bc:2b:5c:b9:f5:ca:68:68:db:45:d5:59:
86:74:fc:27:a2:36:74:3f:87:8b:07:c3:8f:04:4c:
de:b9:ed:07:cc:b1:96:31:b5:03:df:d7:5f:10:48:
1d:00:85:80:02:aa:cb:7e:25:a7:b4:a1:8b:69:a7:
d2:f8:6d:02:ba:67:55:55:bb:ab:c9:78:3e:5b:13:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FA:FA:85:CB:44:AD:1D:FF:8E:04:25:3F:02:A4:82:70:64:DA:D5
X509v3 Authority Key Identifier:
keyid:32:D4:49:19:FD:D0:8A:FB:9A:4D:0A:87:78:92:30:11:25:1D:D7:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtRJGf3QivuaTQqHeJIwESUd1_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/m_r6hctErR3_jgQlPwKkgnBk2tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/fd2294-cf37-4fc9-9edd-a4f7b088bc1a/1/MtRJGf3QivuaTQqHeJIwESUd1_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.38.102.0-65.38.105.255
66.45.17.0-66.45.19.255
66.45.38.0/23
66.45.61.0/24
66.45.63.0/24
66.45.114.0/23
66.179.36.0/23
66.179.88.0/23
66.179.99.0/24
66.179.106.0/23
66.179.161.0/24
66.179.204.0/23
66.179.207.0/24
66.179.213.0/24
66.179.247.0/24
67.202.232.0/24
69.48.213.0/24
69.71.220.0/24
69.161.128.0/19
69.164.84.0/23
69.164.87.0-69.164.89.255
69.164.96.0/24
74.205.245.0/24
108.60.0.0/20
153.52.192.0/19
173.209.230.0/23
209.46.56.0/23
216.177.153.0-216.177.154.255
216.183.118.0/23
216.183.126.0/23
Signature Algorithm: sha256WithRSAEncryption
bc:03:12:d2:3d:dc:b2:7e:0f:d8:52:ff:8e:29:5f:de:cb:29:
1c:0a:9c:b9:5b:d1:3d:b6:d3:a4:47:ea:f7:b8:69:50:8e:35:
f7:69:1e:58:d9:c6:d8:42:35:f1:d0:85:42:1d:f2:66:30:ca:
2a:ac:1e:0d:e7:e6:22:61:df:47:70:dc:d8:ed:19:8d:5d:65:
a5:dc:3d:f8:cf:49:eb:b0:2b:31:8a:e2:2b:4c:0a:b1:29:97:
e2:55:a5:78:18:81:cc:3f:09:ac:93:c3:41:ce:44:38:15:94:
89:2c:01:40:ed:08:95:e8:00:6d:32:14:f8:cc:50:cd:3b:2d:
ca:55:a9:b4:9a:8b:df:bb:9d:2b:b3:db:75:7d:d6:ba:22:77:
e1:14:a2:cb:80:14:55:ff:f3:d5:ce:ca:bd:98:aa:57:cb:a3:
0d:a0:85:c4:35:ab:3d:74:37:98:11:c9:36:ed:f7:7f:d3:48:
68:5d:12:36:8d:65:83:71:9c:15:22:68:85:14:8f:72:f3:c1:
c1:7b:4a:7c:34:51:a0:d8:60:c7:b2:16:4e:8c:bf:df:90:cd:
d8:22:7c:9f:a3:aa:5b:15:4b:07:ea:c0:fc:b0:88:76:9e:de:
0d:ba:77:52:b4:05:f8:a0:81:bf:49:fe:69:bc:96:4e:7c:4f:
e5:a1:47:9a
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZ628pSStv5T5WgJnZF5hq7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDQ0OTE5ZmRkMDhhZmI5YTRkMGE4Nzc4OTIzMDExMjUx
ZGQ3ZjAwHhcNMjYwNjExMTM1MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZhZmE4NWNiNDRhZDFkZmY4ZTA0MjUzZjAyYTQ4MjcwNjRkYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya8BNhktwcWWHeFDWtkIdnmx06Wc
rvcyTXRAbCjdYfNEr7ErBkGjQ+AS6E+9uID4bbcmWtl/siZBpO0ZPCzbWea+q1IS
yrlnpfp+RlDflgJgP/g/LMp4u/vMP9hapyF0hEtKnka4Ihx7Kp5QcMfpyeCkSn2n
H/x+aiaaGeWl6MvjBK9iUsvxLSsTDYx8p3w3d8D7AhdfGu8LcaIFH8YlhBvd9WAD
dIIUM0+vLwzRfrerLKYOlyK8K1y59cpoaNtF1VmGdPwnojZ0P4eLB8OPBEzeue0H
zLGWMbUD39dfEEgdAIWAAqrLfiWntKGLaafS+G0CumdVVburyXg+WxMaxQIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFJv6+oXLRK0d/44EJT8CpIJwZNrVMB8GA1UdIwQY
MBaAFDLUSRn90Ir7mk0Kh3iSMBElHdfwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRSSkdmM1FpdnVhVFFxSGVKSXdFU1VkMV9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9mZDIyOTQtY2YzNy00ZmM5LTllZGQt
YTRmN2IwODhiYzFhLzEvbV9yNmhjdEVyUjNfamdRbFB3S2tnbkJrMnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9mZDIyOTQtY2YzNy00ZmM5LTllZGQtYTRmN2IwODhiYzFh
LzEvTXRSSkdmM1FpdnVhVFFxSGVKSXdFU1VkMV9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCB2wQCAAEwgdQwDAME
AUEmZgMEAUEmaDAMAwQAQi0RAwQCQi0QAwQBQi0mAwQAQi09AwQAQi0/AwQBQi1y
AwQBQrMkAwQBQrNYAwQAQrNjAwQBQrNqAwQAQrOhAwQBQrPMAwQAQrPPAwQAQrPV
AwQAQrP3AwQAQ8roAwQARTDVAwQARUfcAwQFRaGAAwQBRaRUMAwDBABFpFcDBAFF
pFgDBABFpGADBABKzfUDBARsPAADBAWZNMADBAGt0eYDBAHRLjgwDAMEANixmQME
ANixmgMEAdi3dgMEAdi3fjANBgkqhkiG9w0BAQsFAAOCAQEAvAMS0j3csn4P2FL/
jilf3sspHAqcuVvRPbbTpEfq97hpUI4192keWNnG2EI18dCFQh3yZjDKKqweDefm
ImHfR3Dc2O0ZjV1lpdw9+M9J67ArMYriK0wKsSmX4lWleBiBzD8JrJPDQc5EOBWU
iSwBQO0IlegAbTIU+MxQzTstylWptJqL37udK7PbdX3WuiJ34RSiy4AUVf/z1c7K
vZiqV8ujDaCFxDWrPXQ3mBHJNu33f9NIaF0SNo1lg3GcFSJohRSPcvPBwXtKfDRR
oNhgx7IWToy/35DN2CJ8n6OqWxVLB+rA/LCIdp7eDbp3UrQF+KCBv0n+abyWTnxP
5aFHmg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:39:06 2026 by rpki-client