Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6KXaCGcvTg-pCIrl_nuOa7E33ts.roa
File: 6KXaCGcvTg-pCIrl_nuOa7E33ts.roa (raw, json)
Hash identifier: aXwFwmPpa74ubpQ0jn3cHzEEsYWGQMaYTLY5+XgWknE=
Subject key identifier: E8:A5:DA:08:67:2F:4E:0F:A9:08:8A:E5:FE:7B:8E:6B:B1:37:DE:DB
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019C46869E3F7B4570ECE2F41DD4EFE061B8
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6KXaCGcvTg-pCIrl_nuOa7E33ts.roa
Signing time: Tue 10 Feb 2026 07:49:13 +0000
ROA not before: Tue 10 Feb 2026 07:49:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 92.244.178.0/23 maxlen: 23
92.244.188.0/23 maxlen: 23
195.40.145.0/24 maxlen: 24
195.40.146.0/23 maxlen: 24
195.40.148.0/22 maxlen: 24
195.40.192.0/18 maxlen: 24
195.172.0.0/18 maxlen: 24
195.172.64.0/19 maxlen: 24
195.172.224.0/19 maxlen: 24
212.134.29.0/24 maxlen: 24
212.134.30.0/24 maxlen: 24
212.134.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:86:9e:3f:7b:45:70:ec:e2:f4:1d:d4:ef:e0:61:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Feb 10 07:49:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e8a5da08672f4e0fa9088ae5fe7b8e6bb137dedb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2a:82:15:bf:5d:12:2e:5f:f3:2b:0c:5b:a6:
f8:9b:ac:83:81:ac:e2:78:16:16:3c:70:b2:a0:4a:
bf:70:83:cb:5e:d6:3f:06:8d:db:5d:ff:ef:95:4c:
42:8c:29:38:50:18:08:bc:f5:71:12:d0:4a:ce:40:
1a:6a:ec:6e:15:96:7c:78:76:52:51:ee:93:73:72:
65:53:e4:7a:60:ec:13:9e:60:9a:4a:fe:1a:67:be:
dd:57:93:d1:61:62:20:a4:fd:85:e2:ee:0f:35:9e:
72:79:44:16:08:41:b4:31:80:7e:0e:b5:2e:ad:22:
18:5f:ff:ed:d2:12:83:ec:0b:a0:24:2d:82:06:ab:
7d:6a:d6:4a:9c:ad:18:cd:87:36:42:ed:97:39:18:
83:b3:48:06:b0:7c:28:24:da:31:fc:68:b2:3e:fe:
8e:55:8d:8b:71:66:75:f9:54:64:4f:59:a9:1d:cd:
89:d3:3a:c1:f6:77:b3:04:32:0d:8a:51:f6:4e:5a:
3d:e6:88:6c:9e:56:cd:13:32:cd:99:0a:cc:b2:75:
25:01:8c:79:12:0c:10:eb:b1:72:00:f9:56:93:c5:
27:c7:98:d7:6a:e2:da:9b:88:d2:c0:1b:da:82:d5:
3f:43:0e:a5:fd:ef:1c:ff:da:9b:84:d0:6a:b4:2a:
a6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A5:DA:08:67:2F:4E:0F:A9:08:8A:E5:FE:7B:8E:6B:B1:37:DE:DB
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/6KXaCGcvTg-pCIrl_nuOa7E33ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.244.178.0/23
92.244.188.0/23
195.40.145.0-195.40.151.255
195.40.192.0/18
195.172.0.0-195.172.95.255
195.172.224.0/19
212.134.29.0-212.134.31.255
Signature Algorithm: sha256WithRSAEncryption
0e:cf:37:ec:fc:03:2a:22:4c:15:41:ff:fc:fa:b8:27:3c:5f:
79:4c:24:47:77:53:1b:48:07:39:e0:52:92:e7:0e:c9:36:d2:
f2:38:e1:42:ef:07:17:7f:56:c8:79:23:5e:7a:95:b1:73:28:
8c:26:cd:a6:0d:86:53:85:91:d1:8c:41:1a:88:05:27:17:a1:
6e:ed:3f:c0:a4:ea:a4:66:8b:bf:99:1f:2c:6c:b0:dd:c6:27:
29:6c:6e:db:84:9b:47:4a:af:ee:e6:0a:03:d4:83:69:5d:50:
e0:f7:6a:45:bc:57:d2:5b:4f:07:35:9b:89:34:d2:00:f7:df:
c6:17:d6:e1:5c:9b:33:b1:7b:3c:22:49:15:0c:a4:82:09:ad:
bf:7d:35:25:f3:c4:59:01:90:25:00:0c:f8:f3:3e:05:f1:fb:
17:26:5a:e8:f7:ce:eb:32:80:71:25:f8:ad:b9:9e:95:d7:ed:
cc:c1:80:82:5a:0d:09:37:4d:d5:78:33:0f:ba:d8:85:5f:3a:
fc:22:30:d0:a3:e0:91:ef:86:cf:65:7a:d5:a0:55:62:60:8d:
d7:95:62:cf:a5:cd:47:09:f5:8d:58:ab:f3:7c:c2:1c:58:ad:
80:d1:37:61:f2:5b:9a:e7:03:0b:de:8a:78:fc:47:cd:64:02:
63:6a:cb:39
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZxGhp4/e0Vw7OL0HdTv4GG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMjEwMDc0OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGE1ZGEwODY3MmY0ZTBmYTkwODhhZTVmZTdiOGU2YmIxMzdkZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCqCFb9dEi5f8ysMW6b4m6yDgazi
eBYWPHCyoEq/cIPLXtY/Bo3bXf/vlUxCjCk4UBgIvPVxEtBKzkAaauxuFZZ8eHZS
Ue6Tc3JlU+R6YOwTnmCaSv4aZ77dV5PRYWIgpP2F4u4PNZ5yeUQWCEG0MYB+DrUu
rSIYX//t0hKD7AugJC2CBqt9atZKnK0YzYc2Qu2XORiDs0gGsHwoJNox/GiyPv6O
VY2LcWZ1+VRkT1mpHc2J0zrB9nezBDINilH2Tlo95ohsnlbNEzLNmQrMsnUlAYx5
EgwQ67FyAPlWk8Unx5jXauLam4jSwBvagtU/Qw6l/e8c/9qbhNBqtCqmXwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFOil2ghnL04PqQiK5f57jmuxN97bMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvNktYYUNHY3ZUZy1wQ0lybF9udU9hN0UzM3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAATBBAwQBXPSyAwQB
XPS8MAwDBADDKJEDBAPDKJADBAbDKMAwCwMDAsOsAwQFw6xAAwQFw6zgMAwDBADU
hh0DBAXUhgAwDQYJKoZIhvcNAQELBQADggEBAA7PN+z8AyoiTBVB//z6uCc8X3lM
JEd3UxtIBzngUpLnDsk20vI44ULvBxd/Vsh5I156lbFzKIwmzaYNhlOFkdGMQRqI
BScXoW7tP8Ck6qRmi7+ZHyxssN3GJylsbtuEm0dKr+7mCgPUg2ldUOD3akW8V9Jb
Twc1m4k00gD338YX1uFcmzOxezwiSRUMpIIJrb99NSXzxFkBkCUADPjzPgXx+xcm
Wuj3zusygHEl+K25npXX7czBgIJaDQk3TdV4Mw+62IVfOvwiMNCj4JHvhs9letWg
VWJgjdeVYs+lzUcJ9Y1Yq/N8whxYrYDRN2HyW5rnAwveinj8R81kAmNqyzk=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:51 2026 by rpki-client