Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/6ItjAY2vqbDsPfEN7PlB_byd1yQ.roa
File: 6ItjAY2vqbDsPfEN7PlB_byd1yQ.roa (raw, json)
Hash identifier: 67Rx+JVBn8qMfeiQxadB9O8Is1LQ2PXvAawWWlcCFMo=
Subject key identifier: E8:8B:63:01:8D:AF:A9:B0:EC:3D:F1:0D:EC:F9:41:FD:BC:9D:D7:24
Certificate issuer: /CN=12fadfe291defc56f9479e2e7d21b5397cfa2b64
Certificate serial: 019B76EADE0EA777BAF588CA6FFA38D709BE
Authority key identifier: 12:FA:DF:E2:91:DE:FC:56:F9:47:9E:2E:7D:21:B5:39:7C:FA:2B:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/6ItjAY2vqbDsPfEN7PlB_byd1yQ.roa
Signing time: Thu 01 Jan 2026 00:17:42 +0000
ROA not before: Thu 01 Jan 2026 00:17:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208086
IP address blocks: 78.41.47.0/24 maxlen: 24
2a06:11c0:3::/48 maxlen: 48
2a06:11c0:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:76:ea:de:0e:a7:77:ba:f5:88:ca:6f:fa:38:d7:09:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fadfe291defc56f9479e2e7d21b5397cfa2b64
Validity
Not Before: Jan 1 00:17:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e88b63018dafa9b0ec3df10decf941fdbc9dd724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8f:f1:ce:19:b6:68:17:f5:ac:e3:d9:99:12:
9a:ad:ac:0a:52:3a:33:1e:ae:00:8b:0f:79:9c:bd:
85:a4:ee:40:a3:67:63:4d:5f:d3:32:0d:45:a7:38:
9a:a7:4c:0a:48:5c:19:b8:32:cb:f8:05:64:3f:00:
ed:a0:af:a0:80:0b:c5:4e:34:3a:0d:6e:ea:4f:a8:
21:50:53:76:e8:51:16:a9:66:2b:3d:65:87:19:11:
47:8f:1b:4a:ed:04:21:2b:6f:9c:f4:f1:be:cc:9d:
9b:55:5d:59:4e:ee:ae:b2:cb:c4:60:fb:8b:51:56:
e0:52:f0:79:ef:93:3e:aa:07:a6:f1:7c:18:d1:14:
3a:01:97:4a:b8:5a:17:8f:56:a5:da:a5:0d:21:ec:
24:a0:00:84:11:9e:8a:58:7e:d9:5d:cb:01:27:0b:
c9:6e:cb:28:33:7e:21:b1:3c:1c:9d:45:3d:1f:0f:
1b:12:67:48:43:bf:54:c7:b6:8d:49:c3:8c:aa:5d:
18:90:ea:94:52:b1:b4:e0:d6:b6:b6:bb:9d:d0:1c:
ed:8b:e0:18:f4:0e:b0:af:d3:87:b7:47:fb:40:cb:
d6:3d:fd:4a:32:2c:8b:13:57:af:bf:c2:58:04:98:
52:5c:a7:cc:ac:68:04:83:5a:d1:85:f5:43:e0:ae:
24:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:8B:63:01:8D:AF:A9:B0:EC:3D:F1:0D:EC:F9:41:FD:BC:9D:D7:24
X509v3 Authority Key Identifier:
keyid:12:FA:DF:E2:91:DE:FC:56:F9:47:9E:2E:7D:21:B5:39:7C:FA:2B:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/6ItjAY2vqbDsPfEN7PlB_byd1yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/81de07-8481-4d83-82e9-a3471774157b/1/Evrf4pHe_Fb5R54ufSG1OXz6K2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.47.0/24
IPv6:
2a06:11c0:3::-2a06:11c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:18:7e:b1:8c:88:66:cb:d6:ca:94:26:aa:4a:62:c3:08:e8:
a3:b3:41:af:8a:2d:13:f3:40:9e:9f:dd:3c:c6:6f:03:fd:ad:
67:5d:05:5b:47:cc:5f:40:49:e6:4f:22:9b:80:fe:72:ff:a2:
78:5f:18:2d:1a:1f:ca:ff:b0:fa:01:61:9e:b5:9e:4a:89:88:
12:af:69:50:05:f5:05:6f:aa:3f:5c:e6:29:a1:37:01:13:25:
de:b4:38:87:d5:af:a6:83:a7:80:40:93:7a:5c:0e:05:1e:25:
d9:7b:b1:b8:19:80:ea:d7:54:05:52:b4:fe:72:48:57:74:5a:
f3:d9:18:eb:78:56:10:bc:f2:b0:09:f3:c6:f1:7e:75:8f:c9:
3e:8e:0b:6e:6d:78:df:dc:44:c4:7a:88:06:95:23:c2:bc:69:
32:b6:7c:c8:7e:9a:b5:91:1e:64:49:15:8e:d5:cc:75:19:00:
61:7f:f6:be:f2:94:df:a9:df:4a:d7:cf:82:6e:9d:5b:05:19:
0b:89:30:e8:9f:e2:df:38:1e:6c:f8:11:7a:38:fc:aa:54:bb:
ec:27:be:93:cd:24:88:c4:54:53:cc:fa:d9:e9:f9:a9:7a:05:
0f:31:f5:de:8b:40:6a:da:08:2d:13:f6:72:47:c3:33:0a:74:
0a:a3:61:14
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt26t4Op3e69YjKb/o41wm+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmFkZmUyOTFkZWZjNTZmOTQ3OWUyZTdkMjFiNTM5N2Nm
YTJiNjQwHhcNMjYwMTAxMDAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODhiNjMwMThkYWZhOWIwZWMzZGYxMGRlY2Y5NDFmZGJjOWRkNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7o/xzhm2aBf1rOPZmRKarawKUjoz
Hq4Aiw95nL2FpO5Ao2djTV/TMg1Fpziap0wKSFwZuDLL+AVkPwDtoK+ggAvFTjQ6
DW7qT6ghUFN26FEWqWYrPWWHGRFHjxtK7QQhK2+c9PG+zJ2bVV1ZTu6ussvEYPuL
UVbgUvB575M+qgem8XwY0RQ6AZdKuFoXj1al2qUNIewkoACEEZ6KWH7ZXcsBJwvJ
bssoM34hsTwcnUU9Hw8bEmdIQ79Ux7aNScOMql0YkOqUUrG04Na2trud0Bzti+AY
9A6wr9OHt0f7QMvWPf1KMiyLE1evv8JYBJhSXKfMrGgEg1rRhfVD4K4kjQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOiLYwGNr6mw7D3xDez5Qf28ndckMB8GA1UdIwQY
MBaAFBL63+KR3vxW+UeeLn0htTl8+itkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXZyZjRwSGVfRmI1UjU0dWZTRzFPWHo2SzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC84MWRlMDctODQ4MS00ZDgzLTgyZTkt
YTM0NzE3NzQxNTdiLzEvNkl0akFZMnZxYkRzUGZFTjdQbEJfYnlkMXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC84MWRlMDctODQ4MS00ZDgzLTgyZTktYTM0NzE3NzQxNTdi
LzEvRXZyZjRwSGVfRmI1UjU0dWZTRzFPWHo2SzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQATikvMBoE
AgACMBQwEgMHACoGEcAAAwMHACoGEcAABDANBgkqhkiG9w0BAQsFAAOCAQEAphh+
sYyIZsvWypQmqkpiwwjoo7NBr4otE/NAnp/dPMZvA/2tZ10FW0fMX0BJ5k8im4D+
cv+ieF8YLRofyv+w+gFhnrWeSomIEq9pUAX1BW+qP1zmKaE3ARMl3rQ4h9WvpoOn
gECTelwOBR4l2XuxuBmA6tdUBVK0/nJIV3Ra89kY63hWELzysAnzxvF+dY/JPo4L
bm1439xExHqIBpUjwrxpMrZ8yH6atZEeZEkVjtXMdRkAYX/2vvKU36nfStfPgm6d
WwUZC4kw6J/i3zgebPgRejj8qlS77Ce+k80kiMRUU8z62en5qXoFDzH13otAatoI
LRP2ckfDMwp0CqNhFA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:19:13 2026 by rpki-client