Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/L6EfYpj4kjPfBKjDIwYvQZVTYw8.roa
File: L6EfYpj4kjPfBKjDIwYvQZVTYw8.roa (raw, json)
Hash identifier: fL/0JncMhmbdQ9wqzpSOA1G0U/HtPjMSzlL0nOCbrRw=
Subject key identifier: 2F:A1:1F:62:98:F8:92:33:DF:04:A8:C3:23:06:2F:41:95:53:63:0F
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019C98D86FA5364BE10E7768848CDCA8F345
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/L6EfYpj4kjPfBKjDIwYvQZVTYw8.roa
Signing time: Thu 26 Feb 2026 07:27:26 +0000
ROA not before: Thu 26 Feb 2026 07:27:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:98:d8:6f:a5:36:4b:e1:0e:77:68:84:8c:dc:a8:f3:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Feb 26 07:27:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2fa11f6298f89233df04a8c323062f419553630f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:e3:7c:97:d5:9a:e8:1d:30:aa:8f:bc:29:
eb:fc:df:5d:b6:4e:64:7f:4b:23:be:f3:9f:af:62:
5c:40:70:18:c5:24:9b:c8:8a:36:ac:b3:c6:4b:09:
19:9e:5b:1b:12:b4:28:06:3f:7b:c8:21:20:20:cc:
d5:e0:c3:ce:f4:c9:de:7c:2c:f2:6c:51:bd:2d:c3:
ad:ea:7f:e7:78:8b:1e:2d:90:ec:b7:9a:5c:21:d7:
7c:85:50:4d:af:a5:c5:d9:d8:fb:dc:67:61:71:c9:
ed:7b:c1:a4:80:e9:20:a2:59:75:d3:17:e6:55:93:
ee:81:b7:61:71:bf:a6:66:14:f7:54:83:96:6b:ec:
81:58:41:f7:cc:16:2f:78:eb:98:ba:24:fb:df:12:
4e:8b:8e:4b:9f:6f:4e:97:17:58:52:d1:ea:7f:15:
18:c8:ee:c1:e0:6d:9e:ac:0f:79:f4:43:9b:e5:66:
2c:d5:8c:77:ad:da:7c:da:b2:d6:74:f6:bf:05:4d:
1c:d9:8d:16:e8:f3:b8:fc:0b:eb:95:44:d2:e5:b0:
c6:35:8c:87:8b:62:3e:e6:b8:91:7e:08:19:cf:d9:
e7:2e:8e:f4:af:ee:cc:9d:63:a3:40:7d:37:33:f2:
69:e0:67:b5:f7:00:34:1e:41:d3:77:0d:99:01:93:
89:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A1:1F:62:98:F8:92:33:DF:04:A8:C3:23:06:2F:41:95:53:63:0F
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/L6EfYpj4kjPfBKjDIwYvQZVTYw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
213.155.28.0/24
217.177.32.0/24
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
79:92:af:bb:6b:17:1d:2f:a4:78:b2:f1:e7:d4:99:c1:8b:96:
ed:9a:e3:9e:ee:6f:82:18:1c:1c:cf:65:65:ce:a2:ff:ff:07:
37:de:5f:2e:a7:dc:8f:48:16:6a:5c:30:0f:08:59:11:31:4b:
66:5d:34:9a:7e:6d:ac:86:da:eb:2a:af:2f:18:24:1d:09:59:
5e:7b:49:ff:1a:d2:0a:89:13:05:4a:f7:d5:ce:41:8c:a2:3f:
97:ce:15:bc:1b:5b:ea:1a:98:67:98:ce:53:cd:7f:38:2c:ab:
64:27:19:73:14:fc:62:0b:43:08:17:89:aa:21:04:24:f5:a3:
dc:38:1d:f6:be:38:cb:85:96:aa:30:33:1b:b1:10:cb:c8:77:
0a:00:92:a9:56:6a:96:23:93:c3:c0:5e:b7:37:55:b9:c9:22:
92:ff:21:91:dc:96:58:21:05:94:b0:f7:46:97:6b:a8:e8:56:
9f:66:6e:64:c9:28:99:68:a0:47:3f:65:cc:2f:6f:0d:8d:ec:
fd:43:7b:32:a8:48:ea:62:9e:ef:27:a6:87:ea:ec:a8:1b:05:
f3:3f:e0:70:0c:af:b9:36:60:b8:f7:9f:20:87:6d:d1:b0:06:
50:46:2d:36:5a:1d:18:bf:0b:0e:6d:27:6a:f1:19:a1:ba:5b:
b5:8b:d6:96
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZyY2G+lNkvhDndohIzcqPNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwMjI2MDcyNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmExMWY2Mjk4Zjg5MjMzZGYwNGE4YzMyMzA2MmY0MTk1NTM2MzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKTjfJfVmugdMKqPvCnr/N9dtk5k
f0sjvvOfr2JcQHAYxSSbyIo2rLPGSwkZnlsbErQoBj97yCEgIMzV4MPO9MnefCzy
bFG9LcOt6n/neIseLZDst5pcIdd8hVBNr6XF2dj73Gdhccnte8GkgOkgoll10xfm
VZPugbdhcb+mZhT3VIOWa+yBWEH3zBYveOuYuiT73xJOi45Ln29OlxdYUtHqfxUY
yO7B4G2erA959EOb5WYs1Yx3rdp82rLWdPa/BU0c2Y0W6PO4/AvrlUTS5bDGNYyH
i2I+5riRfggZz9nnLo70r+7MnWOjQH03M/Jp4Ge19wA0HkHTdw2ZAZOJawIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFC+hH2KY+JIz3wSowyMGL0GVU2MPMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvTDZFZllwajRralBmQktqREl3WXZRWlZUWXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwTAQCAAEwRgMEAFFVSAME
AVFVSgMEALkFSzAMAwQDuQkYAwQAuQkaMAwDBAK5HKwDBAC5HK4DBADVmxwDBADZ
sSADBALZsSwDBAHZszAwLAQCAAIwJjASAwcBKhEswAACAwcBKhEswAAIAwcBKhEs
wAAQAwcBKhEswAAgMA0GCSqGSIb3DQEBCwUAA4IBAQB5kq+7axcdL6R4svHn1JnB
i5btmuOe7m+CGBwcz2VlzqL//wc33l8up9yPSBZqXDAPCFkRMUtmXTSafm2shtrr
Kq8vGCQdCVlee0n/GtIKiRMFSvfVzkGMoj+XzhW8G1vqGphnmM5TzX84LKtkJxlz
FPxiC0MIF4mqIQQk9aPcOB32vjjLhZaqMDMbsRDLyHcKAJKpVmqWI5PDwF63N1W5
ySKS/yGR3JZYIQWUsPdGl2uo6FafZm5kySiZaKBHP2XML28Njez9Q3syqEjqYp7v
J6aH6uyoGwXzP+BwDK+5NmC4958gh23RsAZQRi02Wh0YvwsObSdq8Rmhulu1i9aW
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:56:29 2026 by rpki-client