Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ES6_r9HyyTN-NFAUkDpdRtz79SU.roa
File: ES6_r9HyyTN-NFAUkDpdRtz79SU.roa (raw, json)
Hash identifier: s7YwThygnHiauWDUuy7E1Se01pNBCGCVtrtL6CA57gk=
Subject key identifier: 11:2E:BF:AF:D1:F2:C9:33:7E:34:50:14:90:3A:5D:46:DC:FB:F5:25
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E8874FDF224762C2377C9B71E98FCA622
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ES6_r9HyyTN-NFAUkDpdRtz79SU.roa
Signing time: Tue 02 Jun 2026 13:10:28 +0000
ROA not before: Tue 02 Jun 2026 13:10:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
151.241.207.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.152.0/24 maxlen: 24
151.243.154.0/24 maxlen: 24
151.243.197.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.231.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.222.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
151.246.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 13:35:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:88:74:fd:f2:24:76:2c:23:77:c9:b7:1e:98:fc:a6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 2 13:10:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=112ebfafd1f2c9337e345014903a5d46dcfbf525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ea:ad:d2:38:70:c9:4d:de:ba:b3:51:7f:ea:
19:1b:67:80:d5:77:70:ea:22:63:95:76:54:ea:79:
29:77:9d:10:6d:42:e9:c7:38:08:d8:b7:55:06:fe:
d3:15:f6:70:f7:c8:73:d9:40:ff:08:08:21:e7:d8:
f6:54:a9:bc:f8:3a:46:25:f8:bc:12:27:5d:56:e6:
41:bb:76:b7:a1:6f:fa:49:cc:7d:90:59:68:45:fc:
a3:1e:cd:b9:51:a8:c6:f2:9e:aa:2c:5c:c3:4a:72:
6f:0f:1c:37:94:04:78:10:4f:0c:f3:8b:e4:30:70:
40:39:49:3c:58:1e:de:31:85:9c:ce:b7:48:2c:d6:
47:3c:d1:59:fb:c9:86:a6:5a:ba:bc:a2:75:c7:a7:
bc:5b:62:6d:94:09:0b:68:ab:74:ad:f4:30:3f:7d:
b8:f5:a5:4d:82:b5:01:4c:33:f4:3c:34:da:81:e9:
17:69:3a:80:8d:06:8c:b9:13:9d:22:46:97:f8:45:
b9:93:79:66:9f:b4:a8:69:3d:fc:bd:05:3b:77:ae:
e6:ed:98:ee:02:fe:db:8b:a0:3c:a8:90:41:5e:75:
f5:87:4e:1e:b5:07:4e:75:1d:df:5f:f0:6b:49:d7:
49:9e:f9:6c:6b:63:0a:4d:27:35:11:db:0e:d4:17:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2E:BF:AF:D1:F2:C9:33:7E:34:50:14:90:3A:5D:46:DC:FB:F5:25
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ES6_r9HyyTN-NFAUkDpdRtz79SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
151.241.207.0/24
151.243.7.0/24
151.243.152.0/24
151.243.154.0/24
151.243.197.0/24
151.243.228.0/24
151.243.231.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.222.0/24
151.244.224.0/24
151.244.235.0/24
151.246.161.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a1:5d:64:ba:9b:28:98:cb:47:93:fc:6a:f5:73:ef:9b:e0:
a3:28:5f:e9:59:93:ae:b1:bd:a5:fc:67:13:2b:3f:9d:b9:87:
3c:08:cc:07:2f:3c:f4:93:dc:5b:84:5c:be:fa:05:dc:67:d9:
52:53:68:60:c3:1a:ca:cb:81:15:e6:3c:b0:56:46:09:33:46:
d2:85:3c:11:76:1f:d6:8a:e0:3e:5f:b8:31:be:34:0e:2d:4c:
6f:00:40:8f:d0:b6:9b:62:7c:21:d4:a0:e2:3d:4a:0b:84:1d:
ff:1a:94:7c:94:c0:5b:6b:12:6a:62:a5:4c:68:af:cf:43:02:
05:fa:ac:79:7a:cb:36:ac:0a:c5:05:63:17:e7:2b:31:cb:83:
17:52:35:f5:2b:37:10:13:da:ba:7e:9e:91:85:eb:3d:8e:05:
57:68:9a:f5:7b:d1:64:f9:64:ff:ef:89:3c:8e:bc:2c:19:4e:
29:76:20:c3:4a:20:66:8a:05:84:75:95:6e:9e:d4:c8:ae:bc:
be:5c:b1:1d:22:b2:80:3b:d2:7f:b6:54:b7:66:cc:3c:2f:5b:
83:ec:19:c9:46:52:2c:cb:b9:8d:7d:66:38:74:43:02:4b:65:
93:34:75:43:9e:c7:ef:34:b0:4b:13:30:99:5c:a9:a4:01:b8:
3e:bd:5e:38
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ6IdP3yJHYsI3fJtx6Y/KYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjAyMTMxMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJlYmZhZmQxZjJjOTMzN2UzNDUwMTQ5MDNhNWQ0NmRjZmJmNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeqt0jhwyU3eurNRf+oZG2eA1Xdw
6iJjlXZU6nkpd50QbULpxzgI2LdVBv7TFfZw98hz2UD/CAgh59j2VKm8+DpGJfi8
EiddVuZBu3a3oW/6Scx9kFloRfyjHs25UajG8p6qLFzDSnJvDxw3lAR4EE8M84vk
MHBAOUk8WB7eMYWczrdILNZHPNFZ+8mGplq6vKJ1x6e8W2JtlAkLaKt0rfQwP324
9aVNgrUBTDP0PDTagekXaTqAjQaMuROdIkaX+EW5k3lmn7SoaT38vQU7d67m7Zju
Av7bi6A8qJBBXnX1h04etQdOdR3fX/BrSddJnvlsa2MKTSc1EdsO1BdCPwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFBEuv6/R8skzfjRQFJA6XUbc+/UlMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRVM2X3I5SHl5VE4tTkZBVWtEcGRSdHo3OVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJcrCAwQA
l/HPAwQAl/MHAwQAl/OYAwQAl/OaAwQAl/PFAwQAl/PkAwQAl/PnAwQAl/Q2AwQA
l/SnAwQAl/S0AwQAl/TeAwQAl/TgAwQAl/TrAwQAl/ahMA0GCSqGSIb3DQEBCwUA
A4IBAQBkoV1kupsomMtHk/xq9XPvm+CjKF/pWZOusb2l/GcTKz+duYc8CMwHLzz0
k9xbhFy++gXcZ9lSU2hgwxrKy4EV5jywVkYJM0bShTwRdh/WiuA+X7gxvjQOLUxv
AECP0LabYnwh1KDiPUoLhB3/GpR8lMBbaxJqYqVMaK/PQwIF+qx5ess2rArFBWMX
5ysxy4MXUjX1KzcQE9q6fp6Rhes9jgVXaJr1e9Fk+WT/74k8jrwsGU4pdiDDSiBm
igWEdZVuntTIrry+XLEdIrKAO9J/tlS3Zsw8L1uD7BnJRlIsy7mNfWY4dEMCS2WT
NHVDnsfvNLBLEzCZXKmkAbg+vV44
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:50:41 2026 by rpki-client