Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/6K4oUx9pOKXk-E5v2s7BqBCmC1Y.roa
File: 6K4oUx9pOKXk-E5v2s7BqBCmC1Y.roa (raw, json)
Hash identifier: PyV8guqmHw6jeLNJqorARQaHDDl6HluIr4W58erM+/c=
Subject key identifier: E8:AE:28:53:1F:69:38:A5:E4:F8:4E:6F:DA:CE:C1:A8:10:A6:0B:56
Certificate issuer: /CN=321ec194107843848cd36330232b5f6a43791db4
Certificate serial: 019C6747ED1F10731636E5ACAF8E27025F3F
Authority key identifier: 32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/6K4oUx9pOKXk-E5v2s7BqBCmC1Y.roa
Signing time: Mon 16 Feb 2026 16:28:12 +0000
ROA not before: Mon 16 Feb 2026 16:28:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8075
IP address blocks: 155.231.208.0/24 maxlen: 24
155.231.209.0/24 maxlen: 24
195.104.228.0/24 maxlen: 24
195.104.229.0/24 maxlen: 24
195.104.230.0/24 maxlen: 24
195.104.231.0/24 maxlen: 24
195.105.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:67:47:ed:1f:10:73:16:36:e5:ac:af:8e:27:02:5f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec194107843848cd36330232b5f6a43791db4
Validity
Not Before: Feb 16 16:28:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e8ae28531f6938a5e4f84e6fdacec1a810a60b56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7c:42:18:4d:12:c9:9e:16:08:24:3d:79:e6:
bf:cd:3d:43:47:9a:92:a6:61:6e:e3:d4:46:55:b6:
fa:d5:00:a3:26:1f:f4:77:df:b6:74:88:0f:b6:9a:
f0:e9:cb:82:e8:d6:98:70:9c:f0:71:59:56:69:dc:
e5:06:40:64:62:1d:a9:1a:cb:b4:49:f1:82:1d:22:
a4:9b:de:a3:8e:d2:83:d0:eb:ba:01:1f:ff:45:a3:
bd:21:f1:75:50:ff:c4:37:22:fa:f7:4c:c0:55:4d:
fc:15:ee:35:7c:20:42:53:01:59:09:35:a6:0e:08:
ce:64:c0:06:96:68:1f:9f:8d:91:cc:98:3a:b3:29:
31:18:55:e1:d7:ee:77:e5:bf:37:9a:9a:2b:14:3f:
92:43:43:6d:a3:c4:94:05:3f:cc:85:2d:65:46:26:
f7:74:7c:c2:26:25:d2:de:e9:1b:61:b2:d0:ac:34:
3d:81:ca:9f:12:49:f8:98:1d:4d:ac:c6:a6:52:1a:
0e:b8:46:e3:13:c3:84:a9:d3:6a:d4:f2:7d:91:b7:
af:9a:49:29:b4:2e:33:91:34:25:da:74:ca:a2:62:
90:4e:cd:25:d9:49:96:41:ee:51:df:20:43:74:e2:
99:c6:09:10:04:fd:f3:59:11:e2:29:3a:f1:e3:29:
8a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:AE:28:53:1F:69:38:A5:E4:F8:4E:6F:DA:CE:C1:A8:10:A6:0B:56
X509v3 Authority Key Identifier:
keyid:32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/6K4oUx9pOKXk-E5v2s7BqBCmC1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.231.208.0/23
195.104.228.0/22
195.105.26.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8a:51:1b:11:a7:52:9f:22:29:8f:1a:83:da:2d:ff:03:44:
f6:cf:a0:09:36:0c:1f:87:3f:87:36:2b:30:e6:9a:35:87:ff:
0a:c0:f5:d3:2b:6f:8a:fc:42:0a:71:a8:d5:a3:3f:22:96:69:
c8:43:a5:52:88:f2:1f:d7:31:a8:7c:f3:84:e6:20:a1:b8:1a:
0b:66:06:bb:b2:18:91:60:b6:35:9e:e7:4e:54:0f:ab:1c:71:
30:cd:76:cb:b8:ed:05:b6:4b:81:6c:b4:1f:0f:70:ae:07:bc:
41:67:11:d6:2d:60:73:3b:d5:c0:41:4b:d2:16:46:ec:c6:56:
b4:91:9e:0d:00:97:df:41:13:cf:4a:f6:c1:a0:0f:4e:0d:d1:
28:88:25:da:09:30:c9:42:94:f9:78:86:a7:a3:64:05:8b:b0:
d7:7b:10:3a:71:db:17:99:4b:1e:27:be:a3:d4:eb:de:fd:92:
25:a6:7b:50:9a:c1:75:d8:21:b0:e9:d3:9b:11:e1:eb:de:39:
e7:7c:2d:98:24:35:12:cc:73:3f:dd:95:f6:01:e2:8e:8d:53:
73:48:7a:93:2d:4b:c5:98:f1:84:03:60:05:c5:9d:45:81:f3:
75:11:0c:39:44:71:3f:a5:f8:bb:48:99:b8:8e:f6:88:a5:36:
d9:dd:2f:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZxnR+0fEHMWNuWsr44nAl8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWVjMTk0MTA3ODQzODQ4Y2QzNjMzMDIzMmI1ZjZhNDM3
OTFkYjQwHhcNMjYwMjE2MTYyODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGFlMjg1MzFmNjkzOGE1ZTRmODRlNmZkYWNlYzFhODEwYTYwYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknxCGE0SyZ4WCCQ9eea/zT1DR5qS
pmFu49RGVbb61QCjJh/0d9+2dIgPtprw6cuC6NaYcJzwcVlWadzlBkBkYh2pGsu0
SfGCHSKkm96jjtKD0Ou6AR//RaO9IfF1UP/ENyL690zAVU38Fe41fCBCUwFZCTWm
DgjOZMAGlmgfn42RzJg6sykxGFXh1+535b83mporFD+SQ0Nto8SUBT/MhS1lRib3
dHzCJiXS3ukbYbLQrDQ9gcqfEkn4mB1NrMamUhoOuEbjE8OEqdNq1PJ9kbevmkkp
tC4zkTQl2nTKomKQTs0l2UmWQe5R3yBDdOKZxgkQBP3zWRHiKTrx4ymKSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOiuKFMfaTil5PhOb9rOwagQpgtWMB8GA1UdIwQY
MBaAFDIewZQQeEOEjNNjMCMrX2pDeR20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgt
M2E2MTFjMDkzYTJjLzEvNks0b1V4OXBPS1hrLUU1djJzN0JxQkNtQzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgtM2E2MTFjMDkzYTJj
LzEvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBm+fQAwQC
w2jkAwQAw2kaMA0GCSqGSIb3DQEBCwUAA4IBAQA0ilEbEadSnyIpjxqD2i3/A0T2
z6AJNgwfhz+HNisw5po1h/8KwPXTK2+K/EIKcajVoz8ilmnIQ6VSiPIf1zGofPOE
5iChuBoLZga7shiRYLY1nudOVA+rHHEwzXbLuO0FtkuBbLQfD3CuB7xBZxHWLWBz
O9XAQUvSFkbsxla0kZ4NAJffQRPPSvbBoA9ODdEoiCXaCTDJQpT5eIano2QFi7DX
exA6cdsXmUseJ76j1Ove/ZIlpntQmsF12CGw6dObEeHr3jnnfC2YJDUSzHM/3ZX2
AeKOjVNzSHqTLUvFmPGEA2AFxZ1FgfN1EQw5RHE/pfi7SJm4jvaIpTbZ3S+r
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:24:51 2026 by rpki-client