Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/B6r7tlhytkHdJheo1dsqfbry4Og.roa
File: B6r7tlhytkHdJheo1dsqfbry4Og.roa (raw, json)
Hash identifier: kKHkZjflWwkN797C4PStA913gNP9MCPk6MZE/gB/7Ew=
Subject key identifier: 07:AA:FB:B6:58:72:B6:41:DD:26:17:A8:D5:DB:2A:7D:BA:F2:E0:E8
Certificate issuer: /CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Certificate serial: 019C0E04A11CD23A087C7C45A064B01EC9D4
Authority key identifier: AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/B6r7tlhytkHdJheo1dsqfbry4Og.roa
Signing time: Fri 30 Jan 2026 08:28:30 +0000
ROA not before: Fri 30 Jan 2026 08:28:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12552
IP address blocks: 62.102.144.0/22 maxlen: 22
62.109.32.0/19 maxlen: 19
62.209.160.0/19 maxlen: 19
65.99.128.0/18 maxlen: 18
80.252.160.0/19 maxlen: 19
82.96.0.0/18 maxlen: 18
82.96.28.0/22 maxlen: 22
82.96.43.0/24 maxlen: 24
82.99.0.0/18 maxlen: 18
82.99.36.0/23 maxlen: 23
82.99.62.0/24 maxlen: 24
83.140.0.0/16 maxlen: 16
83.140.30.0/24 maxlen: 24
83.140.95.0/24 maxlen: 24
83.140.96.0/23 maxlen: 23
83.140.99.0/24 maxlen: 24
83.140.108.0/22 maxlen: 22
83.140.113.0/24 maxlen: 24
83.140.156.0/23 maxlen: 23
83.140.171.0/24 maxlen: 24
83.140.221.0/24 maxlen: 24
83.140.231.0/24 maxlen: 24
83.140.249.0/24 maxlen: 24
83.145.0.0/18 maxlen: 18
85.112.160.0/19 maxlen: 19
85.112.184.0/22 maxlen: 22
93.158.64.0/18 maxlen: 18
93.158.68.0/22 maxlen: 22
93.158.76.0/24 maxlen: 24
93.158.78.0/24 maxlen: 24
93.158.88.0/22 maxlen: 22
93.158.92.0/23 maxlen: 23
93.158.95.0/24 maxlen: 24
93.158.98.0/23 maxlen: 23
93.158.100.0/24 maxlen: 24
93.158.102.0/23 maxlen: 23
93.158.107.0/24 maxlen: 24
93.158.108.0/23 maxlen: 23
93.189.240.0/21 maxlen: 21
94.136.64.0/19 maxlen: 19
94.246.64.0/18 maxlen: 18
146.185.8.0/21 maxlen: 21
178.248.24.0/22 maxlen: 22
185.165.80.0/22 maxlen: 22
185.165.172.0/22 maxlen: 22
185.165.172.0/24 maxlen: 24
185.178.140.0/22 maxlen: 22
185.178.143.0/24 maxlen: 24
185.181.216.0/22 maxlen: 22
185.182.84.0/22 maxlen: 22
185.183.144.0/22 maxlen: 22
185.183.152.0/22 maxlen: 22
185.190.144.0/22 maxlen: 22
185.199.168.0/22 maxlen: 22
185.205.224.0/22 maxlen: 22
185.205.226.0/24 maxlen: 24
185.211.136.0/22 maxlen: 22
195.140.200.0/22 maxlen: 22
212.16.160.0/19 maxlen: 19
212.37.0.0/19 maxlen: 19
212.112.160.0/19 maxlen: 19
213.80.0.0/18 maxlen: 18
213.80.64.0/19 maxlen: 19
213.132.96.0/19 maxlen: 19
213.132.101.0/24 maxlen: 24
213.132.107.0/24 maxlen: 24
213.132.111.0/24 maxlen: 24
213.132.114.0/24 maxlen: 24
213.132.119.0/24 maxlen: 24
213.212.0.0/18 maxlen: 18
217.75.96.0/19 maxlen: 19
217.140.112.0/20 maxlen: 20
2001:16d8::/32 maxlen: 32
2a01:2b0::/29 maxlen: 29
2a01:6d0::/32 maxlen: 32
2a0a:6380::/29 maxlen: 29
2a0a:a040::/29 maxlen: 29
2a0a:a040::/32 maxlen: 32
2a0a:a041::/32 maxlen: 32
2a0a:d381::/32 maxlen: 32
2a0a:d381:100::/40 maxlen: 40
2a0a:d381:200::/40 maxlen: 40
2a0a:d381:400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0e:04:a1:1c:d2:3a:08:7c:7c:45:a0:64:b0:1e:c9:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af938503d72931626dcb8d1e946b2ae06a73d02e
Validity
Not Before: Jan 30 08:28:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07aafbb65872b641dd2617a8d5db2a7dbaf2e0e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ce:23:b2:38:3f:8c:2c:98:65:5f:ac:3f:97:
cd:12:d9:41:a2:8c:cd:39:a3:9e:18:4e:25:81:e6:
78:26:2e:b5:91:06:0c:2b:90:d2:d7:50:bd:e9:4a:
d0:13:7b:33:81:f6:be:9a:8e:66:21:62:c2:3a:9c:
b1:34:0f:dd:73:b0:13:00:b8:f7:32:0e:5e:a0:c1:
46:1e:86:a6:2e:da:bc:94:6b:de:88:42:04:4f:9b:
a4:ad:42:f4:e4:c3:a4:fb:a4:a2:df:de:1b:d6:6c:
73:d4:1f:ae:67:b5:09:4e:91:32:df:76:a2:a0:25:
d4:e9:d8:e1:dc:90:48:66:da:c0:00:1f:1a:4d:7a:
35:e0:5e:26:7c:8a:bb:21:d7:3b:a6:ed:00:42:8e:
0c:e9:cc:87:59:1e:f3:c8:12:b7:86:ea:ec:6e:2b:
db:8c:f8:e0:d9:f8:55:57:5d:e2:22:64:08:64:da:
35:db:96:65:8b:31:53:38:b3:24:f5:c0:68:8f:16:
2a:17:7d:9b:ee:b3:1d:5c:11:bc:7b:7e:47:f3:75:
df:4e:51:3d:6b:93:4b:eb:70:6e:9f:fa:9e:b6:58:
ff:43:71:88:a8:1d:73:70:2b:05:ca:ac:dd:c9:4c:
ab:1f:a0:ef:a8:9e:bd:3c:1e:04:2f:86:ff:01:55:
8b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:AA:FB:B6:58:72:B6:41:DD:26:17:A8:D5:DB:2A:7D:BA:F2:E0:E8
X509v3 Authority Key Identifier:
keyid:AF:93:85:03:D7:29:31:62:6D:CB:8D:1E:94:6B:2A:E0:6A:73:D0:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5OFA9cpMWJty40elGsq4Gpz0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/B6r7tlhytkHdJheo1dsqfbry4Og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7e6369-5adb-45cd-bd2f-3b8b0d1a59a9/1/r5OFA9cpMWJty40elGsq4Gpz0C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.102.144.0/22
62.109.32.0/19
62.209.160.0/19
65.99.128.0/18
80.252.160.0/19
82.96.0.0/18
82.99.0.0/18
83.140.0.0/16
83.145.0.0/18
85.112.160.0/19
93.158.64.0/18
93.189.240.0/21
94.136.64.0/19
94.246.64.0/18
146.185.8.0/21
178.248.24.0/22
185.165.80.0/22
185.165.172.0/22
185.178.140.0/22
185.181.216.0/22
185.182.84.0/22
185.183.144.0/22
185.183.152.0/22
185.190.144.0/22
185.199.168.0/22
185.205.224.0/22
185.211.136.0/22
195.140.200.0/22
212.16.160.0/19
212.37.0.0/19
212.112.160.0/19
213.80.0.0-213.80.95.255
213.132.96.0/19
213.212.0.0/18
217.75.96.0/19
217.140.112.0/20
IPv6:
2001:16d8::/32
2a01:2b0::/29
2a01:6d0::/32
2a0a:6380::/29
2a0a:a040::/29
2a0a:d381::/32
Signature Algorithm: sha256WithRSAEncryption
2b:6e:7c:d2:39:9d:ee:3f:c7:5c:04:ad:ea:6b:6f:f6:10:b0:
42:4e:0c:c3:5b:18:be:6a:5e:72:90:2f:9d:52:81:3c:eb:2c:
68:36:6d:03:4c:76:72:99:7d:36:c9:dd:df:67:b5:c5:b1:8c:
e8:9f:de:40:62:e2:8c:b2:20:4a:cb:45:15:fd:b6:5b:29:86:
bd:17:94:f1:7a:68:5d:1b:2d:32:f3:8f:c6:49:92:7a:7b:2b:
a6:bb:af:69:29:2b:a8:c8:8e:1d:f9:55:90:e7:77:bf:88:b8:
3b:6d:05:33:99:27:f4:20:04:67:72:3c:11:95:e0:16:f7:eb:
b6:86:d3:77:9b:4a:cb:c9:45:95:16:fc:82:b1:cd:9f:95:15:
a7:e3:21:09:6b:cc:ad:71:49:1c:a0:ca:14:cb:d2:c0:2f:b1:
6b:e1:40:97:c3:df:b7:39:cb:22:95:10:58:19:3e:67:bb:da:
0a:ec:a1:9d:28:3d:f2:ea:bc:bc:b1:82:16:90:19:19:5d:87:
f6:a1:b5:4e:3c:fe:ba:eb:d4:39:77:98:94:24:7e:fc:ed:c0:
45:eb:cc:a3:58:66:7f:99:88:e4:49:a7:e9:dc:fd:a0:cf:e7:
43:58:69:75:f3:b4:79:0c:95:d4:2f:c7:18:3d:87:fa:99:2f:
73:83:36:3f
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZwOBKEc0joIfHxFoGSwHsnUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTM4NTAzZDcyOTMxNjI2ZGNiOGQxZTk0NmIyYWUwNmE3
M2QwMmUwHhcNMjYwMTMwMDgyODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2FhZmJiNjU4NzJiNjQxZGQyNjE3YThkNWRiMmE3ZGJhZjJlMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks4jsjg/jCyYZV+sP5fNEtlBoozN
OaOeGE4lgeZ4Ji61kQYMK5DS11C96UrQE3szgfa+mo5mIWLCOpyxNA/dc7ATALj3
Mg5eoMFGHoamLtq8lGveiEIET5ukrUL05MOk+6Si394b1mxz1B+uZ7UJTpEy33ai
oCXU6djh3JBIZtrAAB8aTXo14F4mfIq7Idc7pu0AQo4M6cyHWR7zyBK3hursbivb
jPjg2fhVV13iImQIZNo125ZlizFTOLMk9cBojxYqF32b7rMdXBG8e35H83XfTlE9
a5NL63Bun/qetlj/Q3GIqB1zcCsFyqzdyUyrH6DvqJ69PB4EL4b/AVWLqwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFAeq+7ZYcrZB3SYXqNXbKn268uDoMB8GA1UdIwQY
MBaAFK+ThQPXKTFibcuNHpRrKuBqc9AuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYt
M2I4YjBkMWE1OWE5LzEvQjZyN3RsaHl0a0hkSmhlbzFkc3FmYnJ5NE9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83ZTYzNjktNWFkYi00NWNkLWJkMmYtM2I4YjBkMWE1OWE5
LzEvcjVPRkE5Y3BNV0p0eTQwZWxHc3E0R3B6MEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCB5QQCAAEwgd4D
BAI+ZpADBAU+bSADBAU+0aADBAZBY4ADBAVQ/KADBAZSYAADBAZSYwADAwBTjAME
BlORAAMEBVVwoAMEBl2eQAMEA1298AMEBV6IQAMEBl72QAMEA5K5CAMEArL4GAME
ArmlUAMEArmlrAMEArmyjAMEArm12AMEArm2VAMEArm3kAMEArm3mAMEArm+kAME
ArnHqAMEArnN4AMEArnTiAMEAsOMyAMEBdQQoAMEBdQlAAMEBdRwoDALAwME1VAD
BAXVUEADBAXVhGADBAbV1AADBAXZS2ADBATZjHAwMAQCAAIwKgMFACABFtgDBQMq
AQKwAwUAKgEG0AMFAyoKY4ADBQMqCqBAAwUAKgrTgTANBgkqhkiG9w0BAQsFAAOC
AQEAK2580jmd7j/HXASt6mtv9hCwQk4Mw1sYvmpecpAvnVKBPOssaDZtA0x2cpl9
Nsnd32e1xbGM6J/eQGLijLIgSstFFf22WymGvReU8XpoXRstMvOPxkmSensrpruv
aSkrqMiOHflVkOd3v4i4O20FM5kn9CAEZ3I8EZXgFvfrtobTd5tKy8lFlRb8grHN
n5UVp+MhCWvMrXFJHKDKFMvSwC+xa+FAl8PftznLIpUQWBk+Z7vaCuyhnSg98uq8
vLGCFpAZGV2H9qG1Tjz+uuvUOXeYlCR+/O3ARevMo1hmf5mI5Emn6dz9oM/nQ1hp
dfO0eQyV1C/HGD2H+pkvc4M2Pw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:17:25 2026 by rpki-client