Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/6JZ7XwAAQjYcJy-iMu7ApYDu0IE.roa
File: 6JZ7XwAAQjYcJy-iMu7ApYDu0IE.roa (raw, json)
Hash identifier: OgfErWAGIy3L32XMleS4jSHvDJW/cp8NDQpdWGx5uXw=
Subject key identifier: E8:96:7B:5F:00:00:42:36:1C:27:2F:A2:32:EE:C0:A5:80:EE:D0:81
Certificate issuer: /CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Certificate serial: 019C754AF7A3715D8B43006FBCB80508E697
Authority key identifier: 32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/6JZ7XwAAQjYcJy-iMu7ApYDu0IE.roa
Signing time: Thu 19 Feb 2026 09:46:13 +0000
ROA not before: Thu 19 Feb 2026 09:46:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209235
IP address blocks: 91.199.48.0/24 maxlen: 24
185.130.194.0/24 maxlen: 24
2a09:c0c0::/29 maxlen: 48
2a09:c0c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:75:4a:f7:a3:71:5d:8b:43:00:6f:bc:b8:05:08:e6:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c78eeef7acb451fc37575feb9114dfccc1cdfb
Validity
Not Before: Feb 19 09:46:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e8967b5f000042361c272fa232eec0a580eed081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:d0:37:4e:36:b0:d0:ce:71:d3:86:57:d2:a3:
97:1e:a7:78:dd:34:87:be:0f:a9:39:e4:f4:2b:79:
54:5c:15:18:e6:29:04:b3:fd:8f:04:44:79:5c:43:
cc:f7:24:ee:33:a8:aa:cf:1c:d7:95:36:86:6a:8b:
56:04:1e:46:bd:4e:28:d9:98:ff:26:88:c4:c5:24:
6e:b6:ad:66:12:e7:b0:98:4b:ad:4e:48:42:ab:ee:
87:06:84:8b:ee:d9:14:5c:ef:5d:8f:53:9e:83:b6:
53:38:b7:51:bc:1c:5c:e1:b2:78:8d:70:23:c5:32:
66:a5:b2:ad:45:0f:42:d0:9a:39:e5:7d:d1:0e:a3:
83:84:62:37:57:cc:7f:15:3e:74:68:fd:ab:07:43:
98:d2:f0:05:63:8b:1d:ac:eb:8e:7f:3b:12:70:68:
8d:d8:b2:64:c2:b9:a2:80:bf:57:e7:85:2b:fe:0e:
84:ed:76:2f:42:48:b6:3f:6d:00:28:84:4c:f4:7b:
07:01:1e:d6:3e:63:0b:6c:58:a7:31:4f:a4:35:ab:
dc:f4:00:9e:79:3e:7e:aa:c7:01:6e:4c:d0:2f:64:
0b:9c:5d:e7:17:37:6e:d5:38:ab:9f:f1:df:1b:e7:
89:37:a1:26:32:f9:d7:6a:e6:13:c1:9f:ae:67:fe:
4e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:96:7B:5F:00:00:42:36:1C:27:2F:A2:32:EE:C0:A5:80:EE:D0:81
X509v3 Authority Key Identifier:
keyid:32:C7:8E:EE:F7:AC:B4:51:FC:37:57:5F:EB:91:14:DF:CC:C1:CD:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MseO7vestFH8N1df65EU38zBzfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/6JZ7XwAAQjYcJy-iMu7ApYDu0IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/225bcb-6d3d-4c0e-824f-2f1c8e408b64/1/MseO7vestFH8N1df65EU38zBzfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.48.0/24
185.130.194.0/24
IPv6:
2a09:c0c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:0f:ae:57:a1:e4:96:5b:0a:90:47:49:de:e8:61:12:66:64:
1c:23:fa:2e:4c:4a:50:f8:b1:7a:ac:0d:a5:7c:84:b2:ad:76:
9f:31:17:dd:57:41:55:00:10:79:f7:d0:26:28:7f:08:fa:04:
b8:d2:24:fe:70:5d:2e:d5:47:91:1e:6d:22:d2:e3:c7:85:d2:
f6:60:0b:ed:ce:dd:4d:b7:d2:ba:1e:30:3a:45:26:c3:fd:5c:
4e:39:10:08:39:a8:e4:bd:65:11:5e:6f:6e:46:fa:60:d4:e1:
61:7d:c0:16:ba:ec:71:ea:b1:e5:ce:70:6d:ed:2a:5c:89:b9:
a3:3e:58:b9:b3:f5:71:6f:b1:19:15:28:da:15:91:11:f4:c7:
d5:d4:24:f0:33:e8:ad:ba:f3:5f:87:90:e8:ef:89:75:42:60:
b7:57:73:d0:5e:ce:9f:d8:b3:c5:d9:f8:c2:52:28:6e:b4:b5:
e8:c2:8b:a9:11:57:9d:fe:37:fb:27:cc:4b:49:05:bd:67:70:
2e:55:2f:4e:f9:2d:a5:62:59:b3:a6:be:e9:7f:9f:f3:df:4b:
cf:50:fd:33:ac:7d:6a:c4:24:33:71:b1:af:21:0b:5c:fb:96:
7b:05:fb:62:cd:5f:fb:53:31:7c:ef:ac:e9:08:80:38:d7:95:
84:cd:37:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZx1SvejcV2LQwBvvLgFCOaXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzc4ZWVlZjdhY2I0NTFmYzM3NTc1ZmViOTExNGRmY2Nj
MWNkZmIwHhcNMjYwMjE5MDk0NjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODk2N2I1ZjAwMDA0MjM2MWMyNzJmYTIzMmVlYzBhNTgwZWVkMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5tA3Tjaw0M5x04ZX0qOXHqd43TSH
vg+pOeT0K3lUXBUY5ikEs/2PBER5XEPM9yTuM6iqzxzXlTaGaotWBB5GvU4o2Zj/
JojExSRutq1mEuewmEutTkhCq+6HBoSL7tkUXO9dj1Oeg7ZTOLdRvBxc4bJ4jXAj
xTJmpbKtRQ9C0Jo55X3RDqODhGI3V8x/FT50aP2rB0OY0vAFY4sdrOuOfzsScGiN
2LJkwrmigL9X54Ur/g6E7XYvQki2P20AKIRM9HsHAR7WPmMLbFinMU+kNavc9ACe
eT5+qscBbkzQL2QLnF3nFzdu1Tirn/HfG+eJN6EmMvnXauYTwZ+uZ/5OFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOiWe18AAEI2HCcvojLuwKWA7tCBMB8GA1UdIwQY
MBaAFDLHju73rLRR/DdXX+uRFN/Mwc37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYt
MmYxYzhlNDA4YjY0LzEvNkpaN1h3QUFRalljSnktaU11N0FwWUR1MElFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8yMjViY2ItNmQzZC00YzBlLTgyNGYtMmYxYzhlNDA4YjY0
LzEvTXNlTzd2ZXN0Rkg4TjFkZjY1RVUzOHpCemZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW8cwAwQA
uYLCMA0EAgACMAcDBQMqCcDAMA0GCSqGSIb3DQEBCwUAA4IBAQAyD65XoeSWWwqQ
R0ne6GESZmQcI/ouTEpQ+LF6rA2lfISyrXafMRfdV0FVABB599AmKH8I+gS40iT+
cF0u1UeRHm0i0uPHhdL2YAvtzt1Nt9K6HjA6RSbD/VxOORAIOajkvWURXm9uRvpg
1OFhfcAWuuxx6rHlznBt7SpcibmjPli5s/Vxb7EZFSjaFZER9MfV1CTwM+ituvNf
h5Do74l1QmC3V3PQXs6f2LPF2fjCUihutLXowoupEVed/jf7J8xLSQW9Z3AuVS9O
+S2lYlmzpr7pf5/z30vPUP0zrH1qxCQzcbGvIQtc+5Z7BftizV/7UzF876zpCIA4
15WEzTdc
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:54:23 2026 by rpki-client