Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/6SfzyA20maGiI5XJBQeDm_u97nY.roa
File: 6SfzyA20maGiI5XJBQeDm_u97nY.roa (raw, json)
Hash identifier: u3qBuRlWiB0K8K8vlPB1p6jUd1Xd8XzeiX/KEClwly8=
Subject key identifier: E9:27:F3:C8:0D:B4:99:A1:A2:23:95:C9:05:07:83:9B:FB:BD:EE:76
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 019D66CBCED3EC83BE4CEFF2BD7CCBB1090D
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/6SfzyA20maGiI5XJBQeDm_u97nY.roa
Signing time: Tue 07 Apr 2026 07:15:25 +0000
ROA not before: Tue 07 Apr 2026 07:15:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56534
IP address blocks: 45.135.215.0/24 maxlen: 24
89.104.126.0/24 maxlen: 24
89.223.17.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.60.0/24 maxlen: 24
92.255.88.0/21 maxlen: 32
92.255.96.0/21 maxlen: 21
93.174.72.0/21 maxlen: 21
176.53.192.0/24 maxlen: 24
176.53.194.0/23 maxlen: 24
176.53.196.0/24 maxlen: 24
176.53.197.0/24 maxlen: 24
176.53.198.0/23 maxlen: 23
176.53.200.0/22 maxlen: 22
176.53.204.0/22 maxlen: 22
176.53.208.0/22 maxlen: 24
176.53.208.0/24 maxlen: 24
176.53.211.0/24 maxlen: 24
176.53.212.0/22 maxlen: 22
176.53.213.0/24 maxlen: 24
185.47.52.0/22 maxlen: 22
185.47.54.0/24 maxlen: 24
185.108.4.0/24 maxlen: 24
2a04:ac00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:66:cb:ce:d3:ec:83:be:4c:ef:f2:bd:7c:cb:b1:09:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Apr 7 07:15:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e927f3c80db499a1a22395c90507839bfbbdee76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6e:b3:ef:64:d6:3c:cb:cf:98:7a:33:1d:be:
a8:03:65:cf:85:ed:99:e4:f9:b7:f0:34:f2:20:bc:
b8:46:18:03:59:5c:d9:2d:d4:64:fb:ab:d2:d5:80:
6d:0e:4c:fe:4f:c6:69:c9:a5:6c:06:9b:9b:fb:fb:
0e:83:1e:1a:a7:93:87:ce:ae:7a:94:50:09:7e:c4:
f6:a4:74:1c:84:40:c1:c6:2b:14:b2:a1:f1:80:da:
b6:fe:d1:c2:6c:32:a3:ce:14:25:9b:80:fb:9f:9e:
49:84:5e:c0:08:f0:d3:6a:5b:b8:e7:53:95:34:0d:
b1:e3:77:0e:0a:61:05:1a:a1:f8:34:a4:e5:ea:49:
eb:9b:71:42:2e:97:81:25:0c:09:63:a8:37:d6:a1:
78:9b:c4:ed:5f:ff:a6:9f:cb:d9:0d:ee:9f:95:cd:
87:3b:2d:a3:0c:55:0f:42:df:2a:4b:58:a2:65:03:
df:54:ae:bf:71:7e:64:0b:17:b2:5d:84:d2:ee:04:
fd:ec:85:b3:59:59:8d:15:71:a2:e5:cc:cb:65:65:
9f:c2:8e:e2:a1:72:dd:50:c5:77:3e:65:ea:02:f8:
cb:4b:bc:68:cf:1c:a0:ea:f4:c1:3a:c8:e3:58:96:
3d:99:75:67:2c:0d:17:c3:80:f4:2c:21:2f:47:63:
06:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:27:F3:C8:0D:B4:99:A1:A2:23:95:C9:05:07:83:9B:FB:BD:EE:76
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/6SfzyA20maGiI5XJBQeDm_u97nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.215.0/24
89.104.126.0/24
89.223.17.0/24
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
93.174.72.0/21
176.53.192.0/24
176.53.194.0-176.53.215.255
185.47.52.0/22
185.108.4.0/24
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
76:f0:d1:44:79:47:17:13:7a:f2:c8:67:a5:3a:00:4c:bd:aa:
08:d2:77:f1:05:13:ae:ed:a1:7e:b4:5b:f9:e4:90:c5:26:9e:
0f:8f:54:03:fe:8b:8f:ec:7c:fa:64:1d:e9:f5:37:c1:af:1a:
15:30:72:75:f5:41:59:ae:cc:89:fe:79:6e:bd:5c:35:a4:19:
0d:bf:de:b8:31:0b:63:c9:d9:e3:1c:ed:53:b7:84:7f:50:ed:
77:77:3d:0b:d9:c3:91:46:99:41:0e:20:34:fd:31:45:a4:4f:
4a:d1:bb:78:bf:98:9a:18:20:f2:6a:37:1e:22:d5:13:43:c8:
bb:59:ff:84:d8:ff:90:61:47:ec:57:81:cf:36:bd:0a:b2:a6:
07:33:2c:82:0d:89:be:0c:b2:c0:c1:6b:13:2d:21:c1:fe:2d:
79:a3:d3:64:b9:af:fa:80:c7:77:22:5a:a3:bb:31:1b:9b:6a:
81:ed:3b:3e:3e:fd:10:74:ae:b7:10:96:28:ab:2b:5c:4f:e9:
4f:31:80:7d:8c:3a:61:6f:23:75:90:e4:6a:2f:04:d2:66:11:
42:04:9c:61:4f:9d:bd:0a:f1:6d:d6:c3:83:50:05:56:f5:a8:
3f:a5:b3:f4:f8:89:cb:16:91:fb:1f:67:c5:15:b2:48:90:67:
5a:5a:57:01
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZ1my87T7IO+TO/yvXzLsQkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjYwNDA3MDcxNTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI3ZjNjODBkYjQ5OWExYTIyMzk1YzkwNTA3ODM5YmZiYmRlZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu26z72TWPMvPmHozHb6oA2XPhe2Z
5Pm38DTyILy4RhgDWVzZLdRk+6vS1YBtDkz+T8ZpyaVsBpub+/sOgx4ap5OHzq56
lFAJfsT2pHQchEDBxisUsqHxgNq2/tHCbDKjzhQlm4D7n55JhF7ACPDTalu451OV
NA2x43cOCmEFGqH4NKTl6knrm3FCLpeBJQwJY6g31qF4m8TtX/+mn8vZDe6flc2H
Oy2jDFUPQt8qS1iiZQPfVK6/cX5kCxeyXYTS7gT97IWzWVmNFXGi5czLZWWfwo7i
oXLdUMV3PmXqAvjLS7xozxyg6vTBOsjjWJY9mXVnLA0Xw4D0LCEvR2MGxQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFOkn88gNtJmhoiOVyQUHg5v7ve52MB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvNlNmenlBMjBtYUdpSTVYSkJRZURtX3U5N25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQALYfXAwQA
WWh+AwQAWd8RAwQDWd9QAwQAXP88MAwDBANc/1gDBANc/2ADBANdrkgDBACwNcAw
DAMEAbA1wgMEA7A10AMEArkvNAMEALlsBDANBAIAAjAHAwUDKgSsADANBgkqhkiG
9w0BAQsFAAOCAQEAdvDRRHlHFxN68shnpToATL2qCNJ38QUTru2hfrRb+eSQxSae
D49UA/6Lj+x8+mQd6fU3wa8aFTBydfVBWa7Mif55br1cNaQZDb/euDELY8nZ4xzt
U7eEf1Dtd3c9C9nDkUaZQQ4gNP0xRaRPStG7eL+Ymhgg8mo3HiLVE0PIu1n/hNj/
kGFH7FeBzza9CrKmBzMsgg2JvgyywMFrEy0hwf4teaPTZLmv+oDHdyJao7sxG5tq
ge07Pj79EHSutxCWKKsrXE/pTzGAfYw6YW8jdZDkai8E0mYRQgScYU+dvQrxbdbD
g1AFVvWoP6Wz9PiJyxaR+x9nxRWySJBnWlpXAQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:29:37 2026 by rpki-client