Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/6wrwVwIOmyHRFv2kHnVse0hIMz0.roa
File: 6wrwVwIOmyHRFv2kHnVse0hIMz0.roa (raw, json)
Hash identifier: 3Bl4eyRcujw6eiEUMKOOuOVx73Mu069CKt56gjYDvno=
Subject key identifier: EB:0A:F0:57:02:0E:9B:21:D1:16:FD:A4:1E:75:6C:7B:48:48:33:3D
Certificate issuer: /CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Certificate serial: 019C8C3FF25C0CE9F8EBFF5C46CD1F2BCE32
Authority key identifier: 42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/6wrwVwIOmyHRFv2kHnVse0hIMz0.roa
Signing time: Mon 23 Feb 2026 20:45:26 +0000
ROA not before: Mon 23 Feb 2026 20:45:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 196610
IP address blocks: 45.91.77.0/24 maxlen: 24
2a0e:cc0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8c:3f:f2:5c:0c:e9:f8:eb:ff:5c:46:cd:1f:2b:ce:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429c54be1da7e738e3c96ffb41f1ea3900a67be8
Validity
Not Before: Feb 23 20:45:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb0af057020e9b21d116fda41e756c7b4848333d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:ce:73:97:dc:17:c6:46:2d:72:d1:39:ac:
c2:4a:d1:21:7c:13:19:10:26:a6:aa:49:63:ff:e1:
71:a2:4b:ac:a0:62:31:e7:9d:d8:e5:2a:65:5d:c3:
8f:b3:27:1a:0e:08:61:0b:1d:2a:c2:31:d5:e8:10:
0d:ce:f7:2b:64:a5:3c:c9:08:47:1a:06:28:82:b7:
bd:f9:1c:4b:b4:1f:1e:86:f7:f0:d9:6b:1b:36:99:
b4:64:a0:0f:6c:0c:7b:94:09:5e:ab:c8:ce:c5:8c:
79:91:aa:77:6c:a1:90:58:f7:18:43:f1:84:4d:c4:
97:5b:ee:e6:87:b8:aa:be:28:4d:12:5e:13:cf:00:
2d:bc:83:fb:f0:f1:8f:aa:5e:d6:4b:65:15:26:cc:
0e:9f:d0:44:68:37:a2:c8:51:b2:63:46:95:0e:e6:
d5:88:05:f8:c7:0a:c4:7d:b4:d7:53:12:eb:40:a3:
51:45:81:05:dc:2f:af:f4:26:0f:62:67:f4:d7:d1:
c9:77:fb:b7:2c:d6:9e:8f:aa:ba:e7:ee:8a:e9:14:
ad:e1:3b:8a:88:3c:06:9c:68:cf:0c:7a:4b:ef:7b:
cc:04:c5:64:a6:5c:ec:c9:1c:12:6d:fb:70:a2:a6:
6e:a8:0c:d0:f3:dc:b0:26:b8:83:84:ef:80:3a:50:
68:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:0A:F0:57:02:0E:9B:21:D1:16:FD:A4:1E:75:6C:7B:48:48:33:3D
X509v3 Authority Key Identifier:
keyid:42:9C:54:BE:1D:A7:E7:38:E3:C9:6F:FB:41:F1:EA:39:00:A6:7B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpxUvh2n5zjjyW_7QfHqOQCme-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/6wrwVwIOmyHRFv2kHnVse0hIMz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/f6f5c3-6146-48ca-affa-3d8584cf53fe/1/QpxUvh2n5zjjyW_7QfHqOQCme-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.77.0/24
IPv6:
2a0e:cc0::/48
Signature Algorithm: sha256WithRSAEncryption
8c:cd:fe:d8:fa:57:01:08:80:da:f2:3e:2f:4f:0e:53:89:a3:
8c:aa:f5:67:ca:02:e6:70:09:14:95:cc:c9:a2:ae:0b:d5:b7:
85:28:c1:88:fc:6c:d6:11:93:bd:9a:3a:43:b3:e8:72:60:06:
ba:43:db:93:4c:fa:d8:a1:3f:cc:b0:55:75:89:16:c7:89:6e:
85:e6:48:4f:8e:74:90:ff:e7:61:f7:9d:79:20:d7:89:1e:c8:
74:7b:ea:d6:34:cf:8c:c2:2f:a2:25:e7:ce:e3:82:d1:56:3e:
43:72:23:d2:4b:a7:12:f2:4e:81:41:fa:ec:2f:03:24:b9:5e:
ae:67:d1:8b:4a:75:ca:38:1e:a8:3d:dd:10:00:d1:aa:e4:f4:
32:65:d0:d5:e8:af:6f:02:cb:6c:f6:4e:37:3f:e2:15:84:09:
e4:34:49:04:3c:dc:a0:7d:44:7e:ed:46:95:e0:27:99:76:40:
91:1c:a7:a9:84:e1:b5:e9:ad:f1:3c:27:40:ed:94:56:6c:fc:
3a:36:1f:88:e7:ae:8b:20:72:6a:4b:c6:3d:82:72:ee:d9:7f:
dc:eb:cc:05:ce:14:f8:8b:e8:f3:f1:21:c6:ef:65:b2:33:e2:
c2:4d:0e:08:8d:73:e7:5b:c0:89:70:e0:34:31:c0:78:72:87:
da:6d:52:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZyMP/JcDOn46/9cRs0fK84yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOWM1NGJlMWRhN2U3MzhlM2M5NmZmYjQxZjFlYTM5MDBh
NjdiZTgwHhcNMjYwMjIzMjA0NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjBhZjA1NzAyMGU5YjIxZDExNmZkYTQxZTc1NmM3YjQ4NDgzMzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUbOc5fcF8ZGLXLROazCStEhfBMZ
ECamqklj/+FxokusoGIx553Y5SplXcOPsycaDghhCx0qwjHV6BANzvcrZKU8yQhH
GgYogre9+RxLtB8ehvfw2WsbNpm0ZKAPbAx7lAleq8jOxYx5kap3bKGQWPcYQ/GE
TcSXW+7mh7iqvihNEl4TzwAtvIP78PGPql7WS2UVJswOn9BEaDeiyFGyY0aVDubV
iAX4xwrEfbTXUxLrQKNRRYEF3C+v9CYPYmf019HJd/u3LNaej6q65+6K6RSt4TuK
iDwGnGjPDHpL73vMBMVkplzsyRwSbftwoqZuqAzQ89ywJriDhO+AOlBo4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOsK8FcCDpsh0Rb9pB51bHtISDM9MB8GA1UdIwQY
MBaAFEKcVL4dp+c448lv+0Hx6jkApnvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEt
M2Q4NTg0Y2Y1M2ZlLzEvNndyd1Z3SU9teUhSRnYya0huVnNlMGhJTXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9mNmY1YzMtNjE0Ni00OGNhLWFmZmEtM2Q4NTg0Y2Y1M2Zl
LzEvUXB4VXZoMm41empqeVdfN1FmSHFPUUNtZS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALVtNMA8E
AgACMAkDBwAqDgzAAAAwDQYJKoZIhvcNAQELBQADggEBAIzN/tj6VwEIgNryPi9P
DlOJo4yq9WfKAuZwCRSVzMmirgvVt4UowYj8bNYRk72aOkOz6HJgBrpD25NM+tih
P8ywVXWJFseJboXmSE+OdJD/52H3nXkg14keyHR76tY0z4zCL6Il587jgtFWPkNy
I9JLpxLyToFB+uwvAyS5Xq5n0YtKdco4Hqg93RAA0ark9DJl0NXor28Cy2z2Tjc/
4hWECeQ0SQQ83KB9RH7tRpXgJ5l2QJEcp6mE4bXprfE8J0DtlFZs/Do2H4jnrosg
cmpLxj2Ccu7Zf9zrzAXOFPiL6PPxIcbvZbIz4sJNDgiNc+dbwIlw4DQxwHhyh9pt
Ui4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:23:14 2026 by rpki-client