Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/e6meYDuQdBKuKmwb5zf3Pkj3MO8.roa
File: e6meYDuQdBKuKmwb5zf3Pkj3MO8.roa (raw, json)
Hash identifier: Un7pIvJ8cxcEtP+YWWF2IY0dLuycoZTnZJtDO0nPduY=
Subject key identifier: 7B:A9:9E:60:3B:90:74:12:AE:2A:6C:1B:E7:37:F7:3E:48:F7:30:EF
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 019C895F3EA8290CA7EABE9A639B383D48F2
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/e6meYDuQdBKuKmwb5zf3Pkj3MO8.roa
Signing time: Mon 23 Feb 2026 07:20:46 +0000
ROA not before: Mon 23 Feb 2026 07:20:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15763
IP address blocks: 85.22.0.0/16 maxlen: 16
85.22.0.0/20 maxlen: 20
85.22.16.0/20 maxlen: 20
85.22.48.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.58.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.66.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.76.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
149.232.32.0/20 maxlen: 20
156.67.58.0/24 maxlen: 24
185.151.100.0/22 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
212.29.40.0/24 maxlen: 24
212.29.42.0/24 maxlen: 24
2a03:f580::/32 maxlen: 48
2a03:f580::/48 maxlen: 48
2a03:f580:1::/48 maxlen: 48
2a03:f580:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:5f:3e:a8:29:0c:a7:ea:be:9a:63:9b:38:3d:48:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Feb 23 07:20:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ba99e603b907412ae2a6c1be737f73e48f730ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ba:2d:a9:40:ab:3a:ca:73:16:dc:c6:39:30:
24:61:a0:01:4a:18:31:24:13:c1:cc:42:5a:00:49:
f1:16:2f:00:bc:d9:b2:d9:d9:85:c3:96:28:89:6e:
15:1e:a7:af:1b:9e:e0:51:37:80:2f:c4:5c:ae:eb:
19:d6:df:a6:a7:cd:46:bd:eb:09:b8:0a:c7:92:50:
70:ce:24:db:57:f2:3f:d5:8e:d0:1c:17:aa:26:88:
40:c6:13:34:e4:ce:42:b5:84:39:59:43:39:f6:c6:
b8:ab:49:17:ce:4a:4b:97:a0:21:a8:0b:b5:d8:4c:
6d:8f:d6:44:6f:1e:b6:df:d5:7d:1d:78:03:e6:7d:
e0:bd:45:83:7c:b4:0c:df:d2:62:ed:64:f2:29:d7:
75:d1:d6:18:5d:98:e1:ff:78:e0:ed:9a:a6:81:c5:
91:e1:47:d7:51:6e:56:ee:69:b9:c4:d7:0e:c6:46:
3e:42:16:e3:9a:c3:9b:be:95:b2:9d:e9:97:f0:55:
62:40:6b:40:f6:8b:bb:7f:95:7d:bb:59:73:00:0f:
16:5f:c7:b8:3e:9d:cd:e4:d4:6e:36:66:ee:d9:38:
8c:b1:a2:b9:0d:9b:4c:03:ad:e4:f4:63:49:b4:17:
e8:9b:c4:c5:69:29:fe:bd:35:83:fe:3d:1f:10:0c:
8b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A9:9E:60:3B:90:74:12:AE:2A:6C:1B:E7:37:F7:3E:48:F7:30:EF
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/e6meYDuQdBKuKmwb5zf3Pkj3MO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
149.232.32.0/20
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
2f:c1:76:ac:80:43:58:e2:60:9d:86:57:43:f0:55:b9:06:8d:
75:f7:f0:be:13:5b:08:9e:f8:42:60:83:61:0a:04:1a:27:7a:
3a:e0:e9:66:0e:db:4b:5c:fe:ed:39:37:bd:7b:a4:74:5c:57:
0e:a8:5b:d1:80:53:cd:11:1b:f3:c3:7a:98:92:13:7b:a6:ba:
e8:6d:ca:3e:47:87:32:56:72:37:b4:34:d1:c2:d1:39:2b:9d:
4a:46:ad:1c:ea:49:a5:e1:d2:de:df:c2:b4:09:f2:bf:35:9b:
fe:f8:25:00:31:4a:06:40:c2:9f:8c:0b:93:e7:35:35:6f:d3:
2f:15:9f:d6:d6:ff:f9:89:77:a1:74:77:e0:4b:6d:cb:53:9c:
77:e1:0b:80:37:9e:c6:35:60:d7:11:b7:78:60:3b:42:ae:13:
6b:42:06:de:91:50:f2:d6:7f:01:cc:c2:88:d1:bd:a9:79:12:
3c:fb:49:98:98:47:be:00:e4:0a:1e:be:78:f1:92:f1:df:d6:
b9:94:95:01:1e:88:c7:4a:fc:a1:a7:cd:9a:7e:04:3b:33:9b:
6e:aa:88:ab:87:05:a1:78:82:4a:c6:b6:e3:bc:82:ae:16:dd:
fc:8d:5b:21:d0:96:2e:06:09:fd:c8:08:f2:72:d4:52:cd:a0:
ab:cc:7f:08
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZyJXz6oKQyn6r6aY5s4PUjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjYwMjIzMDcyMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmE5OWU2MDNiOTA3NDEyYWUyYTZjMWJlNzM3ZjczZTQ4ZjczMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbotqUCrOspzFtzGOTAkYaABShgx
JBPBzEJaAEnxFi8AvNmy2dmFw5YoiW4VHqevG57gUTeAL8RcrusZ1t+mp81GvesJ
uArHklBwziTbV/I/1Y7QHBeqJohAxhM05M5CtYQ5WUM59sa4q0kXzkpLl6AhqAu1
2Extj9ZEbx6239V9HXgD5n3gvUWDfLQM39Ji7WTyKdd10dYYXZjh/3jg7ZqmgcWR
4UfXUW5W7mm5xNcOxkY+QhbjmsObvpWynemX8FViQGtA9ou7f5V9u1lzAA8WX8e4
Pp3N5NRuNmbu2TiMsaK5DZtMA63k9GNJtBfom8TFaSn+vTWD/j0fEAyLqQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHupnmA7kHQSripsG+c39z5I9zDvMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvZTZtZVlEdVFkQkt1S213YjV6ZjNQa2ozTU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAVRYDBASV
6CADBACcQzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQEL
BQADggEBAC/BdqyAQ1jiYJ2GV0PwVbkGjXX38L4TWwie+EJgg2EKBBonejrg6WYO
20tc/u05N717pHRcVw6oW9GAU80RG/PDepiSE3umuuhtyj5HhzJWcje0NNHC0Tkr
nUpGrRzqSaXh0t7fwrQJ8r81m/74JQAxSgZAwp+MC5PnNTVv0y8Vn9bW//mJd6F0
d+BLbctTnHfhC4A3nsY1YNcRt3hgO0KuE2tCBt6RUPLWfwHMwojRval5Ejz7SZiY
R74A5AoevnjxkvHf1rmUlQEeiMdK/KGnzZp+BDszm26qiKuHBaF4gkrGtuO8gq4W
3fyNWyHQli4GCf3ICPJy1FLNoKvMfwg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:15:05 2026 by rpki-client