Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/6SSk_oY6wFitFbCnmnyZkDy544E.roa
File: 6SSk_oY6wFitFbCnmnyZkDy544E.roa (raw, json)
Hash identifier: tTiy/O7TpF1KVBxdlXg+cyQlJIy5XKao+5PRoWOcRJE=
Subject key identifier: E9:24:A4:FE:86:3A:C0:58:AD:15:B0:A7:9A:7C:99:90:3C:B9:E3:81
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D5FADE8345B9BCB0CD7BF8F63277A22C5
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/6SSk_oY6wFitFbCnmnyZkDy544E.roa
Signing time: Sun 05 Apr 2026 22:05:25 +0000
ROA not before: Sun 05 Apr 2026 22:05:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199685
IP address blocks: 80.76.34.0/23 maxlen: 23
80.76.34.0/24 maxlen: 24
80.76.35.0/24 maxlen: 24
89.44.84.0/23 maxlen: 23
89.44.84.0/24 maxlen: 24
89.44.85.0/24 maxlen: 24
103.249.132.0/23 maxlen: 23
103.249.132.0/24 maxlen: 24
103.249.133.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.56.0/24 maxlen: 24
109.69.57.0/24 maxlen: 24
135.136.184.0/23 maxlen: 23
135.136.184.0/24 maxlen: 24
135.136.185.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
185.103.254.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.114.72.0/23 maxlen: 23
185.114.72.0/24 maxlen: 24
185.114.73.0/24 maxlen: 24
2a0c:5d00:3003::/48 maxlen: 48
2a0c:5d00:3006::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5f:ad:e8:34:5b:9b:cb:0c:d7:bf:8f:63:27:7a:22:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 5 22:05:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e924a4fe863ac058ad15b0a79a7c99903cb9e381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ba:6b:ab:bf:0a:41:f4:f6:f8:e1:15:9b:4f:
a4:46:92:c1:88:c1:31:9a:a3:2c:59:a6:8e:23:b8:
c6:d2:d0:df:0d:83:ae:82:b2:f1:c0:52:fc:3e:33:
d7:bc:20:20:be:e6:0b:34:bb:56:ab:0d:37:6c:e3:
9c:d8:c4:f7:da:2a:b9:4e:39:35:0b:e0:f2:1c:15:
e2:2f:66:f6:48:8d:55:ba:c3:1e:61:60:50:fd:44:
35:08:d9:06:99:86:d3:c5:7a:5e:ef:da:28:a2:b3:
8e:a7:3a:78:2f:7a:d4:ce:3d:d5:70:27:57:b2:8d:
4c:a1:f1:8a:9c:39:62:3d:45:31:25:05:19:a0:2a:
be:3f:20:fc:25:dc:da:e8:83:85:e7:05:d0:c2:15:
b7:17:71:ef:22:c9:be:ff:f3:c9:ce:65:44:67:f3:
e9:cf:bd:88:9f:ac:2c:ec:4f:ec:06:e8:1a:ac:3a:
1a:94:44:98:77:bd:6f:8e:ab:21:a7:6f:7b:c6:71:
e0:e1:47:3b:aa:5d:c4:5e:b5:c5:9b:dc:1d:88:3d:
ed:8f:9f:df:62:66:c4:2e:07:99:83:d6:5b:ea:8e:
0f:f3:12:1b:78:2b:c0:a4:ee:97:58:3f:2f:52:f8:
45:7a:53:43:0f:c1:28:b2:a3:a1:bb:50:84:eb:b9:
ab:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:24:A4:FE:86:3A:C0:58:AD:15:B0:A7:9A:7C:99:90:3C:B9:E3:81
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/6SSk_oY6wFitFbCnmnyZkDy544E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.34.0/23
89.44.84.0/23
103.249.132.0/23
109.69.56.0/23
135.136.184.0/23
185.103.254.0/23
185.114.72.0/23
IPv6:
2a0c:5d00:3003::/48
2a0c:5d00:3006::/48
Signature Algorithm: sha256WithRSAEncryption
b6:d2:66:95:be:24:c3:9a:01:9f:d6:d5:cf:01:28:77:0f:5a:
df:0c:58:7a:93:c2:b5:49:c6:a9:4d:92:5a:ee:55:ec:c4:dd:
e0:92:a7:4f:fa:60:fd:b0:02:88:e8:f4:8c:03:14:9b:97:50:
41:59:69:93:06:46:12:81:61:95:44:35:1d:ed:73:1b:7d:04:
e1:4c:12:39:7b:ec:dc:1e:e0:1a:22:74:09:b6:f9:ae:65:96:
d5:f7:b0:6f:63:bf:ff:94:53:8d:99:84:0f:24:d4:d7:e3:52:
bc:c7:82:04:51:23:f9:d8:96:a6:94:63:1c:c0:50:ac:22:9b:
10:bc:54:a5:d3:f7:46:8c:c0:db:20:c6:0e:19:fa:73:02:02:
47:a0:18:84:91:8f:8e:a0:2f:2c:56:8b:8c:55:f1:eb:44:f8:
0e:67:dc:21:1b:e8:aa:84:55:a3:2a:f3:a1:01:d8:58:2f:15:
15:14:be:c0:74:df:3c:2d:25:3a:ae:07:5d:11:9f:86:8c:1d:
0b:0d:f9:fe:05:0d:56:1b:66:1c:ea:4c:87:2f:66:df:bd:b2:
f8:90:ae:2b:6d:6c:15:04:00:cf:1c:2b:f7:d1:f4:59:a5:33:
41:32:df:dd:d2:dd:4e:f4:8d:07:f7:3b:be:36:29:fb:8b:8d:
cb:f6:11:ea
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ1freg0W5vLDNe/j2MneiLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwNDA1MjIwNTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTI0YTRmZTg2M2FjMDU4YWQxNWIwYTc5YTdjOTk5MDNjYjllMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLprq78KQfT2+OEVm0+kRpLBiMEx
mqMsWaaOI7jG0tDfDYOugrLxwFL8PjPXvCAgvuYLNLtWqw03bOOc2MT32iq5Tjk1
C+DyHBXiL2b2SI1VusMeYWBQ/UQ1CNkGmYbTxXpe79ooorOOpzp4L3rUzj3VcCdX
so1MofGKnDliPUUxJQUZoCq+PyD8Jdza6IOF5wXQwhW3F3HvIsm+//PJzmVEZ/Pp
z72In6ws7E/sBugarDoalESYd71vjqshp297xnHg4Uc7ql3EXrXFm9wdiD3tj5/f
YmbELgeZg9Zb6o4P8xIbeCvApO6XWD8vUvhFelNDD8EosqOhu1CE67mrIQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOkkpP6GOsBYrRWwp5p8mZA8ueOBMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvNlNTa19vWTZ3Rml0RmJDbm1ueVprRHk1NDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAwBAIAATAqAwQBUEwiAwQB
WSxUAwQBZ/mEAwQBbUU4AwQBh4i4AwQBuWf+AwQBuXJIMBgEAgACMBIDBwAqDF0A
MAMDBwAqDF0AMAYwDQYJKoZIhvcNAQELBQADggEBALbSZpW+JMOaAZ/W1c8BKHcP
Wt8MWHqTwrVJxqlNklruVezE3eCSp0/6YP2wAojo9IwDFJuXUEFZaZMGRhKBYZVE
NR3tcxt9BOFMEjl77Nwe4BoidAm2+a5lltX3sG9jv/+UU42ZhA8k1NfjUrzHggRR
I/nYlqaUYxzAUKwimxC8VKXT90aMwNsgxg4Z+nMCAkegGISRj46gLyxWi4xV8etE
+A5n3CEb6KqEVaMq86EB2FgvFRUUvsB03zwtJTquB10Rn4aMHQsN+f4FDVYbZhzq
TIcvZt+9sviQrittbBUEAM8cK/fR9FmlM0Ey393S3U70jQf3O742KfuLjcv2Eeo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:42:27 2026 by rpki-client