Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/j6ZEfuBoBwoJsq_P8O7JAQCMW2w.roa
File: j6ZEfuBoBwoJsq_P8O7JAQCMW2w.roa (raw, json)
Hash identifier: SGo/KKeiXkzjoKtnxVRa/5ncyP+lv+PUCdh1kKaxLxc=
Subject key identifier: 8F:A6:44:7E:E0:68:07:0A:09:B2:AF:CF:F0:EE:C9:01:00:8C:5B:6C
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 019C290D4D797BCC4EFB97391F6AC4F17266
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/j6ZEfuBoBwoJsq_P8O7JAQCMW2w.roa
Signing time: Wed 04 Feb 2026 14:27:43 +0000
ROA not before: Wed 04 Feb 2026 14:27:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33659
IP address blocks: 95.164.160.0/22 maxlen: 24
95.164.193.0/24 maxlen: 24
95.164.195.0/24 maxlen: 24
95.164.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:29:0d:4d:79:7b:cc:4e:fb:97:39:1f:6a:c4:f1:72:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Feb 4 14:27:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fa6447ee068070a09b2afcff0eec901008c5b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:1a:23:2d:5e:44:41:29:db:6f:20:28:97:b5:
f4:c3:3a:4f:ab:a0:24:da:17:0f:90:50:70:de:87:
f1:3c:42:67:35:4c:72:91:fc:b9:8b:a0:a4:b8:81:
ae:76:ed:be:71:8d:92:21:f7:32:4d:a7:29:23:31:
9b:f5:dc:66:c2:28:4a:ff:ab:b2:48:cb:08:80:67:
07:f2:b0:f5:8f:57:45:6c:6d:68:8a:07:72:db:0b:
c6:7b:68:14:15:4d:04:f1:e0:55:86:f1:35:3a:37:
80:4d:f9:ec:2b:3e:10:25:a8:6c:8c:93:d1:31:c9:
c5:1d:24:a5:06:5f:e7:f3:27:2c:9c:45:c9:c1:b3:
6b:f0:f9:d9:0c:6c:09:64:e3:f2:84:3b:52:fd:43:
2e:05:4a:df:db:52:f4:b3:2e:c3:bd:6e:43:75:4e:
70:9c:8e:32:d8:0f:2a:db:84:66:a0:a8:4f:74:da:
27:89:68:92:0b:73:51:5a:d3:34:d5:61:ee:8c:6f:
74:4b:5b:fe:64:dd:28:86:fd:20:1e:e1:ec:77:b6:
63:77:38:f3:42:d3:66:84:42:85:1e:11:9a:df:da:
6d:87:e6:76:13:e8:42:af:9e:14:ce:52:37:f0:53:
a6:f2:c3:ab:78:02:ad:7f:76:98:ee:12:73:02:37:
c6:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:A6:44:7E:E0:68:07:0A:09:B2:AF:CF:F0:EE:C9:01:00:8C:5B:6C
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/j6ZEfuBoBwoJsq_P8O7JAQCMW2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.160.0/22
95.164.193.0/24
95.164.195.0/24
95.164.224.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:43:09:72:29:7d:31:57:22:55:9b:6c:8f:2c:9b:2c:29:32:
a4:51:df:df:54:8c:f5:e4:3b:f5:c3:21:ac:19:96:bc:bd:c8:
a9:ea:59:18:80:a8:34:4e:5e:a8:06:2e:e5:04:08:a8:64:96:
13:cb:57:e8:1c:64:87:b7:bf:41:ea:92:e4:4c:c5:03:1c:35:
da:36:f9:db:61:a6:5f:35:60:4f:d2:0e:ed:1c:db:5b:e0:39:
3e:ec:99:fd:b8:bd:b6:76:63:1b:5a:4d:52:a2:46:68:25:43:
54:4b:e4:06:1a:d5:a6:6a:df:47:cc:9d:d9:0e:cc:75:06:8e:
4b:19:46:69:a6:3a:ab:47:97:cc:f3:f6:9c:ce:bc:f4:ca:0d:
d8:84:e3:f9:1b:e8:a0:1e:c0:b3:ad:c4:59:73:72:7f:fb:11:
19:b7:8f:c5:cb:b3:ad:ec:a3:0a:2e:fe:69:e5:2e:76:93:a2:
46:9d:c8:d2:08:ff:f0:17:47:4c:26:53:40:36:6e:ad:fa:b6:
fd:1e:67:32:ee:4d:68:19:cd:22:10:56:d9:03:a4:c7:56:c7:
b2:3e:cb:d0:10:3b:47:fa:d8:9d:cf:b7:c7:3e:62:ee:32:c0:
81:fc:7b:7f:2c:c2:98:c4:43:dc:71:36:0c:eb:d4:0f:4b:fa:
2b:0b:32:84
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZwpDU15e8xO+5c5H2rE8XJmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjYwMjA0MTQyNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmE2NDQ3ZWUwNjgwNzBhMDliMmFmY2ZmMGVlYzkwMTAwOGM1YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8xojLV5EQSnbbyAol7X0wzpPq6Ak
2hcPkFBw3ofxPEJnNUxykfy5i6CkuIGudu2+cY2SIfcyTacpIzGb9dxmwihK/6uy
SMsIgGcH8rD1j1dFbG1oigdy2wvGe2gUFU0E8eBVhvE1OjeATfnsKz4QJahsjJPR
McnFHSSlBl/n8ycsnEXJwbNr8PnZDGwJZOPyhDtS/UMuBUrf21L0sy7DvW5DdU5w
nI4y2A8q24RmoKhPdNoniWiSC3NRWtM01WHujG90S1v+ZN0ohv0gHuHsd7Zjdzjz
QtNmhEKFHhGa39pth+Z2E+hCr54UzlI38FOm8sOreAKtf3aY7hJzAjfGsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI+mRH7gaAcKCbKvz/DuyQEAjFtsMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvajZaRWZ1Qm9Cd29Kc3FfUDhPN0pBUUNNVzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCX6SgAwQA
X6TBAwQAX6TDAwQCX6TgMA0GCSqGSIb3DQEBCwUAA4IBAQCiQwlyKX0xVyJVm2yP
LJssKTKkUd/fVIz15Dv1wyGsGZa8vcip6lkYgKg0Tl6oBi7lBAioZJYTy1foHGSH
t79B6pLkTMUDHDXaNvnbYaZfNWBP0g7tHNtb4Dk+7Jn9uL22dmMbWk1SokZoJUNU
S+QGGtWmat9HzJ3ZDsx1Bo5LGUZppjqrR5fM8/aczrz0yg3YhOP5G+igHsCzrcRZ
c3J/+xEZt4/Fy7Ot7KMKLv5p5S52k6JGncjSCP/wF0dMJlNANm6t+rb9Hmcy7k1o
Gc0iEFbZA6THVseyPsvQEDtH+tidz7fHPmLuMsCB/Ht/LMKYxEPccTYM69QPS/or
CzKE
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:46:43 2026 by rpki-client