Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6KeYQNwSAr91T_0Fw4Bc3Y36co.roa
File: e6KeYQNwSAr91T_0Fw4Bc3Y36co.roa (raw, json)
Hash identifier: hlCfYKBWxjQCCiVtHFWDVese6qs2F4Vh6TvxRh1Ls30=
Subject key identifier: 7B:A2:9E:61:03:70:48:0A:FD:D5:3F:F4:17:0E:01:73:76:37:E9:CA
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019DDD220CA03516DA305C84956CA383BCC8
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6KeYQNwSAr91T_0Fw4Bc3Y36co.roa
Signing time: Thu 30 Apr 2026 06:44:49 +0000
ROA not before: Thu 30 Apr 2026 06:44:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.81.112.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:dd:22:0c:a0:35:16:da:30:5c:84:95:6c:a3:83:bc:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 30 06:44:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7ba29e610370480afdd53ff4170e01737637e9ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2f:4d:ca:72:c0:68:40:19:fe:7b:4e:e7:bf:
7d:d3:6b:d9:26:5c:78:86:46:b0:7b:18:27:34:d5:
9d:bc:8b:c7:89:78:5e:4f:9d:a7:02:fe:2f:70:1e:
17:e6:ff:88:04:f2:fa:43:ab:22:71:6a:b9:b1:f8:
33:ac:99:08:b9:75:0d:56:08:54:34:63:30:db:32:
d2:9f:8b:a3:86:da:b6:ee:bf:94:af:37:73:3f:a6:
14:9f:17:de:7a:d2:f6:f2:3f:bd:f3:f5:10:f7:d5:
11:ce:32:c4:ea:9a:e3:93:06:c9:ae:e1:ec:f6:8c:
5c:74:cd:c4:c2:58:fd:bb:2d:35:ff:21:2b:3d:8a:
04:5f:fd:7a:3b:77:bb:b9:69:35:ee:4a:f5:72:aa:
bc:3b:e1:c0:5c:bb:b9:f3:95:c5:10:f1:40:92:0f:
9a:ca:c7:37:b6:b4:bc:e6:a7:00:26:4e:97:02:c3:
fc:04:3e:2f:7b:88:82:25:a1:96:3e:1a:5e:10:a9:
12:9c:82:82:ee:02:eb:0a:f4:4a:13:96:7e:29:08:
d8:38:75:ec:49:67:1f:8d:3f:b4:9c:62:0c:0d:ab:
af:7d:85:20:20:31:f4:bb:56:21:6b:90:23:46:87:
8d:d0:0d:5d:b1:b8:c2:1a:c0:09:25:23:e5:c8:a3:
8e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A2:9E:61:03:70:48:0A:FD:D5:3F:F4:17:0E:01:73:76:37:E9:CA
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/e6KeYQNwSAr91T_0Fw4Bc3Y36co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.81.112.0/24
45.94.171.0/24
45.132.182.0/23
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/24
195.177.94.0/23
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a11:2a80::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
7e:1a:1c:ba:70:d9:e6:4a:75:28:44:42:db:3c:f9:ef:c1:90:
93:55:e1:4b:9b:53:d9:6c:20:b8:2e:66:b2:2e:67:f1:f1:f7:
73:b2:1e:10:b6:5a:bb:a4:c0:bb:10:51:bc:34:04:8d:9a:6e:
29:e7:7e:58:04:28:5a:a6:bd:74:3a:10:b0:25:2e:eb:77:88:
1d:3f:6a:39:0b:bc:10:ea:b0:2c:3a:3c:e5:ea:78:46:af:0a:
3d:a5:c2:9f:b2:66:99:69:87:6a:60:75:21:8a:7c:b5:63:e9:
0b:1b:a4:4e:ad:f8:77:48:e9:50:23:02:04:5d:55:46:5a:17:
56:89:d6:93:79:b7:aa:ae:23:06:4e:95:98:84:99:9e:5e:c4:
67:07:de:2f:1d:c5:7a:bf:24:c2:b3:65:fa:37:ee:0c:80:ea:
43:5d:4a:8b:f5:a4:13:8f:e5:bd:66:ee:0d:23:76:8c:0f:ba:
0a:f9:98:2b:d2:a7:88:ad:5d:c2:46:23:db:ab:5c:95:6b:11:
1d:e5:1c:28:ba:e2:c7:ab:db:4a:e3:6b:c8:75:f5:4c:b3:b2:
b0:4e:f0:47:82:62:d1:36:f7:42:a8:bd:2d:15:3b:3e:f9:ca:
b7:7b:13:0a:b3:30:ef:51:e0:a0:a2:b0:a8:62:3d:8e:a2:c0:
29:8b:7c:2d
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZ3dIgygNRbaMFyElWyjg7zIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwNDMwMDY0NDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmEyOWU2MTAzNzA0ODBhZmRkNTNmZjQxNzBlMDE3Mzc2MzdlOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC9NynLAaEAZ/ntO579902vZJlx4
hkawexgnNNWdvIvHiXheT52nAv4vcB4X5v+IBPL6Q6sicWq5sfgzrJkIuXUNVghU
NGMw2zLSn4ujhtq27r+UrzdzP6YUnxfeetL28j+98/UQ99URzjLE6prjkwbJruHs
9oxcdM3Ewlj9uy01/yErPYoEX/16O3e7uWk17kr1cqq8O+HAXLu585XFEPFAkg+a
ysc3trS85qcAJk6XAsP8BD4ve4iCJaGWPhpeEKkSnIKC7gLrCvRKE5Z+KQjYOHXs
SWcfjT+0nGIMDauvfYUgIDH0u1Yha5AjRoeN0A1dsbjCGsAJJSPlyKOO3QIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFHuinmEDcEgK/dU/9BcOAXN2N+nKMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvZTZLZVlRTndTQXI5MVRfMEZ3NEJjM1kzNmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQABbVU
AwQABbVXAwQALQkdMAwDBAAtDb0DBAAtDb4DBAAtUXADBAAtXqsDBAEthLYDBACS
E30DBAG5K/gDBAC5K/sDBAG5yD4DBALBHvADBADBOSsDBADC8mADBAHC8mIDBADD
sVwDBAHDsV4DBALD07wwKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgylgAMFACoR
KoADBQAqEp8AMA0GCSqGSIb3DQEBCwUAA4IBAQB+Ghy6cNnmSnUoRELbPPnvwZCT
VeFLm1PZbCC4LmayLmfx8fdzsh4Qtlq7pMC7EFG8NASNmm4p535YBChapr10OhCw
JS7rd4gdP2o5C7wQ6rAsOjzl6nhGrwo9pcKfsmaZaYdqYHUhiny1Y+kLG6ROrfh3
SOlQIwIEXVVGWhdWidaTebeqriMGTpWYhJmeXsRnB94vHcV6vyTCs2X6N+4MgOpD
XUqL9aQTj+W9Zu4NI3aMD7oK+Zgr0qeIrV3CRiPbq1yVaxEd5RwouuLHq9tK42vI
dfVMs7KwTvBHgmLRNvdCqL0tFTs++cq3exMKszDvUeCgorCoYj2OosApi3wt
-----END CERTIFICATE-----
Generated at Sat May 2 09:37:44 2026 by rpki-client