Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/hqk6CvnN9wks0LSqdeI1FMAhyYM.roa
File: hqk6CvnN9wks0LSqdeI1FMAhyYM.roa (raw, json)
Hash identifier: n+LbaHp4QLktNEhced6Pg1M9wgF6I1vm+OHNNHffHZw=
Subject key identifier: 86:A9:3A:0A:F9:CD:F7:09:2C:D0:B4:AA:75:E2:35:14:C0:21:C9:83
Certificate issuer: /CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Certificate serial: 019E35607EF2667DEDF7A32A47B9955AC36F
Authority key identifier: 11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/hqk6CvnN9wks0LSqdeI1FMAhyYM.roa
Signing time: Sun 17 May 2026 09:59:36 +0000
ROA not before: Sun 17 May 2026 09:59:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6823
IP address blocks: 37.202.48.0/21 maxlen: 21
37.202.48.0/24 maxlen: 24
37.202.49.0/24 maxlen: 24
37.202.50.0/24 maxlen: 24
37.202.51.0/24 maxlen: 24
37.202.52.0/24 maxlen: 24
37.202.53.0/24 maxlen: 24
37.202.54.0/24 maxlen: 24
37.202.55.0/24 maxlen: 24
95.133.138.0/24 maxlen: 24
178.251.40.0/21 maxlen: 21
178.251.40.0/24 maxlen: 24
178.251.41.0/24 maxlen: 24
178.251.42.0/24 maxlen: 24
178.251.43.0/24 maxlen: 24
178.251.44.0/24 maxlen: 24
178.251.45.0/24 maxlen: 24
178.251.46.0/24 maxlen: 24
178.251.47.0/24 maxlen: 24
2a01:6be0::/32 maxlen: 38
2a01:6be0::/38 maxlen: 38
2a01:6be0:400::/38 maxlen: 38
2a01:6be0:800::/38 maxlen: 38
2a01:6be0:c00::/38 maxlen: 38
2a01:6be0:1000::/38 maxlen: 38
2a01:6be0:1400::/38 maxlen: 38
2a01:6be0:1800::/38 maxlen: 38
2a01:6be0:1c00::/38 maxlen: 38
2a01:6be0:2000::/38 maxlen: 38
2a01:6be0:2400::/38 maxlen: 38
2a01:6be0:2800::/38 maxlen: 38
2a01:6be0:2c00::/38 maxlen: 38
2a01:6be0:3000::/38 maxlen: 38
2a01:6be0:3400::/38 maxlen: 38
2a01:6be0:3800::/38 maxlen: 38
2a01:6be0:3c00::/38 maxlen: 38
2a01:6be0:4000::/38 maxlen: 38
2a01:6be0:4400::/38 maxlen: 38
2a01:6be0:4800::/38 maxlen: 38
2a01:6be0:4c00::/38 maxlen: 38
2a01:6be0:5000::/38 maxlen: 38
2a01:6be0:5400::/38 maxlen: 38
2a01:6be0:5800::/38 maxlen: 38
2a01:6be0:5c00::/38 maxlen: 38
2a01:6be0:6000::/38 maxlen: 38
2a01:6be0:6400::/38 maxlen: 38
2a01:6be0:6800::/38 maxlen: 38
2a01:6be0:6c00::/38 maxlen: 38
2a01:6be0:7000::/38 maxlen: 38
2a01:6be0:7400::/38 maxlen: 38
2a01:6be0:7800::/38 maxlen: 38
2a01:6be0:7c00::/38 maxlen: 38
2a01:6be0:8000::/38 maxlen: 38
2a01:6be0:8400::/38 maxlen: 38
2a01:6be0:8800::/38 maxlen: 38
2a01:6be0:8c00::/38 maxlen: 38
2a01:6be0:9000::/38 maxlen: 38
2a01:6be0:9400::/38 maxlen: 38
2a01:6be0:9800::/38 maxlen: 38
2a01:6be0:9c00::/38 maxlen: 38
2a01:6be0:a000::/38 maxlen: 38
2a01:6be0:a400::/38 maxlen: 38
2a01:6be0:a800::/38 maxlen: 38
2a01:6be0:ac00::/38 maxlen: 38
2a01:6be0:b000::/38 maxlen: 38
2a01:6be0:b400::/38 maxlen: 38
2a01:6be0:b800::/38 maxlen: 38
2a01:6be0:bc00::/38 maxlen: 38
2a01:6be0:c000::/38 maxlen: 38
2a01:6be0:c400::/38 maxlen: 38
2a01:6be0:c800::/38 maxlen: 38
2a01:6be0:cc00::/38 maxlen: 38
2a01:6be0:d000::/38 maxlen: 38
2a01:6be0:d400::/38 maxlen: 38
2a01:6be0:d800::/38 maxlen: 38
2a01:6be0:dc00::/38 maxlen: 38
2a01:6be0:e000::/38 maxlen: 38
2a01:6be0:e400::/38 maxlen: 38
2a01:6be0:e800::/38 maxlen: 38
2a01:6be0:ec00::/38 maxlen: 38
2a01:6be0:f000::/38 maxlen: 38
2a01:6be0:f400::/38 maxlen: 38
2a01:6be0:f800::/38 maxlen: 38
2a01:6be0:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:35:60:7e:f2:66:7d:ed:f7:a3:2a:47:b9:95:5a:c3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a3864558bf42892bf9e5359bdb13f03b2527a9
Validity
Not Before: May 17 09:59:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86a93a0af9cdf7092cd0b4aa75e23514c021c983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:72:23:4c:2e:b2:50:76:17:0f:73:39:32:b6:
ec:53:dd:81:ab:d7:e5:13:47:be:bf:87:58:f6:4c:
49:e4:78:93:cb:0a:b1:a0:5e:9e:74:ff:97:cf:fb:
30:43:71:fa:40:14:77:ed:04:c0:96:55:69:dd:98:
03:28:1e:f1:9c:09:99:1f:d0:be:65:61:fd:c7:44:
f2:ee:f1:ae:e1:b9:fd:15:8d:8b:d6:48:d1:2d:59:
e4:3b:d7:6d:82:ef:c3:45:a9:df:2d:55:a4:ed:34:
dc:77:12:ec:65:47:49:eb:8c:59:37:37:32:39:14:
2c:68:3c:76:23:b7:ad:82:2a:3c:59:12:5e:f0:f6:
5e:42:ca:da:f4:f0:2c:d2:eb:b7:e4:0a:23:00:bc:
24:7a:1a:32:53:53:3a:36:60:b0:36:4c:f3:87:4f:
65:6e:6e:49:36:82:94:75:8d:9a:6e:aa:a1:93:d2:
75:04:f9:08:33:6b:83:ad:74:4f:ea:cb:ad:03:0c:
0e:12:34:03:0c:79:03:8b:78:b0:c6:49:4a:ec:03:
c5:f7:fe:d6:c4:5a:1d:36:a8:3d:ff:3a:f1:f0:27:
e9:ba:90:11:78:63:34:32:4f:35:69:58:6b:23:3c:
a8:b0:25:b3:97:af:b5:0c:fc:5b:5e:6a:cc:0f:99:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A9:3A:0A:F9:CD:F7:09:2C:D0:B4:AA:75:E2:35:14:C0:21:C9:83
X509v3 Authority Key Identifier:
keyid:11:A3:86:45:58:BF:42:89:2B:F9:E5:35:9B:DB:13:F0:3B:25:27:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaOGRVi_Qokr-eU1m9sT8DslJ6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/hqk6CvnN9wks0LSqdeI1FMAhyYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/acd34b-357f-4307-83c0-0857e3ec03e0/1/EaOGRVi_Qokr-eU1m9sT8DslJ6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.48.0/21
95.133.138.0/24
178.251.40.0/21
IPv6:
2a01:6be0::/32
Signature Algorithm: sha256WithRSAEncryption
9a:e8:9a:28:98:0c:3e:b9:30:1b:fc:28:a6:df:c2:17:66:48:
6e:f7:ca:aa:2f:e3:86:ab:3d:c4:0c:f2:1f:de:12:2e:57:40:
99:a9:a1:b2:37:18:83:cd:53:ed:c5:a2:9d:26:6f:55:e8:ea:
0b:2b:79:b5:08:88:f8:b5:05:67:3f:c4:2f:7e:ad:ab:cf:e7:
65:69:5f:14:33:b4:5e:b9:a6:4d:27:1d:a0:a1:83:98:e3:84:
cf:43:79:71:7a:d7:68:6d:91:f3:36:db:bf:7c:d8:c4:e5:84:
69:61:d4:95:13:02:2c:e5:54:22:5e:7b:3a:ba:01:45:3d:d7:
91:12:46:0f:57:5c:4f:16:6b:87:02:da:74:68:21:34:a1:ef:
46:b0:a2:ef:ae:1c:98:c6:f4:19:f3:48:e9:c6:9a:b9:d7:1e:
22:72:6b:98:b9:0e:f2:e7:16:65:01:d4:64:35:c3:5c:a7:12:
9f:db:1d:a4:d6:c6:7d:49:ef:04:2c:fc:05:a4:43:e7:ee:f8:
ce:6f:1f:37:71:c5:01:eb:5d:c7:d9:ef:5f:57:e4:af:b6:64:
48:73:91:ab:24:6c:69:3a:f9:27:71:93:d3:b9:aa:0e:cc:8e:
c2:5d:7a:2c:ba:bf:e6:b2:ed:e8:1b:2e:23:4a:9a:6a:ac:f2:
29:f5:19:f2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ41YH7yZn3t96MqR7mVWsNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTM4NjQ1NThiZjQyODkyYmY5ZTUzNTliZGIxM2YwM2Iy
NTI3YTkwHhcNMjYwNTE3MDk1OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE5M2EwYWY5Y2RmNzA5MmNkMGI0YWE3NWUyMzUxNGMwMjFjOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXIjTC6yUHYXD3M5MrbsU92Bq9fl
E0e+v4dY9kxJ5HiTywqxoF6edP+Xz/swQ3H6QBR37QTAllVp3ZgDKB7xnAmZH9C+
ZWH9x0Ty7vGu4bn9FY2L1kjRLVnkO9dtgu/DRanfLVWk7TTcdxLsZUdJ64xZNzcy
ORQsaDx2I7etgio8WRJe8PZeQsra9PAs0uu35AojALwkehoyU1M6NmCwNkzzh09l
bm5JNoKUdY2abqqhk9J1BPkIM2uDrXRP6sutAwwOEjQDDHkDi3iwxklK7APF9/7W
xFodNqg9/zrx8CfpupAReGM0Mk81aVhrIzyosCWzl6+1DPxbXmrMD5m54QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIapOgr5zfcJLNC0qnXiNRTAIcmDMB8GA1UdIwQY
MBaAFBGjhkVYv0KJK/nlNZvbE/A7JSepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAt
MDg1N2UzZWMwM2UwLzEvaHFrNkN2bk45d2tzMExTcWRlSTFGTUFoeVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9hY2QzNGItMzU3Zi00MzA3LTgzYzAtMDg1N2UzZWMwM2Uw
LzEvRWFPR1JWaV9Rb2tyLWVVMW05c1Q4RHNsSjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJcowAwQA
X4WKAwQDsvsoMA0EAgACMAcDBQAqAWvgMA0GCSqGSIb3DQEBCwUAA4IBAQCa6Joo
mAw+uTAb/Cim38IXZkhu98qqL+OGqz3EDPIf3hIuV0CZqaGyNxiDzVPtxaKdJm9V
6OoLK3m1CIj4tQVnP8Qvfq2rz+dlaV8UM7ReuaZNJx2goYOY44TPQ3lxetdobZHz
Ntu/fNjE5YRpYdSVEwIs5VQiXns6ugFFPdeREkYPV1xPFmuHAtp0aCE0oe9GsKLv
rhyYxvQZ80jpxpq51x4icmuYuQ7y5xZlAdRkNcNcpxKf2x2k1sZ9Se8ELPwFpEPn
7vjObx83ccUB613H2e9fV+SvtmRIc5GrJGxpOvkncZPTuaoOzI7CXXosur/msu3o
Gy4jSppqrPIp9Rny
-----END CERTIFICATE-----
Generated at Fri Jun 12 02:06:39 2026 by rpki-client