Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/6y6W7W8j_dSlc57S1luvac1zdrQ.roa
File: 6y6W7W8j_dSlc57S1luvac1zdrQ.roa (raw, json)
Hash identifier: rZpAH8qmJ3sCtaLAax/eniPTJwByfwh5ew5CuQY9/rw=
Subject key identifier: EB:2E:96:ED:6F:23:FD:D4:A5:73:9E:D2:D6:5B:AF:69:CD:73:76:B4
Certificate issuer: /CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Certificate serial: 019DAA0050DC380408319C7A02046DFA047E
Authority key identifier: E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/6y6W7W8j_dSlc57S1luvac1zdrQ.roa
Signing time: Mon 20 Apr 2026 08:27:20 +0000
ROA not before: Mon 20 Apr 2026 08:27:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214432
IP address blocks: 191.44.76.0/24 maxlen: 24
191.44.77.0/24 maxlen: 24
191.44.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 18:41:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:00:50:dc:38:04:08:31:9c:7a:02:04:6d:fa:04:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3d1d7d43366a5b0063c37571319dfa432d1531b
Validity
Not Before: Apr 20 08:27:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb2e96ed6f23fdd4a5739ed2d65baf69cd7376b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ed:93:c2:a1:ff:e5:71:c5:28:85:67:62:c1:
46:17:3e:c3:d0:e0:1e:be:e9:8d:64:4b:fc:ef:c6:
28:84:92:24:0d:86:98:e1:99:f5:a2:dd:a1:8d:6d:
9a:48:81:5b:00:d6:f3:64:f6:05:93:9b:c6:bc:1c:
fd:9d:28:a6:5a:a5:4f:2a:37:05:08:69:79:51:4f:
61:90:da:03:9d:2e:46:c9:fb:64:54:62:b7:5c:e0:
4a:48:a1:21:c9:cb:8f:fa:bd:d6:8d:fd:9d:f9:ed:
ea:7f:09:c1:94:8e:a1:5a:3f:50:92:f0:da:4c:76:
eb:2c:4d:d1:1a:4e:e8:7f:94:81:57:93:92:00:dd:
5e:01:c6:29:16:b8:50:6d:73:92:ac:70:6f:bc:0f:
11:1f:02:c1:9f:55:d1:8c:e5:37:4f:1b:b8:74:9c:
e0:ba:30:91:23:76:3f:0d:b0:b9:14:50:eb:d4:b9:
2d:65:6a:cc:65:c9:2f:f3:25:82:bd:a4:34:80:fc:
87:6c:7f:e9:03:5f:c1:65:6d:4d:77:93:e6:98:be:
1d:75:02:fe:aa:ad:32:48:b9:85:66:73:75:49:27:
c4:c7:cf:5c:81:1b:54:ec:7c:49:67:6c:4e:0f:6c:
d7:73:82:13:3a:df:8e:89:41:3c:d1:b0:2f:03:8e:
44:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:2E:96:ED:6F:23:FD:D4:A5:73:9E:D2:D6:5B:AF:69:CD:73:76:B4
X509v3 Authority Key Identifier:
keyid:E3:D1:D7:D4:33:66:A5:B0:06:3C:37:57:13:19:DF:A4:32:D1:53:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/49HX1DNmpbAGPDdXExnfpDLRUxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/6y6W7W8j_dSlc57S1luvac1zdrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/e91627-843c-49bc-9bea-f72ab03177c1/1/49HX1DNmpbAGPDdXExnfpDLRUxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.44.76.0/23
191.44.79.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:93:3a:01:9d:02:bf:de:3f:bb:aa:db:d3:14:89:4d:58:06:
64:58:4d:50:47:5a:d1:77:3f:50:f3:97:1e:2e:7f:2d:6b:d1:
65:35:cb:18:07:a2:62:ce:e4:46:0c:55:de:3f:ef:f1:95:8f:
f5:3c:01:e1:7a:e4:44:59:20:18:86:b4:f3:23:7b:1f:25:e4:
1d:fe:e4:2a:04:52:8d:7d:12:75:dc:ca:15:ad:4c:c7:30:34:
ca:e0:c7:fc:d7:67:20:b6:c4:3b:47:29:ee:8c:ee:a9:44:9b:
f2:ca:46:c5:df:e1:bd:86:cb:ee:f6:0e:96:a8:bf:fa:57:1e:
e5:50:8e:76:3e:cb:8a:34:d7:ac:f6:ff:d2:15:eb:f9:8d:c1:
df:cb:f1:91:8c:e8:69:4c:15:6b:4b:ef:02:48:27:d5:58:18:
e3:fa:8a:e5:61:ec:74:00:3a:b4:2b:e7:26:d8:ef:45:91:ef:
7c:bc:e5:74:44:20:3f:26:0a:28:5c:b8:65:9d:6f:c2:06:35:
df:c4:5f:7d:41:ae:6c:f2:0e:83:2b:c2:fa:99:05:34:ff:8f:
76:3a:e5:4c:d3:5f:44:22:e5:68:c1:97:8c:ca:18:bc:7a:2b:
c7:d4:de:3d:c3:2d:1f:b1:6a:da:6a:cf:2f:89:ee:9e:fd:9c:
a3:d9:75:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2qAFDcOAQIMZx6AgRt+gR+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZDFkN2Q0MzM2NmE1YjAwNjNjMzc1NzEzMTlkZmE0MzJk
MTUzMWIwHhcNMjYwNDIwMDgyNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjJlOTZlZDZmMjNmZGQ0YTU3MzllZDJkNjViYWY2OWNkNzM3NmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsu2TwqH/5XHFKIVnYsFGFz7D0OAe
vumNZEv878YohJIkDYaY4Zn1ot2hjW2aSIFbANbzZPYFk5vGvBz9nSimWqVPKjcF
CGl5UU9hkNoDnS5GyftkVGK3XOBKSKEhycuP+r3Wjf2d+e3qfwnBlI6hWj9QkvDa
THbrLE3RGk7of5SBV5OSAN1eAcYpFrhQbXOSrHBvvA8RHwLBn1XRjOU3Txu4dJzg
ujCRI3Y/DbC5FFDr1LktZWrMZckv8yWCvaQ0gPyHbH/pA1/BZW1Nd5PmmL4ddQL+
qq0ySLmFZnN1SSfEx89cgRtU7HxJZ2xOD2zXc4ITOt+OiUE80bAvA45EbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOsulu1vI/3UpXOe0tZbr2nNc3a0MB8GA1UdIwQY
MBaAFOPR19QzZqWwBjw3VxMZ36Qy0VMbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEt
ZjcyYWIwMzE3N2MxLzEvNnk2VzdXOGpfZFNsYzU3UzFsdXZhYzF6ZHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9lOTE2MjctODQzYy00OWJjLTliZWEtZjcyYWIwMzE3N2Mx
LzEvNDlIWDFETm1wYkFHUERkWEV4bmZwRExSVXhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBvyxMAwQA
vyxPMA0GCSqGSIb3DQEBCwUAA4IBAQC/kzoBnQK/3j+7qtvTFIlNWAZkWE1QR1rR
dz9Q85ceLn8ta9FlNcsYB6JizuRGDFXeP+/xlY/1PAHheuREWSAYhrTzI3sfJeQd
/uQqBFKNfRJ13MoVrUzHMDTK4Mf812cgtsQ7RynujO6pRJvyykbF3+G9hsvu9g6W
qL/6Vx7lUI52PsuKNNes9v/SFev5jcHfy/GRjOhpTBVrS+8CSCfVWBjj+orlYex0
ADq0K+cm2O9Fke98vOV0RCA/JgooXLhlnW/CBjXfxF99Qa5s8g6DK8L6mQU0/492
OuVM019EIuVowZeMyhi8eivH1N49wy0fsWraas8vie6e/Zyj2XU7
-----END CERTIFICATE-----
Generated at Wed Apr 22 05:17:09 2026 by rpki-client