Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/6qswnHV8JvW6cu6cSwBLoqp6-Ng.roa
File: 6qswnHV8JvW6cu6cSwBLoqp6-Ng.roa (raw, json)
Hash identifier: IUM2z/m3IjX5AfUXwWnD2PsPO+D6A7StpRGqMV8Cn/Q=
Subject key identifier: EA:AB:30:9C:75:7C:26:F5:BA:72:EE:9C:4B:00:4B:A2:AA:7A:F8:D8
Certificate issuer: /CN=dc030af8c7538b9c5af852f1c42a175aaf46f7e0
Certificate serial: 019CBFB2B8C6E247DC858EBFB8060EAC39A5
Authority key identifier: DC:03:0A:F8:C7:53:8B:9C:5A:F8:52:F1:C4:2A:17:5A:AF:46:F7:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AMK-MdTi5xa-FLxxCoXWq9G9-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/6qswnHV8JvW6cu6cSwBLoqp6-Ng.roa
Signing time: Thu 05 Mar 2026 20:31:26 +0000
ROA not before: Thu 05 Mar 2026 20:31:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51647
IP address blocks: 46.17.24.0/21 maxlen: 21
194.13.133.0/24 maxlen: 24
194.104.80.0/22 maxlen: 22
194.104.84.0/24 maxlen: 24
2a04:9fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/3AMK-MdTi5xa-FLxxCoXWq9G9-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/3AMK-MdTi5xa-FLxxCoXWq9G9-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3AMK-MdTi5xa-FLxxCoXWq9G9-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 04:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bf:b2:b8:c6:e2:47:dc:85:8e:bf:b8:06:0e:ac:39:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc030af8c7538b9c5af852f1c42a175aaf46f7e0
Validity
Not Before: Mar 5 20:31:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eaab309c757c26f5ba72ee9c4b004ba2aa7af8d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c1:08:b0:cb:0a:a5:4a:bf:af:e5:b8:a2:0b:
e7:bf:7d:00:b3:64:40:03:fe:89:12:c2:90:93:25:
ba:3a:3b:00:2e:16:ad:52:90:e1:c2:c8:cb:27:d7:
20:6e:21:1d:13:d5:ea:61:8d:43:c8:dd:e8:2b:10:
99:93:be:9e:43:49:11:e3:9c:8f:b6:2f:e8:c9:22:
32:67:55:62:2d:d3:8f:6c:45:9b:4b:fb:45:64:47:
fa:5d:41:d3:fd:bd:35:99:3a:2e:35:58:5a:b5:f2:
b9:21:49:2c:a2:70:00:f3:2b:55:0c:d2:c4:41:39:
ed:4f:a0:ec:38:a9:1b:f8:ec:3e:c8:9c:c1:57:ed:
8c:f4:c2:7a:73:84:85:59:97:ff:6e:3f:0f:ac:a5:
80:8a:49:ec:07:3b:31:59:92:0d:88:9a:e8:2c:dd:
2b:e3:7c:65:23:f7:5d:04:12:f3:59:4f:19:bf:0a:
6f:0a:79:4b:6e:19:b5:d2:58:b5:d2:bf:ad:fb:4b:
cd:7b:ca:d4:10:b4:67:59:f3:ce:d4:0b:de:47:09:
70:24:1f:95:17:4b:bd:d0:cc:36:f1:f2:ce:2b:d6:
94:ea:3a:06:69:e5:bf:49:0f:65:ab:09:2a:7a:65:
e7:d1:17:13:02:c5:87:b0:e8:5c:e1:a4:7a:b5:a2:
a4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AB:30:9C:75:7C:26:F5:BA:72:EE:9C:4B:00:4B:A2:AA:7A:F8:D8
X509v3 Authority Key Identifier:
keyid:DC:03:0A:F8:C7:53:8B:9C:5A:F8:52:F1:C4:2A:17:5A:AF:46:F7:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AMK-MdTi5xa-FLxxCoXWq9G9-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/6qswnHV8JvW6cu6cSwBLoqp6-Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8f5e75-1334-4fb0-9f6a-bddc18c7a3f3/1/3AMK-MdTi5xa-FLxxCoXWq9G9-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.24.0/21
194.13.133.0/24
194.104.80.0-194.104.84.255
IPv6:
2a04:9fc0::/29
Signature Algorithm: sha256WithRSAEncryption
99:3d:93:75:fd:0c:2d:ef:24:92:68:e5:00:03:78:c5:3a:d4:
e5:70:e3:98:4e:75:94:7f:e8:a2:c7:e8:c3:0b:2a:4a:ff:00:
d6:c5:b2:fd:a3:ca:49:dc:37:24:6f:f4:c8:96:e4:0e:9a:37:
4e:ed:49:ac:d4:cf:ab:fb:58:7a:62:cb:64:86:2a:86:fc:e1:
a0:3b:cb:54:12:98:65:08:7f:a0:f9:c7:11:e7:f8:f8:2e:bc:
34:bc:94:db:8b:53:67:f1:8f:17:8a:43:da:f4:da:83:a1:1e:
a6:97:53:d5:59:69:59:b4:2a:8a:10:9f:7f:00:54:d9:94:fe:
da:ae:0e:bb:8a:ad:c9:98:50:a7:f3:66:b7:c9:8b:b0:ef:e9:
63:48:75:09:df:da:d9:0f:f3:bf:74:44:68:58:4b:d8:3d:8d:
98:26:b8:3c:c2:37:6b:41:ef:e2:e1:38:dd:3d:7b:d4:12:82:
c0:3f:c1:6b:fd:dc:32:e6:6d:06:94:36:60:50:94:db:d2:cb:
5d:ec:d5:d7:d6:65:14:8c:3f:9f:4d:ec:92:e5:0b:3e:e2:77:
8c:ef:a6:cc:b7:39:40:ae:a5:f5:a0:be:6b:69:4b:9b:dc:8e:
49:7e:bb:e2:c9:bb:80:6b:9d:c4:10:d6:44:30:83:07:a4:20:
64:23:43:ad
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZy/srjG4kfchY6/uAYOrDmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMDMwYWY4Yzc1MzhiOWM1YWY4NTJmMWM0MmExNzVhYWY0
NmY3ZTAwHhcNMjYwMzA1MjAzMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWFiMzA5Yzc1N2MyNmY1YmE3MmVlOWM0YjAwNGJhMmFhN2FmOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMEIsMsKpUq/r+W4ogvnv30As2RA
A/6JEsKQkyW6OjsALhatUpDhwsjLJ9cgbiEdE9XqYY1DyN3oKxCZk76eQ0kR45yP
ti/oySIyZ1ViLdOPbEWbS/tFZEf6XUHT/b01mTouNVhatfK5IUksonAA8ytVDNLE
QTntT6DsOKkb+Ow+yJzBV+2M9MJ6c4SFWZf/bj8PrKWAiknsBzsxWZINiJroLN0r
43xlI/ddBBLzWU8ZvwpvCnlLbhm10li10r+t+0vNe8rUELRnWfPO1AveRwlwJB+V
F0u90Mw28fLOK9aU6joGaeW/SQ9lqwkqemXn0RcTAsWHsOhc4aR6taKkKwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFOqrMJx1fCb1unLunEsAS6KqevjYMB8GA1UdIwQY
MBaAFNwDCvjHU4ucWvhS8cQqF1qvRvfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0FNSy1NZFRpNXhhLUZMeHhDb1hXcTlHOS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84ZjVlNzUtMTMzNC00ZmIwLTlmNmEt
YmRkYzE4YzdhM2YzLzEvNnFzd25IVjhKdlc2Y3U2Y1N3QkxvcXA2LU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84ZjVlNzUtMTMzNC00ZmIwLTlmNmEtYmRkYzE4YzdhM2Yz
LzEvM0FNSy1NZFRpNXhhLUZMeHhDb1hXcTlHOS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQDLhEYAwQA
wg2FMAwDBATCaFADBADCaFQwDQQCAAIwBwMFAyoEn8AwDQYJKoZIhvcNAQELBQAD
ggEBAJk9k3X9DC3vJJJo5QADeMU61OVw45hOdZR/6KLH6MMLKkr/ANbFsv2jyknc
NyRv9MiW5A6aN07tSazUz6v7WHpiy2SGKob84aA7y1QSmGUIf6D5xxHn+PguvDS8
lNuLU2fxjxeKQ9r02oOhHqaXU9VZaVm0KooQn38AVNmU/tquDruKrcmYUKfzZrfJ
i7Dv6WNIdQnf2tkP8790RGhYS9g9jZgmuDzCN2tB7+LhON09e9QSgsA/wWv93DLm
bQaUNmBQlNvSy13s1dfWZRSMP59N7JLlCz7id4zvpsy3OUCupfWgvmtpS5vcjkl+
u+LJu4BrncQQ1kQwgwekIGQjQ60=
-----END CERTIFICATE-----
Generated at Sat Mar 7 14:12:32 2026 by rpki-client