Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/6MtMtoowpibaB57lDvJALYvw-W8.roa
File: 6MtMtoowpibaB57lDvJALYvw-W8.roa (raw, json)
Hash identifier: G4wK7/ik0Y6f/z6LXTQxXD3uudbSvTEyvGZ76+qUFlk=
Subject key identifier: E8:CB:4C:B6:8A:30:A6:26:DA:07:9E:E5:0E:F2:40:2D:8B:F0:F9:6F
Certificate issuer: /CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Certificate serial: 019D48F6799E30CBC7CB98E3177505530DBA
Authority key identifier: 0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/6MtMtoowpibaB57lDvJALYvw-W8.roa
Signing time: Wed 01 Apr 2026 12:13:25 +0000
ROA not before: Wed 01 Apr 2026 12:13:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 81.85.72.0/24 maxlen: 24
81.85.74.0/24 maxlen: 24
81.85.75.0/24 maxlen: 24
185.5.75.0/24 maxlen: 24
185.9.24.0/24 maxlen: 24
185.9.25.0/24 maxlen: 24
185.9.26.0/24 maxlen: 24
185.28.172.0/24 maxlen: 24
185.28.173.0/24 maxlen: 24
185.28.174.0/24 maxlen: 24
213.155.12.0/24 maxlen: 24
213.155.14.0/24 maxlen: 24
213.155.15.0/24 maxlen: 24
213.155.28.0/24 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.33.0/24 maxlen: 24
217.177.34.0/24 maxlen: 24
217.177.44.0/24 maxlen: 24
217.177.45.0/24 maxlen: 24
217.177.46.0/24 maxlen: 24
217.177.47.0/24 maxlen: 24
217.179.48.0/24 maxlen: 24
217.179.49.0/24 maxlen: 24
2a11:2cc0:2::/47 maxlen: 47
2a11:2cc0:4::/47 maxlen: 47
2a11:2cc0:6::/47 maxlen: 47
2a11:2cc0:8::/47 maxlen: 47
2a11:2cc0:10::/47 maxlen: 47
2a11:2cc0:20::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 Apr 2026 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:48:f6:79:9e:30:cb:c7:cb:98:e3:17:75:05:53:0d:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae4bc9401d9f87772c8c9c69834077512f42611
Validity
Not Before: Apr 1 12:13:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e8cb4cb68a30a626da079ee50ef2402d8bf0f96f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:7c:2b:f7:30:c9:62:28:38:0d:67:61:63:07:
0a:88:62:e0:b9:f2:f0:5a:de:d6:d0:a3:29:83:58:
7e:5a:c2:99:b2:0a:e9:a6:5a:a6:38:cc:9a:26:cd:
48:b9:f7:f2:1a:b0:53:d7:18:76:98:2e:a5:7b:49:
da:39:cf:41:0e:b3:5b:7e:0c:76:77:75:b1:1f:66:
28:75:bf:9b:c7:1e:38:76:29:dd:c7:1c:1a:bf:52:
03:e1:2b:b5:74:65:0a:22:96:36:9b:17:c3:55:ba:
e5:d6:6e:01:3b:72:f0:e5:8e:71:2d:1f:ad:90:f1:
d0:ef:89:6d:f2:22:df:55:a1:6f:fe:ac:ca:03:52:
6d:36:33:65:fa:7f:11:40:35:1e:1c:e3:a2:91:00:
7b:62:24:e1:c2:03:03:d2:b2:01:83:f0:73:33:07:
94:94:6a:78:e8:f3:45:93:d0:ba:ca:ba:2b:3e:3c:
85:85:56:0d:d2:41:27:30:c6:39:d8:82:d3:d6:37:
91:f1:eb:c4:da:8e:50:42:41:23:fb:0d:74:12:c6:
f2:76:96:51:7b:44:75:5b:54:e0:70:3d:0e:7f:5d:
2c:24:b9:95:b6:34:a7:3c:a2:50:f7:d5:39:ef:53:
bd:5a:71:f8:0a:28:c0:23:e5:07:35:d4:d3:8d:ad:
e5:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CB:4C:B6:8A:30:A6:26:DA:07:9E:E5:0E:F2:40:2D:8B:F0:F9:6F
X509v3 Authority Key Identifier:
keyid:0A:E4:BC:94:01:D9:F8:77:72:C8:C9:C6:98:34:07:75:12:F4:26:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/6MtMtoowpibaB57lDvJALYvw-W8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a407a0-8bc1-4416-9437-24246682bf00/1/CuS8lAHZ-HdyyMnGmDQHdRL0JhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.72.0/24
81.85.74.0/23
185.5.75.0/24
185.9.24.0-185.9.26.255
185.28.172.0-185.28.174.255
213.155.12.0/24
213.155.14.0/23
213.155.28.0/24
217.177.32.0-217.177.34.255
217.177.44.0/22
217.179.48.0/23
IPv6:
2a11:2cc0:2::-2a11:2cc0:9:ffff:ffff:ffff:ffff:ffff
2a11:2cc0:10::/47
2a11:2cc0:20::/47
Signature Algorithm: sha256WithRSAEncryption
36:c9:f3:1d:f6:af:d0:13:da:c5:59:b7:7b:a7:00:fb:42:d7:
4a:f8:d2:09:69:94:0b:fe:aa:28:07:6b:67:f5:3c:81:6e:8c:
9f:21:53:cd:44:dc:52:3e:f4:dd:d3:ab:85:53:92:ad:a2:50:
a1:7f:46:85:96:f9:ce:0c:65:8c:7c:a9:2b:5f:a4:43:bf:df:
7f:6f:bd:14:f3:31:67:3e:55:5d:92:47:65:87:41:ea:da:bc:
34:ce:d2:15:54:64:d9:1e:5f:86:b8:2c:93:3a:b8:53:d9:5c:
0d:5f:76:d8:49:5b:77:00:17:4a:f5:a2:10:c7:b2:3b:48:36:
e4:cc:f5:c0:e7:79:e0:6e:d6:07:3d:1d:5d:96:bf:37:50:c6:
eb:a7:31:b7:e0:89:1f:83:31:d0:19:fc:3c:12:aa:32:a3:1c:
9b:5d:ad:0b:6b:3f:6b:1a:93:cd:43:0d:94:87:d6:1c:f1:41:
11:2c:50:9b:1e:4b:bf:08:95:2a:b2:2c:30:54:dc:f7:fd:17:
85:eb:26:cc:d5:ce:f9:89:25:35:f3:6e:28:39:5d:ef:68:1b:
63:b7:35:63:60:bc:40:31:03:c1:b3:00:8d:cb:7d:8f:0c:56:
ac:aa:ae:46:e8:af:b5:84:62:0a:c3:6d:f3:90:2d:d2:86:ba:
31:eb:2c:7b
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZ1I9nmeMMvHy5jjF3UFUw26MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTRiYzk0MDFkOWY4Nzc3MmM4YzljNjk4MzQwNzc1MTJm
NDI2MTEwHhcNMjYwNDAxMTIxMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNiNGNiNjhhMzBhNjI2ZGEwNzllZTUwZWYyNDAyZDhiZjBmOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nwr9zDJYig4DWdhYwcKiGLgufLw
Wt7W0KMpg1h+WsKZsgrpplqmOMyaJs1IuffyGrBT1xh2mC6le0naOc9BDrNbfgx2
d3WxH2Yodb+bxx44dindxxwav1ID4Su1dGUKIpY2mxfDVbrl1m4BO3Lw5Y5xLR+t
kPHQ74lt8iLfVaFv/qzKA1JtNjNl+n8RQDUeHOOikQB7YiThwgMD0rIBg/BzMweU
lGp46PNFk9C6yrorPjyFhVYN0kEnMMY52ILT1jeR8evE2o5QQkEj+w10EsbydpZR
e0R1W1TgcD0Of10sJLmVtjSnPKJQ99U571O9WnH4CijAI+UHNdTTja3l3wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFOjLTLaKMKYm2gee5Q7yQC2L8PlvMB8GA1UdIwQY
MBaAFArkvJQB2fh3csjJxpg0B3US9CYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0Mzct
MjQyNDY2ODJiZjAwLzEvNk10TXRvb3dwaWJhQjU3bER2SkFMWXZ3LVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hNDA3YTAtOGJjMS00NDE2LTk0MzctMjQyNDY2ODJiZjAw
LzEvQ3VTOGxBSFotSGR5eU1uR21EUUhkUkwwSmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBgBAIAATBaAwQAUVVI
AwQBUVVKAwQAuQVLMAwDBAO5CRgDBAC5CRowDAMEArkcrAMEALkcrgMEANWbDAME
AdWbDgMEANWbHDAMAwQF2bEgAwQA2bEiAwQC2bEsAwQB2bMwMCwEAgACMCYwEgMH
ASoRLMAAAgMHASoRLMAACAMHASoRLMAAEAMHASoRLMAAIDANBgkqhkiG9w0BAQsF
AAOCAQEANsnzHfav0BPaxVm3e6cA+0LXSvjSCWmUC/6qKAdrZ/U8gW6MnyFTzUTc
Uj703dOrhVOSraJQoX9GhZb5zgxljHypK1+kQ7/ff2+9FPMxZz5VXZJHZYdB6tq8
NM7SFVRk2R5fhrgskzq4U9lcDV922ElbdwAXSvWiEMeyO0g25Mz1wOd54G7WBz0d
XZa/N1DG66cxt+CJH4Mx0Bn8PBKqMqMcm12tC2s/axqTzUMNlIfWHPFBESxQmx5L
vwiVKrIsMFTc9/0XhesmzNXO+YklNfNuKDld72gbY7c1Y2C8QDEDwbMAjct9jwxW
rKquRuivtYRiCsNt85At0oa6Messew==
-----END CERTIFICATE-----
Generated at Wed Apr 1 23:43:46 2026 by rpki-client