Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/6fbN8X-Zd_3bLagCKNLcI6U0ZQ8.roa
File: 6fbN8X-Zd_3bLagCKNLcI6U0ZQ8.roa (raw, json)
Hash identifier: 9tQRoU2KNqyt5jisalOBz3HOC+o/8ZxBiQNdSn21t9k=
Subject key identifier: E9:F6:CD:F1:7F:99:77:FD:DB:2D:A8:02:28:D2:DC:23:A5:34:65:0F
Certificate issuer: /CN=8ec3bb12f5f62a1088b07a9816c46306d1161e1d
Certificate serial: 019CF74F381482EF1C574EF80923F0CF6947
Authority key identifier: 8E:C3:BB:12:F5:F6:2A:10:88:B0:7A:98:16:C4:63:06:D1:16:1E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jsO7EvX2KhCIsHqYFsRjBtEWHh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/6fbN8X-Zd_3bLagCKNLcI6U0ZQ8.roa
Signing time: Mon 16 Mar 2026 15:41:29 +0000
ROA not before: Mon 16 Mar 2026 15:41:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216302
IP address blocks: 31.24.248.0/24 maxlen: 24
212.47.55.0/24 maxlen: 24
2a12:48c0::/29 maxlen: 32
2a12:48c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jsO7EvX2KhCIsHqYFsRjBtEWHh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jsO7EvX2KhCIsHqYFsRjBtEWHh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/jsO7EvX2KhCIsHqYFsRjBtEWHh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 12:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:4f:38:14:82:ef:1c:57:4e:f8:09:23:f0:cf:69:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ec3bb12f5f62a1088b07a9816c46306d1161e1d
Validity
Not Before: Mar 16 15:41:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e9f6cdf17f9977fddb2da80228d2dc23a534650f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e2:52:1c:2f:92:3e:0c:c6:aa:2b:ac:6f:8b:
59:96:9f:d5:06:ba:7f:08:5d:99:38:11:ee:74:48:
02:94:96:e7:4f:29:db:82:1b:d1:90:8e:6c:35:56:
17:fc:80:f4:06:31:91:2b:7a:b8:e7:92:bb:84:e9:
19:6f:e1:0a:54:95:70:12:52:79:a0:31:86:97:db:
72:e6:fe:32:ba:dc:86:62:f9:52:af:d7:e1:8e:8d:
3f:ee:0a:04:2a:ab:ed:bf:8d:65:4e:e3:8a:06:d7:
d8:e0:75:8b:bb:a3:48:04:72:ea:6e:4a:8d:16:37:
2b:51:c5:99:b5:9f:a9:a5:b9:51:e5:c3:3b:d9:e8:
d6:4d:33:1f:b7:1d:d6:6c:e4:08:ae:f3:f4:fd:eb:
dc:3c:01:82:e5:0d:2c:a4:5b:87:0f:52:d0:5b:1a:
16:4b:5d:22:d5:2c:59:69:ec:d6:7a:5a:e2:ac:03:
30:13:e8:f0:bf:95:ed:eb:51:f0:e9:35:c1:47:da:
18:9d:c0:68:82:45:d6:ff:4d:b9:b9:8c:71:9f:fc:
4e:58:d9:4d:d3:24:1b:6e:ae:80:08:15:2f:b0:a5:
c9:af:91:a7:41:a6:29:a7:5f:ea:c8:01:bb:10:ee:
0a:bf:28:31:c2:24:98:63:c0:c3:8a:c4:6d:de:15:
5c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F6:CD:F1:7F:99:77:FD:DB:2D:A8:02:28:D2:DC:23:A5:34:65:0F
X509v3 Authority Key Identifier:
keyid:8E:C3:BB:12:F5:F6:2A:10:88:B0:7A:98:16:C4:63:06:D1:16:1E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jsO7EvX2KhCIsHqYFsRjBtEWHh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/6fbN8X-Zd_3bLagCKNLcI6U0ZQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/c0e4d6-e7dc-41b4-b563-bbc76129c89b/1/jsO7EvX2KhCIsHqYFsRjBtEWHh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.248.0/24
212.47.55.0/24
IPv6:
2a12:48c0::/29
Signature Algorithm: sha256WithRSAEncryption
99:08:6a:b8:13:45:31:9a:53:0e:92:0a:5a:f8:e9:37:fc:30:
84:5e:46:40:d0:bb:e8:e8:2e:45:7c:b7:04:92:63:ee:3e:ea:
12:3d:69:9d:36:a8:32:56:1b:a7:92:13:4e:32:40:02:38:60:
71:95:13:25:0c:a8:73:37:80:62:ef:a0:58:a1:13:08:1c:5b:
81:dd:5e:61:e0:84:e0:ec:77:0b:79:b1:42:f8:b1:6a:30:b1:
82:d2:0e:e9:0f:0d:f4:6f:f7:fe:78:df:04:11:c7:40:2e:f4:
6c:e3:f5:0e:8f:40:87:b6:11:fb:36:34:d5:16:b6:c1:8e:6f:
16:8c:f5:c5:9a:b9:03:46:08:a6:aa:7f:c8:51:f3:f8:79:97:
08:57:88:9d:a9:99:37:2c:9c:83:74:6b:5b:29:05:d1:63:53:
62:6e:fe:49:1b:11:0e:25:3f:3f:99:42:ac:86:6c:a2:ce:1f:
70:a0:47:78:35:10:d5:14:67:ac:fb:2f:fc:99:5b:79:1a:56:
44:b6:b1:a1:2f:12:62:17:22:ec:19:37:7f:10:95:53:c2:bc:
fa:cb:c6:4b:ca:7d:99:3b:44:dc:b6:59:a7:1c:41:4e:6d:43:
20:25:ca:84:bd:03:a4:65:e8:f0:09:c2:30:45:19:2b:5f:ad:
e9:ee:0e:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZz3TzgUgu8cV074CSPwz2lHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYzNiYjEyZjVmNjJhMTA4OGIwN2E5ODE2YzQ2MzA2ZDEx
NjFlMWQwHhcNMjYwMzE2MTU0MTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWY2Y2RmMTdmOTk3N2ZkZGIyZGE4MDIyOGQyZGMyM2E1MzQ2NTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+JSHC+SPgzGqiusb4tZlp/VBrp/
CF2ZOBHudEgClJbnTynbghvRkI5sNVYX/ID0BjGRK3q455K7hOkZb+EKVJVwElJ5
oDGGl9ty5v4yutyGYvlSr9fhjo0/7goEKqvtv41lTuOKBtfY4HWLu6NIBHLqbkqN
FjcrUcWZtZ+ppblR5cM72ejWTTMftx3WbOQIrvP0/evcPAGC5Q0spFuHD1LQWxoW
S10i1SxZaezWelrirAMwE+jwv5Xt61Hw6TXBR9oYncBogkXW/025uYxxn/xOWNlN
0yQbbq6ACBUvsKXJr5GnQaYpp1/qyAG7EO4KvygxwiSYY8DDisRt3hVcmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOn2zfF/mXf92y2oAijS3COlNGUPMB8GA1UdIwQY
MBaAFI7DuxL19ioQiLB6mBbEYwbRFh4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanNPN0V2WDJLaENJc0hxWUZzUmpCdEVXSGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9jMGU0ZDYtZTdkYy00MWI0LWI1NjMt
YmJjNzYxMjljODliLzEvNmZiTjhYLVpkXzNiTGFnQ0tOTGNJNlUwWlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9jMGU0ZDYtZTdkYy00MWI0LWI1NjMtYmJjNzYxMjljODli
LzEvanNPN0V2WDJLaENJc0hxWUZzUmpCdEVXSGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAHxj4AwQA
1C83MA0EAgACMAcDBQMqEkjAMA0GCSqGSIb3DQEBCwUAA4IBAQCZCGq4E0UxmlMO
kgpa+Ok3/DCEXkZA0Lvo6C5FfLcEkmPuPuoSPWmdNqgyVhunkhNOMkACOGBxlRMl
DKhzN4Bi76BYoRMIHFuB3V5h4ITg7HcLebFC+LFqMLGC0g7pDw30b/f+eN8EEcdA
LvRs4/UOj0CHthH7NjTVFrbBjm8WjPXFmrkDRgimqn/IUfP4eZcIV4idqZk3LJyD
dGtbKQXRY1Nibv5JGxEOJT8/mUKshmyizh9woEd4NRDVFGes+y/8mVt5GlZEtrGh
LxJiFyLsGTd/EJVTwrz6y8ZLyn2ZO0TctlmnHEFObUMgJcqEvQOkZejwCcIwRRkr
X63p7g6o
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:52:24 2026 by rpki-client