Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1w6LCh5xyGU-9vpDH96Ci4ANMIM.roa
File: 1w6LCh5xyGU-9vpDH96Ci4ANMIM.roa (raw, json)
Hash identifier: ploilQWLzB+RJNqDs0EQSq/0VeUMwCP3yRv4bISAzck=
Subject key identifier: D7:0E:8B:0A:1E:71:C8:65:3E:F6:FA:43:1F:DE:82:8B:80:0D:30:83
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019EA72130D80BFF72C1DA8BC0A78CB1E617
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1w6LCh5xyGU-9vpDH96Ci4ANMIM.roa
Signing time: Mon 08 Jun 2026 12:07:10 +0000
ROA not before: Mon 08 Jun 2026 12:07:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:21:30:d8:0b:ff:72:c1:da:8b:c0:a7:8c:b1:e6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 8 12:07:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d70e8b0a1e71c8653ef6fa431fde828b800d3083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f1:62:10:a3:f5:65:e6:6d:f1:c1:19:49:62:
78:15:8f:3c:09:f0:40:28:d3:2e:58:1a:77:b7:5a:
f4:2e:9b:56:8a:d8:58:6f:79:89:1a:61:8b:d8:d5:
a5:41:93:0b:72:21:e3:79:15:f7:8a:b2:3f:47:7a:
f8:f7:13:5e:b3:e6:a1:3b:60:35:77:41:c8:5f:5d:
a5:ad:47:3b:54:7c:20:0e:03:3e:cb:79:b6:8e:f9:
40:9f:51:c5:fb:60:90:42:ed:b9:76:16:6c:09:b8:
8c:d1:ad:9c:4b:d2:24:3b:85:ae:5d:59:c9:e2:9e:
41:a9:24:dd:07:d3:72:16:2b:f3:8b:31:3e:19:19:
07:0f:11:df:e6:29:85:ae:ec:79:2b:60:bc:10:ee:
69:0c:9a:fd:b9:fe:43:00:e7:04:19:e2:78:13:4b:
23:72:23:25:fd:c6:8a:f1:dc:4c:a7:74:c2:52:be:
f9:12:89:df:a8:1d:51:9c:52:0f:a1:01:24:00:18:
76:92:7d:05:50:c2:08:6c:88:38:8a:48:c1:13:e2:
27:eb:2f:61:a8:52:ba:10:8e:57:56:62:b8:7b:07:
29:0f:2d:90:84:a6:bf:2e:16:b6:83:17:77:64:c7:
09:d6:98:f0:93:76:62:61:d9:6d:7e:fa:3c:f8:f1:
e6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0E:8B:0A:1E:71:C8:65:3E:F6:FA:43:1F:DE:82:8B:80:0D:30:83
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1w6LCh5xyGU-9vpDH96Ci4ANMIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.153.0/24
185.210.155.0/24
185.218.102.0/24
185.223.76.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c4:e8:c4:0c:d5:0f:5c:10:90:c8:f6:a1:2d:8d:56:4b:d2:
98:7e:46:58:3c:fa:f8:62:fc:70:24:fc:a5:78:12:56:60:08:
17:cf:2f:c1:0c:5d:d3:49:14:1b:ba:59:0b:3a:ad:32:aa:2c:
cc:86:ce:45:ac:77:bd:da:b8:6d:cb:a2:e0:f7:56:63:ce:a5:
d1:9b:ca:be:8b:75:74:ee:05:78:85:2f:62:db:7b:05:7a:93:
ab:8b:be:43:1c:42:a5:73:f8:e1:2b:cf:ee:5b:3a:73:44:03:
6d:04:06:a1:8e:5c:be:64:ec:d2:d0:61:43:eb:fa:fb:31:45:
be:72:31:be:c2:41:9c:74:38:86:fe:9b:51:2f:c7:11:1e:02:
6b:00:72:1a:ab:78:1d:47:ab:f8:af:13:9c:99:38:63:26:91:
e0:5f:ba:6c:fe:e5:ae:22:d3:21:0d:0c:82:20:42:d1:6b:f0:
b1:f7:d4:e8:97:88:30:af:a9:8c:46:15:62:0b:df:99:03:2c:
75:32:57:81:ab:b7:f3:15:f2:65:8f:2c:1b:bf:95:fd:94:ae:
21:60:2b:e0:6a:38:3b:aa:7b:fb:ef:f2:40:9a:c1:4c:65:bf:
22:f8:07:a9:2c:f8:a0:bd:db:32:c2:85:43:fa:e6:7c:35:1e:
02:86:6b:c2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ6nITDYC/9ywdqLwKeMseYXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNjA4MTIwNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBlOGIwYTFlNzFjODY1M2VmNmZhNDMxZmRlODI4YjgwMGQzMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/FiEKP1ZeZt8cEZSWJ4FY88CfBA
KNMuWBp3t1r0LptWithYb3mJGmGL2NWlQZMLciHjeRX3irI/R3r49xNes+ahO2A1
d0HIX12lrUc7VHwgDgM+y3m2jvlAn1HF+2CQQu25dhZsCbiM0a2cS9IkO4WuXVnJ
4p5BqSTdB9NyFivzizE+GRkHDxHf5imFrux5K2C8EO5pDJr9uf5DAOcEGeJ4E0sj
ciMl/caK8dxMp3TCUr75EonfqB1RnFIPoQEkABh2kn0FUMIIbIg4ikjBE+In6y9h
qFK6EI5XVmK4ewcpDy2QhKa/Lha2gxd3ZMcJ1pjwk3ZiYdltfvo8+PHmtQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNcOiwoecchlPvb6Qx/egouADTCDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMXc2TENoNXh5R1UtOXZwREg5NkNpNEFOTUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAuc74AwQA
uc77AwQBudEkAwQAudKZAwQAudKbAwQAudpmAwQAud9MAwQAueORAwQCueoUAwQC
ue7kAwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQAwxOjEDNUPXBCQyPahLY1WS9KY
fkZYPPr4YvxwJPyleBJWYAgXzy/BDF3TSRQbulkLOq0yqizMhs5FrHe92rhty6Lg
91ZjzqXRm8q+i3V07gV4hS9i23sFepOri75DHEKlc/jhK8/uWzpzRANtBAahjly+
ZOzS0GFD6/r7MUW+cjG+wkGcdDiG/ptRL8cRHgJrAHIaq3gdR6v4rxOcmThjJpHg
X7ps/uWuItMhDQyCIELRa/Cx99Tol4gwr6mMRhViC9+ZAyx1MleBq7fzFfJljywb
v5X9lK4hYCvgajg7qnv77/JAmsFMZb8i+AepLPigvdsywoVD+uZ8NR4ChmvC
-----END CERTIFICATE-----
Generated at Thu Jun 11 05:45:13 2026 by rpki-client