Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/6dfLDbtcB7Oy08RSn-ZJaria73A.roa
File: 6dfLDbtcB7Oy08RSn-ZJaria73A.roa (raw, json)
Hash identifier: Wireb9R2m79PwBjUJ01lZh3UqGW3cHIaYQJ8loaVfj0=
Subject key identifier: E9:D7:CB:0D:BB:5C:07:B3:B2:D3:C4:52:9F:E6:49:6A:B8:9A:EF:70
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 019DAA8B9440499932FED9F7356F567038E5
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/6dfLDbtcB7Oy08RSn-ZJaria73A.roa
Signing time: Mon 20 Apr 2026 10:59:27 +0000
ROA not before: Mon 20 Apr 2026 10:59:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 84.55.8.0/22 maxlen: 24
88.223.44.0/24 maxlen: 24
88.223.46.0/24 maxlen: 24
88.223.169.0/24 maxlen: 24
95.173.48.0/24 maxlen: 24
95.173.49.0/24 maxlen: 24
95.173.51.0/24 maxlen: 24
95.173.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:8b:94:40:49:99:32:fe:d9:f7:35:6f:56:70:38:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Apr 20 10:59:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e9d7cb0dbb5c07b3b2d3c4529fe6496ab89aef70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:8c:30:dd:4b:72:ae:96:3e:df:b5:68:1e:
6a:17:da:b8:77:24:90:1f:9b:6b:05:86:cc:af:f0:
ad:09:8f:e1:65:c9:d5:2c:7e:f5:59:5b:27:be:03:
6b:8b:7c:03:4f:06:b3:71:97:4d:6c:fa:4e:1a:7c:
1d:28:fc:e2:2b:76:96:53:ff:58:40:ab:ab:06:53:
78:cd:41:f6:3a:c3:c4:6d:64:be:56:ee:42:93:47:
6e:ee:1a:27:96:0e:54:be:6c:b0:5b:5d:44:d9:79:
21:dc:71:81:94:28:69:1e:dd:99:ad:fb:d6:04:a6:
d2:bc:db:e3:fd:e6:49:72:2b:03:dd:8f:07:78:58:
93:d1:28:60:4c:69:87:82:09:47:0f:df:09:a6:dc:
b5:97:f8:cf:10:71:22:90:8f:c3:4a:46:48:17:b6:
76:74:0a:e6:6e:42:21:d4:d3:05:d5:3b:97:03:88:
d0:bc:5d:d6:03:f9:49:ac:32:76:6e:fa:8c:1d:89:
ec:46:63:87:16:50:a7:ee:5f:d4:77:90:bd:6b:1c:
72:9c:b1:69:10:34:ec:3d:ba:d8:fd:ac:f4:a5:ca:
ad:50:86:ea:af:b0:ea:5a:23:7d:a7:76:e8:5d:cd:
c6:b0:13:f8:66:61:45:95:aa:d3:59:eb:08:6c:4c:
fb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D7:CB:0D:BB:5C:07:B3:B2:D3:C4:52:9F:E6:49:6A:B8:9A:EF:70
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/6dfLDbtcB7Oy08RSn-ZJaria73A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.8.0/22
88.223.44.0/24
88.223.46.0/24
88.223.169.0/24
95.173.48.0/23
95.173.51.0/24
95.173.54.0/24
Signature Algorithm: sha256WithRSAEncryption
98:11:3e:08:4c:8e:d2:21:f3:84:b4:36:4b:6e:42:cc:9a:8d:
56:2b:57:ea:4f:50:3b:1c:4d:56:cc:6e:f1:58:44:1f:fb:ea:
07:a3:f4:9a:5f:fd:85:53:c7:36:1b:04:e4:a2:bc:82:f5:fb:
07:d1:8b:b9:a7:00:46:fd:6d:c4:70:f6:0c:eb:38:46:2a:9e:
9e:d9:dd:17:57:c1:e5:5c:ad:28:a9:e9:6e:2d:b9:90:24:b7:
bf:da:d0:d9:b9:28:08:37:21:32:56:39:3d:e8:da:19:b8:aa:
57:78:59:4e:f4:c1:a8:af:d4:58:b8:fd:d3:7f:54:8c:bb:eb:
17:03:94:05:33:88:12:14:af:69:42:be:80:5c:22:7e:ed:75:
aa:bb:c5:6a:0b:56:16:9f:47:2a:52:dd:7e:b0:3f:65:70:78:
59:cb:f0:d3:be:4a:9b:6a:e1:6d:2e:b9:bc:90:f3:65:d1:6f:
74:9d:5a:89:8f:4c:da:65:1d:b5:64:0a:4a:f3:b6:24:02:70:
7d:da:0a:3d:5d:e7:b6:13:e8:9a:3d:74:ca:d1:9b:23:25:91:
5b:7e:83:c7:a8:51:16:19:df:6f:57:b1:f2:42:b6:95:d9:47:
49:6d:b6:70:7b:f9:e8:d1:da:fc:5d:3d:4d:bb:d3:c6:e1:04:
d9:09:45:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ2qi5RASZky/tn3NW9WcDjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjYwNDIwMTA1OTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ3Y2IwZGJiNWMwN2IzYjJkM2M0NTI5ZmU2NDk2YWI4OWFlZjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI6MMN1Lcq6WPt+1aB5qF9q4dySQ
H5trBYbMr/CtCY/hZcnVLH71WVsnvgNri3wDTwazcZdNbPpOGnwdKPziK3aWU/9Y
QKurBlN4zUH2OsPEbWS+Vu5Ck0du7honlg5UvmywW11E2Xkh3HGBlChpHt2ZrfvW
BKbSvNvj/eZJcisD3Y8HeFiT0ShgTGmHgglHD98Jpty1l/jPEHEikI/DSkZIF7Z2
dArmbkIh1NMF1TuXA4jQvF3WA/lJrDJ2bvqMHYnsRmOHFlCn7l/Ud5C9axxynLFp
EDTsPbrY/az0pcqtUIbqr7DqWiN9p3boXc3GsBP4ZmFFlarTWesIbEz7wQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOnXyw27XAezstPEUp/mSWq4mu9wMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvNmRmTERidGNCN095MDhSU24tWkphcmlhNzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVDcIAwQA
WN8sAwQAWN8uAwQAWN+pAwQBX60wAwQAX60zAwQAX602MA0GCSqGSIb3DQEBCwUA
A4IBAQCYET4ITI7SIfOEtDZLbkLMmo1WK1fqT1A7HE1WzG7xWEQf++oHo/SaX/2F
U8c2GwTkoryC9fsH0Yu5pwBG/W3EcPYM6zhGKp6e2d0XV8HlXK0oqeluLbmQJLe/
2tDZuSgINyEyVjk96NoZuKpXeFlO9MGor9RYuP3Tf1SMu+sXA5QFM4gSFK9pQr6A
XCJ+7XWqu8VqC1YWn0cqUt1+sD9lcHhZy/DTvkqbauFtLrm8kPNl0W90nVqJj0za
ZR21ZApK87YkAnB92go9Xee2E+iaPXTK0ZsjJZFbfoPHqFEWGd9vV7HyQraV2UdJ
bbZwe/no0dr8XT1Nu9PG4QTZCUX2
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:28 2026 by rpki-client