Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
File: AS6849.roa (raw, json)
Hash identifier: 8BwujdESpqsoBXsIOOlEwBOaFUJzJst64WFn9bZXSIA=
Subject key identifier: 2E:38:70:0F:04:05:0B:AF:C6:AF:02:6E:2E:FF:AB:98:F7:BA:79:B7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 0531014C1F3660DE74394C22D804670B5B8EBA9A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
Signing time: Thu 14 May 2026 08:53:18 +0000
ROA not before: Thu 14 May 2026 08:48:18 +0000
ROA not after: Thu 13 May 2027 08:53:18 +0000
asID: 6849
IP address blocks: 37.52.0.0/21 maxlen: 21
37.52.0.0/24 maxlen: 24
37.52.1.0/24 maxlen: 24
37.52.2.0/24 maxlen: 24
37.52.3.0/24 maxlen: 24
37.52.4.0/24 maxlen: 24
37.52.16.0/20 maxlen: 20
37.52.32.0/21 maxlen: 21
37.52.32.0/24 maxlen: 24
37.52.33.0/24 maxlen: 24
37.52.34.0/24 maxlen: 24
37.52.35.0/24 maxlen: 24
37.52.36.0/24 maxlen: 24
37.52.37.0/24 maxlen: 24
37.52.38.0/24 maxlen: 24
37.52.39.0/24 maxlen: 24
37.52.40.0/21 maxlen: 21
37.52.56.0/21 maxlen: 21
37.52.64.0/21 maxlen: 24
37.52.64.0/24 maxlen: 24
37.52.65.0/24 maxlen: 24
37.52.66.0/24 maxlen: 24
37.52.67.0/24 maxlen: 24
37.52.68.0/24 maxlen: 24
37.52.69.0/24 maxlen: 24
37.52.70.0/24 maxlen: 24
37.52.71.0/24 maxlen: 24
37.52.72.0/21 maxlen: 21
37.52.72.0/24 maxlen: 24
37.52.73.0/24 maxlen: 24
37.52.74.0/24 maxlen: 24
37.52.75.0/24 maxlen: 24
37.52.76.0/24 maxlen: 24
37.52.77.0/24 maxlen: 24
37.52.78.0/24 maxlen: 24
37.52.79.0/24 maxlen: 24
37.52.80.0/21 maxlen: 21
37.52.80.0/24 maxlen: 24
37.52.81.0/24 maxlen: 24
37.52.82.0/24 maxlen: 24
37.52.83.0/24 maxlen: 24
37.52.84.0/24 maxlen: 24
37.52.85.0/24 maxlen: 24
37.52.86.0/24 maxlen: 24
37.52.87.0/24 maxlen: 24
37.52.88.0/24 maxlen: 24
37.52.89.0/24 maxlen: 24
37.52.90.0/24 maxlen: 24
37.52.91.0/24 maxlen: 24
37.52.92.0/24 maxlen: 24
37.52.93.0/24 maxlen: 24
37.52.94.0/24 maxlen: 24
37.52.95.0/24 maxlen: 24
37.52.96.0/21 maxlen: 21
37.52.96.0/24 maxlen: 24
37.52.97.0/24 maxlen: 24
37.52.98.0/24 maxlen: 24
37.52.99.0/24 maxlen: 24
37.52.100.0/24 maxlen: 24
37.52.101.0/24 maxlen: 24
37.52.102.0/24 maxlen: 24
37.52.103.0/24 maxlen: 24
37.52.104.0/24 maxlen: 24
37.52.105.0/24 maxlen: 24
37.52.106.0/24 maxlen: 24
37.52.107.0/24 maxlen: 24
37.52.108.0/24 maxlen: 24
37.52.109.0/24 maxlen: 24
37.52.110.0/24 maxlen: 24
37.52.111.0/24 maxlen: 24
37.52.112.0/22 maxlen: 22
37.52.116.0/23 maxlen: 23
37.52.118.0/23 maxlen: 23
37.52.128.0/21 maxlen: 21
37.52.134.0/24 maxlen: 24
37.52.136.0/21 maxlen: 21
37.52.144.0/21 maxlen: 21
37.52.144.0/24 maxlen: 24
37.52.145.0/24 maxlen: 24
37.52.146.0/24 maxlen: 24
37.52.147.0/24 maxlen: 24
37.52.148.0/24 maxlen: 24
37.52.149.0/24 maxlen: 24
178.94.192.0/20 maxlen: 24
178.95.208.0/20 maxlen: 24
178.95.212.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:31:01:4c:1f:36:60:de:74:39:4c:22:d8:04:67:0b:5b:8e:ba:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 14 08:48:18 2026 GMT
Not After : May 13 08:53:18 2027 GMT
Subject: CN=2E38700F04050BAFC6AF026E2EFFAB98F7BA79B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:2d:0b:9d:9e:b4:07:ff:ff:92:4e:81:2e:
d1:a8:d5:ed:1a:d0:e3:2d:b3:5b:01:1c:fa:2e:b9:
ac:b0:b8:a2:08:3c:23:e7:f0:2b:16:76:c0:2b:e6:
46:fb:e1:0d:db:5b:5d:77:e1:db:be:10:9e:43:96:
51:c5:62:1e:e5:e1:2c:cd:f4:7e:64:cf:7e:1c:13:
15:66:30:0d:31:bb:01:e8:ec:09:01:76:76:6c:7b:
c7:f4:23:dc:c2:f9:ac:59:10:53:ae:98:6e:27:eb:
40:c5:18:d7:52:10:f3:e6:60:9d:39:f8:1e:50:91:
a4:1c:62:0f:68:b1:a5:93:52:f7:3c:26:cb:69:f5:
3f:23:08:a8:b7:67:14:aa:73:f5:2f:26:92:d6:4a:
87:26:aa:f9:a2:5f:ff:83:a0:1a:07:4b:e2:9e:cf:
0d:2e:a0:70:8c:b7:5e:1a:73:1a:4e:12:f6:d5:bf:
7d:9d:c2:c4:97:d5:f3:de:81:a8:28:46:91:d4:21:
c8:f0:66:12:10:bc:c8:c2:f6:2b:d4:6e:d1:b8:db:
aa:e5:17:04:d1:03:1f:fb:f4:4d:aa:c4:f1:18:1e:
cf:ca:e8:e5:1e:ad:94:b3:4c:c7:6d:ea:8d:ba:64:
2f:18:c9:77:06:1a:b3:59:7e:49:95:00:79:8e:ea:
21:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:38:70:0F:04:05:0B:AF:C6:AF:02:6E:2E:FF:AB:98:F7:BA:79:B7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.0.0/21
37.52.16.0-37.52.47.255
37.52.56.0-37.52.119.255
37.52.128.0-37.52.151.255
178.94.192.0/20
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
6e:93:f0:45:1f:7e:a1:dc:24:30:6b:64:83:47:de:a2:95:ac:
e7:4d:40:42:c9:ec:89:aa:3b:bd:8f:94:45:b5:22:b8:9a:73:
d3:aa:ba:63:e0:90:4c:e5:14:fb:a8:22:f9:9d:23:86:14:97:
07:cc:40:ca:b2:af:94:c0:26:a7:91:9a:32:8e:c3:cd:2e:c9:
8b:4b:aa:fb:ef:c2:aa:39:a8:e5:80:f7:74:a0:d9:13:f9:cf:
19:80:02:eb:f9:16:f8:f0:fe:db:88:c0:c3:74:9d:46:21:27:
c8:1a:27:c6:e7:50:d5:08:d3:6e:62:fd:99:3c:f3:68:40:ec:
09:52:0f:6f:5d:52:43:e4:47:56:3f:e7:9b:43:63:8a:18:70:
2b:5c:25:94:5b:99:2c:bc:f7:f5:22:95:6d:cc:00:30:2b:2b:
eb:6b:44:d2:40:0e:c6:bc:75:9d:ca:fb:c6:95:81:bb:f1:fe:
89:ed:bb:5f:db:18:06:6c:1b:2d:ef:0f:c0:12:6e:46:14:2f:
19:c5:70:49:a3:ec:40:b1:45:9f:c0:2a:40:09:db:52:25:82:
6c:e3:79:35:a0:d9:a7:49:65:ca:a4:cc:72:25:6d:3b:94:90:
64:de:78:4c:64:36:7e:1c:8e:58:c6:28:04:bf:74:b6:c2:a9:
80:3c:d8:1c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUBTEBTB82YN50OUwi2ARnC1uOupowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTQwODQ4MThaFw0yNzA1MTMwODUzMThaMDMxMTAvBgNV
BAMTKDJFMzg3MDBGMDQwNTBCQUZDNkFGMDI2RTJFRkZBQjk4RjdCQTc5QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/cC0LnZ60B///kk6BLtGo1e0a
0OMts1sBHPouuaywuKIIPCPn8CsWdsAr5kb74Q3bW1134du+EJ5DllHFYh7l4SzN
9H5kz34cExVmMA0xuwHo7AkBdnZse8f0I9zC+axZEFOumG4n60DFGNdSEPPmYJ05
+B5QkaQcYg9osaWTUvc8Jstp9T8jCKi3ZxSqc/UvJpLWSocmqvmiX/+DoBoHS+Ke
zw0uoHCMt14acxpOEvbVv32dwsSX1fPegagoRpHUIcjwZhIQvMjC9ivUbtG426rl
FwTRAx/79E2qxPEYHs/K6OUerZSzTMdt6o26ZC8YyXcGGrNZfkmVAHmO6iEvAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQULjhwDwQFC6/GrwJuLv+rmPe6ebcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjg0OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAyU0ADAM
AwQEJTQQAwQEJTQgMAwDBAMlNDgDBAMlNHAwDAMEByU0gAMEAyU0kAMEBLJewAME
BLJf0DANBgkqhkiG9w0BAQsFAAOCAQEAbpPwRR9+odwkMGtkg0feopWs501AQsns
iao7vY+URbUiuJpz06q6Y+CQTOUU+6gi+Z0jhhSXB8xAyrKvlMAmp5GaMo7DzS7J
i0uq++/Cqjmo5YD3dKDZE/nPGYAC6/kW+PD+24jAw3SdRiEnyBonxudQ1QjTbmL9
mTzzaEDsCVIPb11SQ+RHVj/nm0NjihhwK1wllFuZLLz39SKVbcwAMCsr62tE0kAO
xrx1ncr7xpWBu/H+ie27X9sYBmwbLe8PwBJuRhQvGcVwSaPsQLFFn8AqQAnbUiWC
bON5NaDZp0llyqTMciVtO5SQZN54TGQ2fhyOWMYoBL90tsKpgDzYHA==
-----END CERTIFICATE-----
Generated at Fri May 15 14:22:26 2026 by rpki-client