Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
File: AS6849.roa (raw, json)
Hash identifier: /bDqwJR8OPguG4zR4JcpYn+JNRjvi/aeZsxjEXWhPpo=
Subject key identifier: CB:EF:E4:8A:C3:D4:49:72:96:D1:E3:31:50:7F:E1:53:66:03:27:BD
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 538CE165DF852E47579C4EBDB9F4D31E8FBF011D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
Signing time: Wed 04 Mar 2026 11:29:48 +0000
ROA not before: Wed 04 Mar 2026 11:24:48 +0000
ROA not after: Wed 03 Mar 2027 11:29:48 +0000
asID: 6849
IP address blocks: 37.52.0.0/21 maxlen: 21
37.52.0.0/24 maxlen: 24
37.52.1.0/24 maxlen: 24
37.52.2.0/24 maxlen: 24
37.52.3.0/24 maxlen: 24
37.52.4.0/24 maxlen: 24
37.52.16.0/20 maxlen: 20
37.52.32.0/21 maxlen: 21
37.52.32.0/24 maxlen: 24
37.52.33.0/24 maxlen: 24
37.52.34.0/24 maxlen: 24
37.52.35.0/24 maxlen: 24
37.52.36.0/24 maxlen: 24
37.52.37.0/24 maxlen: 24
37.52.38.0/24 maxlen: 24
37.52.39.0/24 maxlen: 24
37.52.40.0/21 maxlen: 21
37.52.56.0/21 maxlen: 21
37.52.64.0/21 maxlen: 24
37.52.64.0/24 maxlen: 24
37.52.65.0/24 maxlen: 24
37.52.66.0/24 maxlen: 24
37.52.67.0/24 maxlen: 24
37.52.68.0/24 maxlen: 24
37.52.69.0/24 maxlen: 24
37.52.70.0/24 maxlen: 24
37.52.71.0/24 maxlen: 24
37.52.72.0/21 maxlen: 21
37.52.72.0/24 maxlen: 24
37.52.73.0/24 maxlen: 24
37.52.74.0/24 maxlen: 24
37.52.75.0/24 maxlen: 24
37.52.76.0/24 maxlen: 24
37.52.77.0/24 maxlen: 24
37.52.78.0/24 maxlen: 24
37.52.79.0/24 maxlen: 24
37.52.80.0/21 maxlen: 21
37.52.80.0/24 maxlen: 24
37.52.81.0/24 maxlen: 24
37.52.82.0/24 maxlen: 24
37.52.83.0/24 maxlen: 24
37.52.84.0/24 maxlen: 24
37.52.85.0/24 maxlen: 24
37.52.86.0/24 maxlen: 24
37.52.87.0/24 maxlen: 24
37.52.88.0/24 maxlen: 24
37.52.89.0/24 maxlen: 24
37.52.90.0/24 maxlen: 24
37.52.91.0/24 maxlen: 24
37.52.92.0/24 maxlen: 24
37.52.93.0/24 maxlen: 24
37.52.94.0/24 maxlen: 24
37.52.95.0/24 maxlen: 24
37.52.96.0/21 maxlen: 21
37.52.96.0/24 maxlen: 24
37.52.97.0/24 maxlen: 24
37.52.98.0/24 maxlen: 24
37.52.99.0/24 maxlen: 24
37.52.100.0/24 maxlen: 24
37.52.101.0/24 maxlen: 24
37.52.102.0/24 maxlen: 24
37.52.103.0/24 maxlen: 24
37.52.104.0/24 maxlen: 24
37.52.105.0/24 maxlen: 24
37.52.106.0/24 maxlen: 24
37.52.107.0/24 maxlen: 24
37.52.108.0/24 maxlen: 24
37.52.109.0/24 maxlen: 24
37.52.110.0/24 maxlen: 24
37.52.111.0/24 maxlen: 24
37.52.112.0/22 maxlen: 22
37.52.116.0/23 maxlen: 23
37.52.118.0/23 maxlen: 23
37.52.128.0/21 maxlen: 21
37.52.134.0/24 maxlen: 24
37.52.136.0/21 maxlen: 21
37.52.144.0/21 maxlen: 21
37.52.144.0/24 maxlen: 24
37.52.145.0/24 maxlen: 24
37.52.146.0/24 maxlen: 24
37.52.147.0/24 maxlen: 24
37.52.148.0/24 maxlen: 24
37.52.149.0/24 maxlen: 24
178.94.192.0/20 maxlen: 24
178.95.208.0/20 maxlen: 24
178.95.212.0/22 maxlen: 24
178.95.216.0/22 maxlen: 24
178.95.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:8c:e1:65:df:85:2e:47:57:9c:4e:bd:b9:f4:d3:1e:8f:bf:01:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 4 11:24:48 2026 GMT
Not After : Mar 3 11:29:48 2027 GMT
Subject: CN=CBEFE48AC3D4497296D1E331507FE153660327BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7c:89:3e:f9:a4:af:7e:4d:82:3d:92:36:ad:
be:fe:8c:c4:a2:f2:af:89:0f:bd:72:62:90:8b:63:
62:e6:1d:95:c2:09:e6:a0:77:6e:0e:06:cd:a2:bb:
57:06:0d:48:8a:29:12:1d:98:88:ec:63:a8:62:67:
0e:0b:01:9f:7e:07:6d:fa:c7:b0:db:fb:1a:77:58:
99:1f:78:35:e1:6f:f3:a5:98:f8:0a:e2:49:c8:1c:
d4:e7:75:a2:40:51:ec:0a:03:b2:9d:a9:ae:94:01:
bb:e3:df:aa:b1:64:67:21:7c:05:b1:de:45:b5:7d:
f5:1a:d3:27:a2:4d:bb:2f:41:99:a9:ab:57:37:3e:
86:59:f1:cd:8f:70:12:9c:38:ba:6e:20:a9:48:9e:
8a:f9:88:5a:ba:87:68:ef:6f:bb:8f:e7:f9:aa:0c:
8d:a0:01:7a:00:71:c9:5c:d3:c6:d8:d6:bb:b9:4e:
55:09:7c:7a:89:6e:8b:e3:ac:f5:97:c0:37:a6:bc:
09:42:52:b9:ce:1b:ec:2d:18:5f:a7:07:ee:1c:94:
54:dc:db:01:6e:06:6f:68:d1:54:74:45:bb:54:27:
35:35:81:66:80:f1:05:e1:df:d6:4c:f2:d0:3a:af:
7e:3f:af:12:ee:07:6a:87:43:5c:b8:73:29:23:da:
71:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:EF:E4:8A:C3:D4:49:72:96:D1:E3:31:50:7F:E1:53:66:03:27:BD
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS6849.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.52.0.0/21
37.52.16.0-37.52.47.255
37.52.56.0-37.52.119.255
37.52.128.0-37.52.151.255
178.94.192.0/20
178.95.208.0/20
Signature Algorithm: sha256WithRSAEncryption
38:13:ee:6b:f6:43:81:cf:33:d2:ef:1e:03:f8:8a:4d:74:db:
49:7f:2e:90:b1:f2:82:50:85:15:00:9f:f4:5c:83:79:93:29:
4f:44:ff:be:a3:e3:00:1d:9c:e5:b6:96:01:2b:08:ca:64:2e:
29:ec:6e:aa:30:e4:64:0c:34:86:ba:20:67:91:56:82:10:9d:
5d:f2:e8:5f:30:68:67:ce:69:6b:d9:e5:8b:00:e9:01:af:7e:
e7:5b:6c:2d:5f:b8:4b:65:13:db:c8:c0:ac:b8:73:37:85:dd:
9a:f6:67:47:3c:33:46:24:27:8b:88:7b:f6:c8:19:62:27:0f:
ff:b6:ab:71:8a:e8:71:89:ef:45:91:46:76:c1:93:7a:18:c4:
d2:27:c6:2a:2d:e7:cc:be:4a:96:47:80:ce:86:f0:65:18:7a:
fd:2d:7e:9e:34:7d:66:24:40:0a:d7:2c:d2:2a:1b:5b:a2:b9:
34:65:69:e2:53:85:99:1b:13:15:f9:d0:b4:b4:e7:1b:06:b2:
7a:a0:b3:ea:fe:17:29:44:fa:13:5b:29:12:7d:f7:1a:fa:86:
61:f3:1b:34:9a:c8:51:ed:8d:94:3b:09:70:b6:62:08:b9:b2:
f0:24:27:a4:1e:97:74:3b:62:e6:cf:71:ff:ae:78:bb:04:c0:
d3:5e:1d:2e
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUU4zhZd+FLkdXnE69ufTTHo+/AR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAzMDQxMTI0NDhaFw0yNzAzMDMxMTI5NDhaMDMxMTAvBgNV
BAMTKENCRUZFNDhBQzNENDQ5NzI5NkQxRTMzMTUwN0ZFMTUzNjYwMzI3QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+fIk++aSvfk2CPZI2rb7+jMSi
8q+JD71yYpCLY2LmHZXCCeagd24OBs2iu1cGDUiKKRIdmIjsY6hiZw4LAZ9+B236
x7Db+xp3WJkfeDXhb/OlmPgK4knIHNTndaJAUewKA7Kdqa6UAbvj36qxZGchfAWx
3kW1ffUa0yeiTbsvQZmpq1c3PoZZ8c2PcBKcOLpuIKlInor5iFq6h2jvb7uP5/mq
DI2gAXoAcclc08bY1ru5TlUJfHqJbovjrPWXwDemvAlCUrnOG+wtGF+nB+4clFTc
2wFuBm9o0VR0RbtUJzU1gWaA8QXh39ZM8tA6r34/rxLuB2qHQ1y4cykj2nGVAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUy+/kisPUSXKW0eMxUH/hU2YDJ70wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNjg0OS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAyU0ADAM
AwQEJTQQAwQEJTQgMAwDBAMlNDgDBAMlNHAwDAMEByU0gAMEAyU0kAMEBLJewAME
BLJf0DANBgkqhkiG9w0BAQsFAAOCAQEAOBPua/ZDgc8z0u8eA/iKTXTbSX8ukLHy
glCFFQCf9FyDeZMpT0T/vqPjAB2c5baWASsIymQuKexuqjDkZAw0hrogZ5FWghCd
XfLoXzBoZ85pa9nliwDpAa9+51tsLV+4S2UT28jArLhzN4XdmvZnRzwzRiQni4h7
9sgZYicP/7arcYrocYnvRZFGdsGTehjE0ifGKi3nzL5KlkeAzobwZRh6/S1+njR9
ZiRACtcs0iobW6K5NGVp4lOFmRsTFfnQtLTnGwayeqCz6v4XKUT6E1spEn33GvqG
YfMbNJrIUe2NlDsJcLZiCLmy8CQnpB6XdDti5s9x/654uwTA014dLg==
-----END CERTIFICATE-----
Generated at Sat Mar 28 02:33:17 2026 by rpki-client