Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/m32YrWZdVA5lMs4kR6KWsfSNMao.roa
File: m32YrWZdVA5lMs4kR6KWsfSNMao.roa (raw, json)
Hash identifier: avhGz3bWW+Y47cei8EsKWhu2bPLuPJsNwhqeRuBH25A=
Subject key identifier: 9B:7D:98:AD:66:5D:54:0E:65:32:CE:24:47:A2:96:B1:F4:8D:31:AA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019DDF02B4A758C3D17321447461F8346A96
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/m32YrWZdVA5lMs4kR6KWsfSNMao.roa
Signing time: Thu 30 Apr 2026 15:29:49 +0000
ROA not before: Thu 30 Apr 2026 15:29:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.96.0/24 maxlen: 24
46.8.100.0/22 maxlen: 24
46.8.114.0/23 maxlen: 24
46.8.120.0/21 maxlen: 24
188.130.182.0/24 maxlen: 24
188.130.224.0/21 maxlen: 24
188.130.231.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:02:b4:a7:58:c3:d1:73:21:44:74:61:f8:34:6a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 30 15:29:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b7d98ad665d540e6532ce2447a296b1f48d31aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:81:22:28:f8:83:44:a8:30:a9:2b:e0:40:b9:
b0:5b:9e:59:c6:50:d8:a4:fe:2a:82:f8:8b:01:d6:
f6:25:92:0b:4b:e2:09:f5:cb:4f:9d:5d:a2:fb:0a:
52:d0:54:a7:a3:1d:9b:6b:47:4f:2b:71:0b:0d:92:
de:8f:ea:66:ac:5e:ff:83:76:95:f1:a3:94:d5:d1:
ba:f1:50:86:29:be:ab:77:cb:70:6a:c8:e2:2c:41:
10:52:c4:99:e5:35:9a:49:21:c6:dc:80:32:f2:c9:
25:74:cf:11:d6:09:d1:ac:c5:13:9f:a6:60:dc:a9:
05:5c:64:92:99:38:28:f6:2d:7a:dd:4a:8e:5a:6b:
ee:09:55:f6:95:0b:8f:8f:8f:a8:29:dd:6b:70:84:
f9:56:46:49:b8:4f:44:ca:e6:cf:9b:d8:82:32:5a:
97:ad:8a:9a:6d:1e:84:12:25:00:f7:e9:e4:49:0e:
21:bd:04:03:57:96:cb:dc:e7:43:4c:96:8e:91:0a:
a0:c3:33:b1:e8:0c:11:d9:53:ad:3c:d0:af:c3:ef:
e5:c7:a8:bc:d1:b3:27:4a:a3:37:82:1c:00:0d:83:
59:4a:95:32:7f:75:27:4d:f5:ca:1d:52:64:6b:f2:
d7:c4:94:d7:8d:e5:a3:14:9d:5b:45:fa:98:3f:b8:
03:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:7D:98:AD:66:5D:54:0E:65:32:CE:24:47:A2:96:B1:F4:8D:31:AA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/m32YrWZdVA5lMs4kR6KWsfSNMao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.96.0/24
46.8.100.0/22
46.8.114.0/23
46.8.120.0/21
188.130.182.0/24
188.130.224.0/21
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
40:7b:f8:1f:10:2d:bd:01:c7:c2:62:5f:e0:aa:43:08:02:f8:
db:30:1a:ac:e6:fe:fe:ea:29:83:c3:a3:f8:13:f8:d8:7b:42:
89:9e:eb:45:3a:06:a3:06:d8:5f:11:b7:75:1a:0a:df:1b:74:
1e:bf:5d:7f:34:ce:9b:1d:ba:d9:90:bb:34:97:b6:27:c9:44:
d2:f6:86:a4:45:25:9a:e4:73:67:af:d9:47:79:f9:3b:de:31:
ad:65:fe:a4:de:b7:74:c6:52:48:db:38:1e:61:2d:b5:4a:0c:
3b:53:3a:0d:85:6c:c7:1a:84:a6:d8:18:8f:ca:f7:7c:49:15:
88:d3:4a:50:b9:a7:5d:3b:66:40:91:92:d6:e9:13:6c:cc:d4:
24:9d:db:2f:90:8d:db:b8:7d:04:d8:23:1f:0d:12:41:40:de:
6f:3f:a3:52:f3:75:49:79:e9:1d:26:75:1f:3b:11:b7:df:5f:
59:da:32:2e:12:00:39:4b:3f:27:15:52:c3:f2:f9:ec:bd:10:
fa:5b:48:5c:94:8c:44:a7:fd:33:78:66:13:9e:27:b0:53:04:
57:b2:0a:eb:5c:21:14:7e:6c:ff:6d:82:ad:93:ca:99:da:1f:
54:5a:41:a5:11:64:f4:67:64:74:14:c9:eb:1f:50:aa:02:bb:
a9:6c:e8:af
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ3fArSnWMPRcyFEdGH4NGqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjYwNDMwMTUyOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjdkOThhZDY2NWQ1NDBlNjUzMmNlMjQ0N2EyOTZiMWY0OGQzMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIEiKPiDRKgwqSvgQLmwW55ZxlDY
pP4qgviLAdb2JZILS+IJ9ctPnV2i+wpS0FSnox2ba0dPK3ELDZLej+pmrF7/g3aV
8aOU1dG68VCGKb6rd8twasjiLEEQUsSZ5TWaSSHG3IAy8skldM8R1gnRrMUTn6Zg
3KkFXGSSmTgo9i163UqOWmvuCVX2lQuPj4+oKd1rcIT5VkZJuE9EyubPm9iCMlqX
rYqabR6EEiUA9+nkSQ4hvQQDV5bL3OdDTJaOkQqgwzOx6AwR2VOtPNCvw+/lx6i8
0bMnSqM3ghwADYNZSpUyf3UnTfXKHVJka/LXxJTXjeWjFJ1bRfqYP7gDSwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJt9mK1mXVQOZTLOJEeilrH0jTGqMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvbTMyWXJXWmRWQTVsTXM0a1I2S1dzZlNOTWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALghgAwQC
LghkAwQBLghyAwQDLgh4AwQAvIK2AwQDvILgAwQCw9M0MA0EAgACMAcDBQAgARRo
MA0GCSqGSIb3DQEBCwUAA4IBAQBAe/gfEC29AcfCYl/gqkMIAvjbMBqs5v7+6imD
w6P4E/jYe0KJnutFOgajBthfEbd1GgrfG3Qev11/NM6bHbrZkLs0l7YnyUTS9oak
RSWa5HNnr9lHefk73jGtZf6k3rd0xlJI2zgeYS21Sgw7UzoNhWzHGoSm2BiPyvd8
SRWI00pQuaddO2ZAkZLW6RNszNQkndsvkI3buH0E2CMfDRJBQN5vP6NS83VJeekd
JnUfOxG3319Z2jIuEgA5Sz8nFVLD8vnsvRD6W0hclIxEp/0zeGYTniewUwRXsgrr
XCEUfmz/bYKtk8qZ2h9UWkGlEWT0Z2R0FMnrH1CqArupbOiv
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:41 2026 by rpki-client