Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/n3ieUI2cLDKlu7-1mHlC00BGgvw.roa
File: n3ieUI2cLDKlu7-1mHlC00BGgvw.roa (raw, json)
Hash identifier: j3IdpiHDFCzlAJqG9D51WL/CfEe+aj4QEFw7yJEuwkE=
Subject key identifier: 9F:78:9E:50:8D:9C:2C:32:A5:BB:BF:B5:98:79:42:D3:40:46:82:FC
Certificate issuer: /CN=07fa540a25432e2aa4dca057845c359d214886f7
Certificate serial: 019CBCDCB62FB9FAF2A777F5A8B9E1CFE37F
Authority key identifier: 07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/n3ieUI2cLDKlu7-1mHlC00BGgvw.roa
Signing time: Thu 05 Mar 2026 07:18:26 +0000
ROA not before: Thu 05 Mar 2026 07:18:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 196922
IP address blocks: 46.232.184.0/21 maxlen: 24
46.232.184.0/24 maxlen: 24
46.232.185.0/24 maxlen: 24
46.232.186.0/24 maxlen: 24
46.232.187.0/24 maxlen: 24
46.232.188.0/24 maxlen: 24
46.232.189.0/24 maxlen: 24
46.232.190.0/24 maxlen: 24
46.232.191.0/24 maxlen: 24
178.248.240.0/21 maxlen: 24
178.248.240.0/24 maxlen: 24
178.248.241.0/24 maxlen: 24
178.248.242.0/24 maxlen: 24
178.248.243.0/24 maxlen: 24
178.248.244.0/24 maxlen: 24
178.248.245.0/24 maxlen: 24
178.248.246.0/24 maxlen: 24
178.248.247.0/24 maxlen: 24
185.115.24.0/22 maxlen: 24
185.115.24.0/23 maxlen: 23
185.115.26.0/23 maxlen: 23
185.115.26.0/24 maxlen: 24
185.115.26.128/27 maxlen: 27
185.115.27.0/24 maxlen: 24
2a02:1308::/29 maxlen: 32
2a02:1308::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bc:dc:b6:2f:b9:fa:f2:a7:77:f5:a8:b9:e1:cf:e3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07fa540a25432e2aa4dca057845c359d214886f7
Validity
Not Before: Mar 5 07:18:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f789e508d9c2c32a5bbbfb5987942d3404682fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8e:54:c0:ee:5b:b1:6f:c1:70:41:fe:0a:7a:
e4:5e:6a:14:f6:74:c2:9d:fd:7c:ed:71:38:c3:44:
4e:40:54:1e:6b:ad:2b:18:eb:47:4b:e7:c4:b7:cd:
71:83:3d:67:82:77:64:51:f0:02:45:3f:4e:c8:c0:
84:10:8d:ef:c0:f0:55:be:b1:3a:77:1f:62:02:a8:
34:2c:4e:99:16:db:61:04:35:bd:cb:5e:32:46:5c:
ee:60:32:02:57:0a:dc:b1:4b:cc:c6:96:a1:9e:cf:
07:2a:d3:37:a8:06:82:1b:28:1e:e2:42:bc:57:af:
7d:41:aa:c8:32:53:be:ca:da:40:58:a4:eb:ca:89:
1a:1f:dd:30:c0:45:1b:1f:89:23:fe:2b:b3:e5:d7:
0a:6e:4c:75:23:0c:90:e7:2d:fd:9e:32:ae:67:64:
02:99:63:6e:04:65:5a:d9:4b:e6:66:f1:fd:32:4a:
d1:50:91:b2:9c:54:52:05:b2:09:f8:8f:bb:3a:4b:
78:d7:c8:1a:c8:6b:66:8c:67:bc:52:59:26:c8:ae:
b3:73:37:7f:2a:9f:26:55:d6:2f:a7:c2:2f:e1:70:
00:61:bf:8b:35:e4:49:17:ec:b2:68:21:5e:b8:76:
68:f3:c1:6c:65:47:ad:88:ad:90:2b:84:f7:3f:04:
60:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:78:9E:50:8D:9C:2C:32:A5:BB:BF:B5:98:79:42:D3:40:46:82:FC
X509v3 Authority Key Identifier:
keyid:07:FA:54:0A:25:43:2E:2A:A4:DC:A0:57:84:5C:35:9D:21:48:86:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B_pUCiVDLiqk3KBXhFw1nSFIhvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/n3ieUI2cLDKlu7-1mHlC00BGgvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4307d1-b608-4581-992c-753741a80e94/1/B_pUCiVDLiqk3KBXhFw1nSFIhvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.184.0/21
178.248.240.0/21
185.115.24.0/22
IPv6:
2a02:1308::/29
Signature Algorithm: sha256WithRSAEncryption
87:b7:d4:d1:68:9f:d7:7e:72:96:64:27:24:98:95:26:35:90:
70:4b:a7:3e:59:77:58:46:09:bc:85:ea:f9:99:04:7f:0b:74:
0d:3f:23:fd:ed:e7:40:ce:be:7c:5e:ef:e2:e2:e7:cf:c2:42:
9a:1b:62:af:01:d5:eb:1c:82:6a:0e:b0:40:e8:2c:07:ef:d1:
62:91:db:26:17:68:3e:32:70:be:ec:23:0c:55:42:38:21:41:
53:04:13:0c:2c:e6:19:6d:35:f1:fb:ed:c3:11:1c:ba:63:b6:
38:6c:ba:af:ef:eb:83:e9:29:93:f7:95:16:ee:54:b4:db:a6:
31:e3:17:68:31:0d:18:14:b4:38:22:d4:8b:ed:06:56:70:fe:
64:c9:76:53:03:6b:8d:51:4f:ad:bb:5f:7a:33:b3:93:a3:ea:
a9:33:af:8d:62:da:23:63:a8:db:7d:64:54:1a:4e:0c:8b:52:
a2:94:7d:52:2b:d2:48:92:24:df:2c:6d:32:b9:20:f6:34:e0:
16:79:86:3f:dc:79:ef:4a:ce:6f:5d:16:01:0a:91:8c:0e:83:
c5:0d:f2:ed:73:71:eb:42:37:d1:23:0a:f2:73:aa:fb:c4:82:
4a:50:57:88:ba:c3:64:73:0c:23:4d:6f:6e:74:ba:34:74:55:
48:8b:af:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZy83LYvufryp3f1qLnhz+N/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZmE1NDBhMjU0MzJlMmFhNGRjYTA1Nzg0NWMzNTlkMjE0
ODg2ZjcwHhcNMjYwMzA1MDcxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjc4OWU1MDhkOWMyYzMyYTViYmJmYjU5ODc5NDJkMzQwNDY4MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu45UwO5bsW/BcEH+CnrkXmoU9nTC
nf187XE4w0ROQFQea60rGOtHS+fEt81xgz1ngndkUfACRT9OyMCEEI3vwPBVvrE6
dx9iAqg0LE6ZFtthBDW9y14yRlzuYDICVwrcsUvMxpahns8HKtM3qAaCGyge4kK8
V699QarIMlO+ytpAWKTryokaH90wwEUbH4kj/iuz5dcKbkx1IwyQ5y39njKuZ2QC
mWNuBGVa2UvmZvH9MkrRUJGynFRSBbIJ+I+7Okt418gayGtmjGe8UlkmyK6zczd/
Kp8mVdYvp8Iv4XAAYb+LNeRJF+yyaCFeuHZo88FsZUetiK2QK4T3PwRg5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJ94nlCNnCwypbu/tZh5QtNARoL8MB8GA1UdIwQY
MBaAFAf6VAolQy4qpNygV4RcNZ0hSIb3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMt
NzUzNzQxYTgwZTk0LzEvbjNpZVVJMmNMREtsdTctMW1IbEMwMEJHZ3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80MzA3ZDEtYjYwOC00NTgxLTk5MmMtNzUzNzQxYTgwZTk0
LzEvQl9wVUNpVkRMaXFrM0tCWGhGdzFuU0ZJaHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLui4AwQD
svjwAwQCuXMYMA0EAgACMAcDBQMqAhMIMA0GCSqGSIb3DQEBCwUAA4IBAQCHt9TR
aJ/XfnKWZCckmJUmNZBwS6c+WXdYRgm8her5mQR/C3QNPyP97edAzr58Xu/i4ufP
wkKaG2KvAdXrHIJqDrBA6CwH79FikdsmF2g+MnC+7CMMVUI4IUFTBBMMLOYZbTXx
++3DERy6Y7Y4bLqv7+uD6SmT95UW7lS026Yx4xdoMQ0YFLQ4ItSL7QZWcP5kyXZT
A2uNUU+tu196M7OTo+qpM6+NYtojY6jbfWRUGk4Mi1KilH1SK9JIkiTfLG0yuSD2
NOAWeYY/3HnvSs5vXRYBCpGMDoPFDfLtc3HrQjfRIwryc6r7xIJKUFeIusNkcwwj
TW9udLo0dFVIi68U
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:18:32 2026 by rpki-client