Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/UkhdK5SfOFVxCC44JM27mHkN1tE.roa
File: UkhdK5SfOFVxCC44JM27mHkN1tE.roa (raw, json)
Hash identifier: kxm53rqKirqaV5k0vdN3961xYsuHznkwHIiYgaO0Gq8=
Subject key identifier: 52:48:5D:2B:94:9F:38:55:71:08:2E:38:24:CD:BB:98:79:0D:D6:D1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019C86C29D5589BDABD989D3D244400CA069
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/UkhdK5SfOFVxCC44JM27mHkN1tE.roa
Signing time: Sun 22 Feb 2026 19:10:27 +0000
ROA not before: Sun 22 Feb 2026 19:10:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.96.0/24 maxlen: 24
46.8.100.0/22 maxlen: 24
46.8.114.0/23 maxlen: 24
46.8.118.0/23 maxlen: 24
46.8.120.0/21 maxlen: 24
109.248.16.0/20 maxlen: 24
188.130.182.0/24 maxlen: 24
188.130.224.0/21 maxlen: 24
188.130.231.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:86:c2:9d:55:89:bd:ab:d9:89:d3:d2:44:40:0c:a0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Feb 22 19:10:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52485d2b949f385571082e3824cdbb98790dd6d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a3:74:4a:76:18:c1:b2:81:43:c2:b7:00:8c:
ce:37:88:1c:17:3e:8a:b7:be:7d:a2:e0:ae:78:de:
a4:96:6e:c2:e4:53:c3:a0:f6:17:d2:76:f3:42:33:
82:9f:a9:34:7d:41:5e:87:8e:be:70:1b:db:7b:4d:
fd:b9:34:99:3b:70:dd:22:3a:07:07:ac:90:2e:ff:
d6:a3:1d:5e:a7:5a:5d:2e:3d:5b:78:ac:25:6a:14:
c1:df:79:c7:52:cf:7b:df:32:6f:fc:43:9e:3d:ad:
d0:15:02:cb:b5:3d:c0:3a:cd:64:af:5e:1e:8e:ea:
6f:1b:fe:99:f7:82:97:e0:93:97:5b:4d:38:ae:5b:
15:41:3b:6e:f9:e0:ae:f5:79:c6:2a:2c:ac:27:f0:
3c:eb:fb:1c:4f:67:be:93:b6:c4:1a:3c:36:0f:9f:
09:f6:ca:ee:5f:3e:82:73:2b:42:a9:91:86:f2:63:
73:8f:95:51:46:1b:1f:68:23:02:55:84:e3:29:0f:
29:3c:78:be:cd:63:48:be:e2:3f:67:47:25:f6:65:
d1:19:e5:e0:a7:d4:7e:d5:52:44:19:99:83:ee:e4:
b1:6d:99:8b:95:f5:c6:75:87:8c:6c:f5:55:87:94:
27:ba:80:59:d0:ab:4d:f5:97:1c:a3:30:43:e9:03:
5a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:48:5D:2B:94:9F:38:55:71:08:2E:38:24:CD:BB:98:79:0D:D6:D1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/UkhdK5SfOFVxCC44JM27mHkN1tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.96.0/24
46.8.100.0/22
46.8.114.0/23
46.8.118.0-46.8.127.255
109.248.16.0/20
188.130.182.0/24
188.130.224.0/21
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
99:0e:1d:2c:72:36:d4:d1:53:c1:1a:86:66:64:3b:ac:c1:2e:
bf:0c:2a:60:c4:2c:b3:c7:c9:10:52:10:2f:f8:d7:02:5f:07:
f6:37:32:07:2b:ef:55:93:46:12:90:67:50:ac:76:f5:f5:e0:
40:30:21:65:86:f0:87:78:9e:f5:6f:c4:64:0a:18:21:26:31:
73:65:c0:e5:0d:57:79:66:54:08:4b:37:44:14:20:8d:24:09:
87:50:52:d5:43:54:c3:15:ff:21:0a:97:ee:f8:c7:c2:25:13:
83:bf:b5:8f:8b:ac:27:cb:d9:dc:7c:2f:97:66:ac:af:c5:b8:
e9:5c:a0:20:cb:52:e6:07:e6:51:6b:99:90:e7:f8:e7:8a:e1:
cb:71:d1:5b:72:c9:4e:23:79:1c:21:44:69:94:e9:be:c7:b0:
d5:27:fd:01:ed:9d:27:9f:81:a2:50:a7:da:ad:18:13:6a:95:
dd:aa:21:8b:f7:63:e6:d1:53:e0:bf:05:67:da:b5:17:f1:b0:
fd:6e:7b:a2:b2:b1:eb:b7:b0:ec:24:85:43:51:d4:99:c5:e9:
c8:d5:1f:eb:93:d9:8f:72:72:f1:dc:0c:0e:db:89:79:22:b1:
30:d8:c0:03:8d:94:c3:9a:a0:3d:c2:1b:fc:34:ac:3c:57:f1:
65:aa:e0:dc
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZyGwp1Vib2r2YnT0kRADKBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjYwMjIyMTkxMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ4NWQyYjk0OWYzODU1NzEwODJlMzgyNGNkYmI5ODc5MGRkNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaN0SnYYwbKBQ8K3AIzON4gcFz6K
t759ouCueN6klm7C5FPDoPYX0nbzQjOCn6k0fUFeh46+cBvbe039uTSZO3DdIjoH
B6yQLv/Wox1ep1pdLj1beKwlahTB33nHUs973zJv/EOePa3QFQLLtT3AOs1kr14e
jupvG/6Z94KX4JOXW004rlsVQTtu+eCu9XnGKiysJ/A86/scT2e+k7bEGjw2D58J
9sruXz6CcytCqZGG8mNzj5VRRhsfaCMCVYTjKQ8pPHi+zWNIvuI/Z0cl9mXRGeXg
p9R+1VJEGZmD7uSxbZmLlfXGdYeMbPVVh5QnuoBZ0KtN9ZccozBD6QNaFQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFJIXSuUnzhVcQguOCTNu5h5DdbRMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvVWtoZEs1U2ZPRlZ4Q0M0NEpNMjdtSGtOMXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQALghgAwQC
LghkAwQBLghyMAwDBAEuCHYDBAcuCAADBARt+BADBAC8grYDBAO8guADBALD0zQw
DQQCAAIwBwMFACABFGgwDQYJKoZIhvcNAQELBQADggEBAJkOHSxyNtTRU8EahmZk
O6zBLr8MKmDELLPHyRBSEC/41wJfB/Y3Mgcr71WTRhKQZ1CsdvX14EAwIWWG8Id4
nvVvxGQKGCEmMXNlwOUNV3lmVAhLN0QUII0kCYdQUtVDVMMV/yEKl+74x8IlE4O/
tY+LrCfL2dx8L5dmrK/FuOlcoCDLUuYH5lFrmZDn+OeK4ctx0VtyyU4jeRwhRGmU
6b7HsNUn/QHtnSefgaJQp9qtGBNqld2qIYv3Y+bRU+C/BWfatRfxsP1ue6Kyseu3
sOwkhUNR1JnF6cjVH+uT2Y9ycvHcDA7biXkisTDYwAONlMOaoD3CG/w0rDxX8WWq
4Nw=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:17:20 2026 by rpki-client