Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gPSq-qCET8xva-xjxloU4MvTT3o.roa
File: gPSq-qCET8xva-xjxloU4MvTT3o.roa (raw, json)
Hash identifier: ep6q/BUkIK7MgMGyTNyB8H1OrlfoFEmUXLs5y6qzhFw=
Subject key identifier: 80:F4:AA:FA:A0:84:4F:CC:6F:6B:EC:63:C6:5A:14:E0:CB:D3:4F:7A
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019D96C1A8026BD6BE88610C8188A8A93B4F
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gPSq-qCET8xva-xjxloU4MvTT3o.roa
Signing time: Thu 16 Apr 2026 14:46:07 +0000
ROA not before: Thu 16 Apr 2026 14:46:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.96.0/24 maxlen: 24
46.8.100.0/22 maxlen: 24
46.8.114.0/23 maxlen: 24
46.8.120.0/21 maxlen: 24
109.248.16.0/20 maxlen: 24
188.130.182.0/24 maxlen: 24
188.130.224.0/21 maxlen: 24
188.130.231.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:c1:a8:02:6b:d6:be:88:61:0c:81:88:a8:a9:3b:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Apr 16 14:46:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80f4aafaa0844fcc6f6bec63c65a14e0cbd34f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5c:4b:40:30:ba:19:86:f5:63:7e:29:af:5d:
4d:a7:14:20:5c:cb:1d:65:98:91:3a:2b:7c:78:76:
95:f8:61:04:03:16:0a:4d:a7:fa:ce:49:ec:64:f1:
74:b2:1c:c7:d3:8d:e7:d9:c1:bd:84:29:0a:e6:8d:
9d:1f:ab:c9:bf:a3:71:25:f8:d0:71:cb:a9:5d:c3:
37:62:fd:2d:00:86:85:66:98:53:72:ea:f5:20:ef:
98:c5:22:9a:e1:37:ad:27:b4:2d:e0:31:0a:1a:4b:
b3:73:0a:fe:f9:42:57:43:45:d0:43:ef:ff:80:05:
6b:bd:b6:3a:8a:c0:54:3c:a2:4e:45:4a:68:ab:74:
a0:fa:a4:01:f8:d6:bb:f3:29:1f:78:4c:4c:86:cb:
23:e0:af:b5:3f:83:c1:c0:55:8d:49:82:6b:8d:d3:
d5:ef:d9:97:48:11:56:1e:74:3a:f7:ae:1a:61:41:
9b:dd:c7:32:59:45:49:92:1a:42:12:17:64:d2:58:
05:35:3d:1e:66:01:86:dc:1f:dc:48:a4:13:20:35:
03:d6:c6:a8:b1:4d:91:6e:68:96:16:70:0f:3d:71:
a7:5c:ff:b0:72:ef:8b:bf:a5:a3:99:b1:15:5d:3c:
2f:bc:cd:88:55:6a:0c:4b:33:f0:5a:a0:7f:f8:14:
86:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F4:AA:FA:A0:84:4F:CC:6F:6B:EC:63:C6:5A:14:E0:CB:D3:4F:7A
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/gPSq-qCET8xva-xjxloU4MvTT3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.96.0/24
46.8.100.0/22
46.8.114.0/23
46.8.120.0/21
109.248.16.0/20
188.130.182.0/24
188.130.224.0/21
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
08:63:92:50:ec:e4:c9:55:7f:63:c4:df:ae:45:2d:35:bb:13:
62:35:94:99:c9:12:9b:28:fa:ca:a5:76:d8:55:d0:c9:bf:6f:
95:7b:4d:d7:87:8b:ae:b8:e7:ae:73:0d:05:34:03:ee:56:e8:
25:c2:a4:4b:26:5f:aa:18:0e:ed:25:de:63:e2:35:7c:55:4a:
ec:3c:7b:64:57:49:8e:0d:63:bb:d9:ed:cf:06:10:8e:3e:65:
f8:b6:b5:6e:84:4f:8a:34:c9:d6:46:c2:9a:d7:0e:63:1e:31:
b9:be:b0:5e:ca:6f:f3:55:91:84:d2:fa:4c:cd:c4:0f:8e:01:
cb:e5:9f:d1:f6:6a:8d:a4:6e:05:2f:44:a1:ad:13:b5:8c:ad:
d5:21:ea:18:58:37:98:e5:d7:c6:b8:99:67:1c:2c:82:97:10:
9d:60:ab:20:4c:12:98:37:71:74:c3:5e:d7:45:51:00:b5:58:
39:61:d6:88:dc:30:27:1f:b2:83:62:d1:16:48:01:fa:12:ad:
5a:7c:44:de:05:ad:c9:36:c9:87:b1:d9:7a:b9:5f:12:d5:dc:
13:38:14:10:c1:55:72:2d:9f:f0:4d:e0:f0:61:0d:5d:00:04:
2e:44:e4:94:b2:14:d8:d6:0c:57:df:03:a4:c6:a8:49:4b:8f:
fc:f2:ab:2d
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ2WwagCa9a+iGEMgYioqTtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjYwNDE2MTQ0NjA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGY0YWFmYWEwODQ0ZmNjNmY2YmVjNjNjNjVhMTRlMGNiZDM0ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVxLQDC6GYb1Y34pr11NpxQgXMsd
ZZiROit8eHaV+GEEAxYKTaf6zknsZPF0shzH043n2cG9hCkK5o2dH6vJv6NxJfjQ
ccupXcM3Yv0tAIaFZphTcur1IO+YxSKa4TetJ7Qt4DEKGkuzcwr++UJXQ0XQQ+//
gAVrvbY6isBUPKJORUpoq3Sg+qQB+Na78ykfeExMhssj4K+1P4PBwFWNSYJrjdPV
79mXSBFWHnQ6964aYUGb3ccyWUVJkhpCEhdk0lgFNT0eZgGG3B/cSKQTIDUD1sao
sU2RbmiWFnAPPXGnXP+wcu+Lv6WjmbEVXTwvvM2IVWoMSzPwWqB/+BSGhQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFID0qvqghE/Mb2vsY8ZaFODL0096MB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvZ1BTcS1xQ0VUOHh2YS14anhsb1U0TXZUVDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQALghgAwQC
LghkAwQBLghyAwQDLgh4AwQEbfgQAwQAvIK2AwQDvILgAwQCw9M0MA0EAgACMAcD
BQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAIY5JQ7OTJVX9jxN+uRS01uxNiNZSZ
yRKbKPrKpXbYVdDJv2+Ve03Xh4uuuOeucw0FNAPuVuglwqRLJl+qGA7tJd5j4jV8
VUrsPHtkV0mODWO72e3PBhCOPmX4trVuhE+KNMnWRsKa1w5jHjG5vrBeym/zVZGE
0vpMzcQPjgHL5Z/R9mqNpG4FL0ShrRO1jK3VIeoYWDeY5dfGuJlnHCyClxCdYKsg
TBKYN3F0w17XRVEAtVg5YdaI3DAnH7KDYtEWSAH6Eq1afETeBa3JNsmHsdl6uV8S
1dwTOBQQwVVyLZ/wTeDwYQ1dAAQuROSUshTY1gxX3wOkxqhJS4/88qst
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:27:54 2026 by rpki-client