Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/8sph1Iilwcy44cyBDGIOiNcciZc.roa
File: 8sph1Iilwcy44cyBDGIOiNcciZc.roa (raw, json)
Hash identifier: DAz6Ppsy/dUr6FC8qgrSiRy5YAj9fXyStl0yZkiYgzQ=
Subject key identifier: F2:CA:61:D4:88:A5:C1:CC:B8:E1:CC:81:0C:62:0E:88:D7:1C:89:97
Certificate issuer: /CN=e822d845e153992a78e8f44523264d2614b17b9d
Certificate serial: 019D3EA338ECC89EC652F39F96F83DA79CB8
Authority key identifier: E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/8sph1Iilwcy44cyBDGIOiNcciZc.roa
Signing time: Mon 30 Mar 2026 12:06:17 +0000
ROA not before: Mon 30 Mar 2026 12:06:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12693
IP address blocks: 46.167.32.0/21 maxlen: 21
46.167.32.0/24 maxlen: 24
185.101.52.0/22 maxlen: 22
185.101.52.0/23 maxlen: 23
185.101.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.mft
rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:a3:38:ec:c8:9e:c6:52:f3:9f:96:f8:3d:a7:9c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e822d845e153992a78e8f44523264d2614b17b9d
Validity
Not Before: Mar 30 12:06:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f2ca61d488a5c1ccb8e1cc810c620e88d71c8997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cc:06:f9:cf:b6:6c:d8:df:f7:d7:a3:f6:9b:
f4:4a:d0:cf:03:74:b6:a2:7e:7e:59:dc:a7:f7:6d:
5a:3d:37:f5:3b:e0:7b:70:65:a7:b0:b1:38:30:74:
c5:49:26:00:09:4a:75:13:4f:f9:55:fe:3a:8c:0f:
f9:c8:6b:b0:89:90:af:3e:d5:72:bb:55:e2:e6:3b:
5b:f2:27:a5:cf:1a:e6:04:9f:2f:dd:af:21:8d:d3:
87:0b:33:c9:d1:8e:7b:1e:fd:c0:55:a7:2d:8e:64:
40:16:96:37:00:82:1f:68:26:20:25:ae:22:fd:6f:
4c:41:36:5d:bc:fa:80:a9:df:27:10:0f:6b:05:2a:
42:df:3c:3a:78:fc:85:e7:9f:d8:77:41:c0:c1:4d:
56:50:b6:68:ff:6e:c7:8e:10:d7:a6:05:71:61:0d:
45:68:af:1b:ec:9c:c3:82:1d:33:19:64:b7:cd:ff:
51:6b:c9:df:4a:08:cd:60:2a:b7:40:06:0f:09:48:
06:ea:38:be:d9:19:81:11:0a:18:c3:d6:63:22:73:
da:4c:76:71:8e:a0:3a:bf:0c:8f:ee:ba:0c:6a:be:
3a:38:9d:31:e2:e2:a2:4c:45:82:5d:3b:79:7c:61:
ff:34:96:c9:90:58:0b:53:92:0c:f9:95:41:73:43:
fc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:CA:61:D4:88:A5:C1:CC:B8:E1:CC:81:0C:62:0E:88:D7:1C:89:97
X509v3 Authority Key Identifier:
keyid:E8:22:D8:45:E1:53:99:2A:78:E8:F4:45:23:26:4D:26:14:B1:7B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6CLYReFTmSp46PRFIyZNJhSxe50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/8sph1Iilwcy44cyBDGIOiNcciZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/7f1a8c-48e4-4d97-b042-1d4246d7f155/1/6CLYReFTmSp46PRFIyZNJhSxe50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.32.0/21
185.101.52.0/22
Signature Algorithm: sha256WithRSAEncryption
67:e9:a3:26:8b:d0:86:60:59:d5:04:2a:e6:a4:23:90:d1:78:
74:7e:57:4e:e4:37:e3:1f:7f:c9:a8:d2:21:17:0d:85:2c:36:
6f:06:c1:47:10:28:8a:f6:a4:60:94:1d:2b:f8:45:c4:06:d8:
07:2c:37:ba:b1:50:2e:34:96:f7:e6:a2:3e:3e:43:1b:7c:14:
7f:e8:c9:ae:ae:a2:34:71:0d:44:f9:e3:20:45:f4:0a:7a:90:
fb:b9:4b:a3:c5:7e:66:72:5c:1e:1f:03:11:cd:4b:a7:ba:86:
ae:71:44:18:44:b8:eb:b5:4a:be:1f:2b:4d:51:16:09:87:c9:
7e:9a:26:56:b9:3e:0d:74:41:94:30:f0:e6:70:e1:71:e7:8e:
64:3c:01:43:45:43:bd:f8:a6:25:cb:80:d7:c2:a1:21:12:8e:
90:74:0a:86:0c:3e:76:2e:4b:6a:ac:c0:59:ff:e0:f6:f3:3c:
67:9f:93:4f:89:2d:d8:5d:7b:9e:14:22:ee:2d:c6:56:77:93:
a3:0d:1e:78:aa:27:e7:b0:32:70:16:9f:4c:a4:1d:f7:5b:44:
b7:f3:95:f6:80:02:cd:24:13:62:3a:e8:1f:59:31:cf:d2:92:
e0:20:85:8e:10:f2:f9:c3:fe:19:d7:57:36:aa:ba:eb:cd:87:
9d:f6:67:77
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0+ozjsyJ7GUvOflvg9p5y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4MjJkODQ1ZTE1Mzk5MmE3OGU4ZjQ0NTIzMjY0ZDI2MTRi
MTdiOWQwHhcNMjYwMzMwMTIwNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmNhNjFkNDg4YTVjMWNjYjhlMWNjODEwYzYyMGU4OGQ3MWM4OTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMwG+c+2bNjf99ej9pv0StDPA3S2
on5+Wdyn921aPTf1O+B7cGWnsLE4MHTFSSYACUp1E0/5Vf46jA/5yGuwiZCvPtVy
u1Xi5jtb8ielzxrmBJ8v3a8hjdOHCzPJ0Y57Hv3AVactjmRAFpY3AIIfaCYgJa4i
/W9MQTZdvPqAqd8nEA9rBSpC3zw6ePyF55/Yd0HAwU1WULZo/27HjhDXpgVxYQ1F
aK8b7JzDgh0zGWS3zf9Ra8nfSgjNYCq3QAYPCUgG6ji+2RmBEQoYw9ZjInPaTHZx
jqA6vwyP7roMar46OJ0x4uKiTEWCXTt5fGH/NJbJkFgLU5IM+ZVBc0P8UQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPLKYdSIpcHMuOHMgQxiDojXHImXMB8GA1UdIwQY
MBaAFOgi2EXhU5kqeOj0RSMmTSYUsXudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDIt
MWQ0MjQ2ZDdmMTU1LzEvOHNwaDFJaWx3Y3k0NGN5QkRHSU9pTmNjaVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC83ZjFhOGMtNDhlNC00ZDk3LWIwNDItMWQ0MjQ2ZDdmMTU1
LzEvNkNMWVJlRlRtU3A0NlBSRkl5Wk5KaFN4ZTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLqcgAwQC
uWU0MA0GCSqGSIb3DQEBCwUAA4IBAQBn6aMmi9CGYFnVBCrmpCOQ0Xh0fldO5Dfj
H3/JqNIhFw2FLDZvBsFHECiK9qRglB0r+EXEBtgHLDe6sVAuNJb35qI+PkMbfBR/
6MmurqI0cQ1E+eMgRfQKepD7uUujxX5mclweHwMRzUunuoaucUQYRLjrtUq+HytN
URYJh8l+miZWuT4NdEGUMPDmcOFx545kPAFDRUO9+KYly4DXwqEhEo6QdAqGDD52
LktqrMBZ/+D28zxnn5NPiS3YXXueFCLuLcZWd5OjDR54qifnsDJwFp9MpB33W0S3
85X2gALNJBNiOugfWTHP0pLgIIWOEPL5w/4Z11c2qrrrzYed9md3
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:50:16 2026 by rpki-client