Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2KwtvDUjmoPXOlaquUSy1eJJEvs.roa
File: 2KwtvDUjmoPXOlaquUSy1eJJEvs.roa (raw, json)
Hash identifier: hhPOlpdHRcUEJH0ASt3UfGot9N68cwIMDgDCvKrHATQ=
Subject key identifier: D8:AC:2D:BC:35:23:9A:83:D7:3A:56:AA:B9:44:B2:D5:E2:49:12:FB
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 019D6720F4220731C892AAAC1DBAE3474A1E
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2KwtvDUjmoPXOlaquUSy1eJJEvs.roa
Signing time: Tue 07 Apr 2026 08:48:26 +0000
ROA not before: Tue 07 Apr 2026 08:48:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:20:f4:22:07:31:c8:92:aa:ac:1d:ba:e3:47:4a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Apr 7 08:48:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d8ac2dbc35239a83d73a56aab944b2d5e24912fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:03:b5:be:15:bd:09:7e:78:44:35:bb:98:9a:
5f:be:a7:f1:1b:61:fe:99:0b:a4:4b:b1:41:18:25:
00:2c:4d:64:fa:3d:1a:ac:b2:36:d0:14:17:0c:db:
64:0a:3d:d2:03:87:32:77:f1:52:01:3a:e0:69:09:
1b:8d:76:1f:b1:80:6e:16:f5:a9:86:f7:f9:1f:d0:
8c:7a:2e:2f:be:ed:f2:65:69:56:e2:1b:f7:31:8f:
69:44:22:19:df:82:a4:85:be:b0:eb:2d:e2:60:25:
93:2f:dd:0c:d7:66:d2:a4:01:96:8d:c9:cf:40:a3:
de:a6:35:bd:f5:3b:4d:98:b4:4b:4b:ad:b1:d8:80:
81:d5:72:22:04:43:ce:c6:7d:77:5a:5d:c8:52:f3:
45:4a:d6:cc:97:8a:cc:b7:68:d7:6c:aa:f5:e0:bf:
b0:31:f1:e1:89:07:e6:a3:a0:7f:0f:e9:70:f5:20:
eb:7f:52:d1:0f:d3:3b:e7:21:6a:f3:40:83:12:23:
a3:45:60:7d:11:80:a1:db:be:ca:74:c9:57:29:fb:
52:83:bc:71:ab:ac:25:61:c7:29:84:07:1a:16:0e:
70:7f:84:64:fb:55:3d:78:ca:a2:d2:34:41:9d:6b:
13:82:e2:82:8d:a8:95:b3:80:22:dc:a0:52:48:4f:
b9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:AC:2D:BC:35:23:9A:83:D7:3A:56:AA:B9:44:B2:D5:E2:49:12:FB
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/2KwtvDUjmoPXOlaquUSy1eJJEvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4c:1f:59:9e:db:47:f5:40:d8:2a:5b:ee:b3:77:96:0a:6e:
36:65:b5:02:e6:4a:e3:83:c1:17:44:bc:05:6f:2e:14:24:ed:
9b:75:18:58:dd:08:90:89:e0:8b:03:ce:5e:1f:53:b9:56:c5:
4b:06:ad:e6:7f:67:6f:bd:cb:f0:c0:f4:89:29:85:60:4f:0d:
95:7e:0a:cf:ae:c1:08:bc:76:aa:c6:18:b0:32:54:22:84:86:
65:7a:d8:fb:cb:be:2f:3d:46:2b:0c:69:62:bc:af:41:58:8c:
b8:f3:67:86:a8:38:16:a1:2e:5b:88:8f:c2:81:1b:42:44:92:
b0:a2:90:d2:13:1c:ff:c1:fb:3b:97:61:ce:3b:86:02:bb:23:
bd:b4:cc:2c:4a:06:7b:22:87:3b:c6:19:0f:b2:36:c4:5b:00:
ad:e3:98:7d:2d:a9:0f:f5:84:f6:84:cd:f6:91:57:97:f8:31:
79:5b:d6:d3:52:3a:ac:c4:28:a2:38:05:9e:e8:bd:b4:b2:28:
86:79:d1:c5:7f:47:7f:18:d9:b2:d0:dd:e8:dc:f7:35:91:f1:
af:3b:07:ba:01:5d:b3:f0:0f:73:d2:f1:c8:3c:c9:c9:65:0a:
c4:bb:6a:36:3b:63:ce:7c:82:0d:a5:ae:0b:7c:62:73:5e:a7:
7f:f6:d5:bd
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1nIPQiBzHIkqqsHbrjR0oeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjYwNDA3MDg0ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGFjMmRiYzM1MjM5YTgzZDczYTU2YWFiOTQ0YjJkNWUyNDkxMmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAO1vhW9CX54RDW7mJpfvqfxG2H+
mQukS7FBGCUALE1k+j0arLI20BQXDNtkCj3SA4cyd/FSATrgaQkbjXYfsYBuFvWp
hvf5H9CMei4vvu3yZWlW4hv3MY9pRCIZ34Kkhb6w6y3iYCWTL90M12bSpAGWjcnP
QKPepjW99TtNmLRLS62x2ICB1XIiBEPOxn13Wl3IUvNFStbMl4rMt2jXbKr14L+w
MfHhiQfmo6B/D+lw9SDrf1LRD9M75yFq80CDEiOjRWB9EYCh277KdMlXKftSg7xx
q6wlYccphAcaFg5wf4Rk+1U9eMqi0jRBnWsTguKCjaiVs4Ai3KBSSE+5JQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNisLbw1I5qD1zpWqrlEstXiSRL7MB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvMkt3dHZEVWptb1BYT2xhcXVVU3kxZUpKRXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBABFMH1me20f1QNgq
W+6zd5YKbjZltQLmSuODwRdEvAVvLhQk7Zt1GFjdCJCJ4IsDzl4fU7lWxUsGreZ/
Z2+9y/DA9IkphWBPDZV+Cs+uwQi8dqrGGLAyVCKEhmV62PvLvi89RisMaWK8r0FY
jLjzZ4aoOBahLluIj8KBG0JEkrCikNITHP/B+zuXYc47hgK7I720zCxKBnsihzvG
GQ+yNsRbAK3jmH0tqQ/1hPaEzfaRV5f4MXlb1tNSOqzEKKI4BZ7ovbSyKIZ50cV/
R38Y2bLQ3ejc9zWR8a87B7oBXbPwD3PS8cg8ycllCsS7ajY7Y858gg2lrgt8YnNe
p3/21b0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:02:12 2026 by rpki-client