Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/j7jCrIsqMJcGCU6v3_MhfncBGmU.roa
File: j7jCrIsqMJcGCU6v3_MhfncBGmU.roa (raw, json)
Hash identifier: nXAiToHifSC1NBCocPYjsfwz/YN5X6I+EcIkLfLsl5M=
Subject key identifier: 8F:B8:C2:AC:8B:2A:30:97:06:09:4E:AF:DF:F3:21:7E:77:01:1A:65
Certificate issuer: /CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Certificate serial: 019C7A54F2CE484E7FEB535D04ECF42F48FE
Authority key identifier: 4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/j7jCrIsqMJcGCU6v3_MhfncBGmU.roa
Signing time: Fri 20 Feb 2026 09:15:13 +0000
ROA not before: Fri 20 Feb 2026 09:15:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197100
IP address blocks: 46.34.32.0/22 maxlen: 22
46.34.36.0/24 maxlen: 24
46.34.40.0/24 maxlen: 24
46.34.50.0/24 maxlen: 24
46.34.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.mft
rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:54:f2:ce:48:4e:7f:eb:53:5d:04:ec:f4:2f:48:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a471cd6ce60abedd74762b101aa5e6f4207efce
Validity
Not Before: Feb 20 09:15:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8fb8c2ac8b2a309706094eafdff3217e77011a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3e:21:62:9f:bf:23:ff:13:9a:94:0c:a3:ea:
0c:65:ea:eb:0f:c6:da:37:4a:ca:9b:02:2f:56:3b:
94:dd:a9:be:e8:4a:50:37:8e:7a:a8:e5:bb:fe:44:
1d:c4:a0:71:1d:20:20:50:19:43:db:a9:e2:f7:3d:
0f:5c:8b:3d:92:88:40:e7:d0:9d:50:f5:90:d7:87:
3e:6b:a0:a7:f7:73:1e:e3:06:f9:6e:17:87:18:16:
28:e1:64:80:7f:98:ea:ff:a1:38:53:5e:8c:7d:3e:
76:65:e1:1c:7e:33:ac:4f:f9:34:80:64:23:b7:52:
35:1f:9c:94:06:37:43:78:51:ef:b8:03:47:b6:e8:
44:42:08:de:e9:65:25:d6:91:50:99:11:f8:3a:82:
1f:a1:87:02:e2:74:63:c9:53:9b:91:93:3b:3f:1e:
41:c4:48:14:19:d2:92:f0:05:30:0a:99:f0:22:02:
82:8b:d8:86:f6:3f:ef:65:b9:20:8f:da:84:5d:80:
97:b1:e3:d0:c6:9a:2a:e3:47:b1:71:61:4a:14:49:
b7:c3:ac:5a:76:c9:37:fa:d7:8f:2b:fc:60:d7:ca:
d2:d9:1e:85:fe:0c:ef:5b:6f:af:c4:12:db:5a:60:
57:20:d7:9b:97:ff:02:66:97:76:0e:5d:36:05:64:
ab:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B8:C2:AC:8B:2A:30:97:06:09:4E:AF:DF:F3:21:7E:77:01:1A:65
X509v3 Authority Key Identifier:
keyid:4A:47:1C:D6:CE:60:AB:ED:D7:47:62:B1:01:AA:5E:6F:42:07:EF:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Skcc1s5gq-3XR2KxAapeb0IH784.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/j7jCrIsqMJcGCU6v3_MhfncBGmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/e17714-467b-4433-9b7d-a6b991f4faf8/1/Skcc1s5gq-3XR2KxAapeb0IH784.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.32.0-46.34.36.255
46.34.40.0/24
46.34.50.0/24
46.34.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:64:dc:1c:ce:4e:6e:37:9d:22:e0:b2:b1:25:d9:4f:62:39:
06:04:45:72:fd:c1:5d:ad:d8:90:ec:60:7b:b3:d5:a5:a8:46:
87:72:6d:01:c7:66:31:2c:c6:71:f4:3e:f3:8f:1b:6a:9f:2f:
ae:b6:e7:87:a9:cd:e6:58:79:c5:33:2b:cc:4f:74:64:94:57:
16:17:1e:97:75:de:8b:7c:d1:8b:ef:6d:fb:be:aa:0b:ff:19:
a6:4f:9c:c5:7a:d1:ca:dc:c3:2d:cf:fb:ad:c2:44:bc:2a:a4:
a2:e2:9c:ee:b0:73:f3:0c:17:c9:9e:99:52:77:f3:de:40:2b:
13:8b:7b:89:78:d8:53:9a:81:b4:3b:8c:9d:bb:e4:dc:69:df:
24:4f:4d:fd:cb:90:7f:1e:f5:da:4f:85:47:75:92:eb:04:ce:
3c:0e:72:d0:b4:0d:f6:0f:a4:c8:2e:d0:68:35:13:f4:5f:ae:
2e:59:bf:23:b5:44:ee:78:08:d1:91:7c:f9:bf:cb:72:85:10:
1e:9e:08:1c:1b:8b:cb:1a:ff:5b:4b:ba:4e:94:46:84:39:0d:
8b:d0:d1:e5:7e:c2:da:c0:a5:55:7e:50:54:a7:a6:fb:9c:4f:
4d:03:a3:5b:a0:ab:0a:82:c2:c1:71:83:15:ff:96:9d:ef:ca:
30:a3:9a:d6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZx6VPLOSE5/61NdBOz0L0j+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNDcxY2Q2Y2U2MGFiZWRkNzQ3NjJiMTAxYWE1ZTZmNDIw
N2VmY2UwHhcNMjYwMjIwMDkxNTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI4YzJhYzhiMmEzMDk3MDYwOTRlYWZkZmYzMjE3ZTc3MDExYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzD4hYp+/I/8TmpQMo+oMZerrD8ba
N0rKmwIvVjuU3am+6EpQN456qOW7/kQdxKBxHSAgUBlD26ni9z0PXIs9kohA59Cd
UPWQ14c+a6Cn93Me4wb5bheHGBYo4WSAf5jq/6E4U16MfT52ZeEcfjOsT/k0gGQj
t1I1H5yUBjdDeFHvuANHtuhEQgje6WUl1pFQmRH4OoIfoYcC4nRjyVObkZM7Px5B
xEgUGdKS8AUwCpnwIgKCi9iG9j/vZbkgj9qEXYCXsePQxpoq40excWFKFEm3w6xa
dsk3+tePK/xg18rS2R6F/gzvW2+vxBLbWmBXINebl/8CZpd2Dl02BWSrBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFI+4wqyLKjCXBglOr9/zIX53ARplMB8GA1UdIwQY
MBaAFEpHHNbOYKvt10disQGqXm9CB+/OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2Qt
YTZiOTkxZjRmYWY4LzEvajdqQ3JJc3FNSmNHQ1U2djNfTWhmbmNCR21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9lMTc3MTQtNDY3Yi00NDMzLTliN2QtYTZiOTkxZjRmYWY4
LzEvU2tjYzFzNWdxLTNYUjJLeEFhcGViMElINzg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUuIiAD
BAAuIiQDBAAuIigDBAAuIjIDBAAuIj8wDQYJKoZIhvcNAQELBQADggEBAA9k3BzO
Tm43nSLgsrEl2U9iOQYERXL9wV2t2JDsYHuz1aWoRodybQHHZjEsxnH0PvOPG2qf
L66254epzeZYecUzK8xPdGSUVxYXHpd13ot80Yvvbfu+qgv/GaZPnMV60crcwy3P
+63CRLwqpKLinO6wc/MMF8memVJ3895AKxOLe4l42FOagbQ7jJ275Nxp3yRPTf3L
kH8e9dpPhUd1kusEzjwOctC0DfYPpMgu0Gg1E/Rfri5ZvyO1RO54CNGRfPm/y3KF
EB6eCBwbi8sa/1tLuk6URoQ5DYvQ0eV+wtrApVV+UFSnpvucT00Do1ugqwqCwsFx
gxX/lp3vyjCjmtY=
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:51:23 2026 by rpki-client