Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gWVoZTw_EZmHO5EV5U00eeBw7Ak.roa
File: gWVoZTw_EZmHO5EV5U00eeBw7Ak.roa (raw, json)
Hash identifier: FbRJTpkxn4SofZgM7qRP/j4Gbfj9ZjYqwdMhLK/wxnI=
Subject key identifier: 81:65:68:65:3C:3F:11:99:87:3B:91:15:E5:4D:34:79:E0:70:EC:09
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019D64E2EB28E0D8517013FBC39FDDD91950
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gWVoZTw_EZmHO5EV5U00eeBw7Ak.roa
Signing time: Mon 06 Apr 2026 22:21:26 +0000
ROA not before: Mon 06 Apr 2026 22:21:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.160.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.166.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:64:e2:eb:28:e0:d8:51:70:13:fb:c3:9f:dd:d9:19:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Apr 6 22:21:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=816568653c3f1199873b9115e54d3479e070ec09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c5:37:b4:de:bb:47:dc:17:e1:b0:52:9f:41:
ef:74:9e:20:a5:5d:ec:c0:e0:51:ed:58:03:ef:f2:
9a:2b:d5:40:a2:2a:83:3e:ad:cd:1d:43:cd:46:ed:
aa:56:95:86:ba:26:70:78:f0:70:2b:37:4e:e9:d7:
97:e2:db:80:4c:c8:87:5d:1b:ec:40:bd:cf:7d:a8:
c5:1a:5f:02:96:7c:fb:8d:46:ef:e8:26:03:b3:f8:
2a:a2:08:87:b1:a2:42:de:bd:b2:96:f3:73:9f:0a:
96:f8:6b:ce:3e:7e:4a:50:d1:1f:30:b5:b6:90:c6:
ba:1d:22:f4:3d:cc:6e:96:c8:24:78:b4:24:b1:0a:
1a:de:8b:3e:a1:a4:72:6f:50:21:ab:98:a5:f5:bb:
02:36:78:df:aa:4b:5f:01:ad:ed:9e:05:3c:c6:ae:
04:1b:17:20:cf:7f:8d:ef:21:83:38:22:26:e8:6a:
42:10:80:0b:ad:ac:b2:8e:4d:04:5f:96:82:47:9e:
68:db:4e:3e:c3:ab:00:be:c9:a8:66:77:17:e8:e1:
d7:fb:ca:b1:07:9b:52:d5:be:60:b4:89:c3:c0:06:
ae:ee:fd:6f:0e:d9:21:76:75:37:bd:5e:5f:57:57:
54:13:1b:53:da:93:9c:5d:df:26:c0:06:3b:86:bf:
41:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:65:68:65:3C:3F:11:99:87:3B:91:15:E5:4D:34:79:E0:70:EC:09
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gWVoZTw_EZmHO5EV5U00eeBw7Ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0/23
46.32.164.0/22
46.32.170.0/23
46.32.189.0-46.32.191.255
Signature Algorithm: sha256WithRSAEncryption
4d:a5:a2:e8:48:06:1a:80:7e:0a:f7:1b:6d:46:69:86:5b:ab:
fd:c7:f8:00:4f:c1:ea:f9:49:80:98:83:77:3b:b0:ee:e2:f9:
70:1c:88:6b:07:9b:95:ef:24:ed:9a:7b:00:dd:1d:9c:49:52:
55:f1:4b:07:e2:ee:fd:5b:4c:37:8c:b6:81:07:24:fd:89:67:
85:c8:1c:e6:81:72:81:80:d7:29:d6:f1:a9:5c:ff:50:2d:10:
ac:9d:c8:6c:f8:67:48:b3:98:05:b8:16:1d:48:9b:64:92:7c:
7a:c8:9d:56:f6:ec:d3:27:28:06:bc:42:52:89:6c:20:ad:9a:
03:27:77:e2:ab:67:1f:2b:46:03:fe:96:f0:87:8e:bc:f9:76:
5f:81:64:30:bd:41:ef:d2:f1:d3:28:e8:2d:9a:94:54:f5:2b:
d3:93:6c:24:36:c9:7e:e7:50:6d:09:7d:c1:2b:c7:17:7d:29:
02:40:dc:c4:0c:df:84:ac:e4:09:b9:eb:28:79:9c:40:ba:b1:
d1:f5:1e:fd:35:c7:09:be:1d:8d:df:35:e5:df:7e:1e:74:e6:
70:4e:46:da:6d:96:64:cb:44:33:62:ee:e1:7f:be:03:e2:b7:
bf:02:7b:f5:40:09:48:8d:a9:db:fe:a1:94:68:77:54:ad:b7:
e3:55:e1:61
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ1k4uso4NhRcBP7w5/d2RlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjYwNDA2MjIyMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY1Njg2NTNjM2YxMTk5ODczYjkxMTVlNTRkMzQ3OWUwNzBlYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sU3tN67R9wX4bBSn0HvdJ4gpV3s
wOBR7VgD7/KaK9VAoiqDPq3NHUPNRu2qVpWGuiZwePBwKzdO6deX4tuATMiHXRvs
QL3PfajFGl8Clnz7jUbv6CYDs/gqogiHsaJC3r2ylvNznwqW+GvOPn5KUNEfMLW2
kMa6HSL0PcxulsgkeLQksQoa3os+oaRyb1Ahq5il9bsCNnjfqktfAa3tngU8xq4E
Gxcgz3+N7yGDOCIm6GpCEIALrayyjk0EX5aCR55o204+w6sAvsmoZncX6OHX+8qx
B5tS1b5gtInDwAau7v1vDtkhdnU3vV5fV1dUExtT2pOcXd8mwAY7hr9BFwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIFlaGU8PxGZhzuRFeVNNHngcOwJMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvZ1dWb1pUd19FWm1ITzVFVjVVMDBlZUJ3N0FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLiCgAwQC
LiCkAwQBLiCqMAwDBAAuIL0DBAYuIIAwDQYJKoZIhvcNAQELBQADggEBAE2louhI
BhqAfgr3G21GaYZbq/3H+ABPwer5SYCYg3c7sO7i+XAciGsHm5XvJO2aewDdHZxJ
UlXxSwfi7v1bTDeMtoEHJP2JZ4XIHOaBcoGA1ynW8alc/1AtEKydyGz4Z0izmAW4
Fh1Im2SSfHrInVb27NMnKAa8QlKJbCCtmgMnd+KrZx8rRgP+lvCHjrz5dl+BZDC9
Qe/S8dMo6C2alFT1K9OTbCQ2yX7nUG0JfcErxxd9KQJA3MQM34Ss5Am56yh5nEC6
sdH1Hv01xwm+HY3fNeXffh505nBORtptlmTLRDNi7uF/vgPit78Ce/VACUiNqdv+
oZRod1Stt+NV4WE=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:05:40 2026 by rpki-client