Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gkrX8giQ6QIjeOJImpNrLasUcW8.roa
File: gkrX8giQ6QIjeOJImpNrLasUcW8.roa (raw, json)
Hash identifier: cVUYd7WZ6WTEztb7BgwmdLIllELNK+YG3dJF4zpe1s0=
Subject key identifier: 82:4A:D7:F2:08:90:E9:02:23:78:E2:48:9A:93:6B:2D:AB:14:71:6F
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 019E4B2CBB7CB0F234D7EF3E3341451AE450
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gkrX8giQ6QIjeOJImpNrLasUcW8.roa
Signing time: Thu 21 May 2026 15:34:43 +0000
ROA not before: Thu 21 May 2026 15:34:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.160.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.166.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 03:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4b:2c:bb:7c:b0:f2:34:d7:ef:3e:33:41:45:1a:e4:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: May 21 15:34:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=824ad7f20890e9022378e2489a936b2dab14716f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:05:1d:05:d6:da:b1:dc:e9:dd:f9:d0:6f:80:
6c:37:0b:ed:ad:d0:70:45:b0:6b:b4:2c:30:34:0c:
ae:77:52:0a:06:cc:16:8c:1a:ba:f8:76:b7:58:7d:
7c:cb:0d:79:f7:66:1f:6e:4d:78:6f:e2:4f:e5:c1:
f5:dc:4e:f9:d3:06:5e:b4:00:dc:b8:eb:c5:4c:d5:
7a:2b:c1:96:f3:e3:c6:db:8b:fa:e6:0e:fd:9c:17:
0b:f3:ed:dd:4b:27:d0:8b:38:83:3f:ac:f3:fd:4f:
9d:96:20:54:66:cb:d8:70:a6:38:3b:3b:c9:63:08:
f2:9b:48:d9:f1:35:ac:cd:fb:ea:3b:42:e1:36:eb:
49:18:76:ea:9b:ab:0b:fc:ee:10:32:a6:b7:40:6a:
dc:97:11:01:6b:a4:6c:5b:e2:a7:38:7e:ea:1e:08:
dd:36:2b:a6:1a:f4:9e:a9:0d:4e:d6:20:90:96:10:
c0:09:6a:1e:34:97:8a:be:6a:27:db:dc:b9:f6:60:
62:f3:a2:26:9e:69:44:25:cf:08:0f:10:47:18:e4:
5d:d1:49:04:40:b0:f8:ee:c0:b7:1f:17:54:43:16:
9d:ad:d4:96:ba:8f:c7:21:ed:dd:37:15:75:8c:8b:
e7:eb:c5:59:b5:23:66:3e:c0:ad:b0:5f:22:f5:87:
b0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:4A:D7:F2:08:90:E9:02:23:78:E2:48:9A:93:6B:2D:AB:14:71:6F
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/gkrX8giQ6QIjeOJImpNrLasUcW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0/23
46.32.164.0/22
46.32.170.0/23
46.32.189.0-46.32.191.255
Signature Algorithm: sha256WithRSAEncryption
11:d5:d3:ac:4f:ab:6d:26:72:0d:76:01:7a:dd:ae:4d:5e:65:
8c:b6:91:14:0e:b9:eb:f5:6f:e9:ee:0a:00:7b:23:8d:5b:85:
53:8d:f8:9e:31:9a:ab:b3:c8:8d:09:e3:85:3a:5a:f5:f6:51:
04:99:50:52:d6:83:5d:d7:1f:6d:d9:05:d0:e4:44:93:72:ee:
0d:de:1d:a2:4c:d2:d7:e5:60:61:aa:d1:1a:59:d8:a7:b7:36:
b9:bd:ac:9f:15:2f:a6:8b:21:42:0b:44:13:3a:50:6f:f1:80:
65:2b:4f:23:47:ac:89:de:9d:05:7a:df:f5:45:e5:02:fc:87:
fb:e0:c5:45:c0:f6:e8:b8:4b:f3:1d:5a:ff:e0:53:19:8e:a9:
c9:74:85:94:ff:71:17:00:ca:fd:35:f5:06:d8:3b:8e:97:d6:
35:0d:60:17:54:bf:11:0a:8e:ad:6a:54:fa:58:f4:61:ba:a9:
9d:c5:a6:4d:6c:12:f8:2e:6f:18:b7:60:8a:d3:d4:12:7d:c6:
13:e4:e5:b7:86:da:89:37:1e:a9:82:a7:d9:12:27:38:4b:7c:
ac:d8:fb:d6:a1:96:ea:2e:4e:b0:45:7a:99:ca:f8:c2:8a:cd:
8d:c3:9d:a1:01:c1:9f:f9:14:ea:c9:66:84:4e:38:c8:07:23:
c3:cd:2a:39
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ5LLLt8sPI01+8+M0FFGuRQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjYwNTIxMTUzNDQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjRhZDdmMjA4OTBlOTAyMjM3OGUyNDg5YTkzNmIyZGFiMTQ3MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/AUdBdbasdzp3fnQb4BsNwvtrdBw
RbBrtCwwNAyud1IKBswWjBq6+Ha3WH18yw1592Yfbk14b+JP5cH13E750wZetADc
uOvFTNV6K8GW8+PG24v65g79nBcL8+3dSyfQiziDP6zz/U+dliBUZsvYcKY4OzvJ
Ywjym0jZ8TWszfvqO0LhNutJGHbqm6sL/O4QMqa3QGrclxEBa6RsW+KnOH7qHgjd
NiumGvSeqQ1O1iCQlhDACWoeNJeKvmon29y59mBi86ImnmlEJc8IDxBHGORd0UkE
QLD47sC3HxdUQxadrdSWuo/HIe3dNxV1jIvn68VZtSNmPsCtsF8i9Yew/wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIJK1/IIkOkCI3jiSJqTay2rFHFvMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvZ2tyWDhnaVE2UUlqZU9KSW1wTnJMYXNVY1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLiCgAwQC
LiCkAwQBLiCqMAwDBAAuIL0DBAYuIIAwDQYJKoZIhvcNAQELBQADggEBABHV06xP
q20mcg12AXrdrk1eZYy2kRQOuev1b+nuCgB7I41bhVON+J4xmquzyI0J44U6WvX2
UQSZUFLWg13XH23ZBdDkRJNy7g3eHaJM0tflYGGq0RpZ2Ke3Nrm9rJ8VL6aLIUIL
RBM6UG/xgGUrTyNHrInenQV63/VF5QL8h/vgxUXA9ui4S/MdWv/gUxmOqcl0hZT/
cRcAyv019QbYO46X1jUNYBdUvxEKjq1qVPpY9GG6qZ3Fpk1sEvgubxi3YIrT1BJ9
xhPk5beG2ok3HqmCp9kSJzhLfKzY+9ahluouTrBFepnK+MKKzY3DnaEBwZ/5FOrJ
ZoROOMgHI8PNKjk=
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:40:35 2026 by rpki-client