Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/y8I8zTQVg4GxjAasyf6R5JPcs7Q.roa
File: y8I8zTQVg4GxjAasyf6R5JPcs7Q.roa (raw, json)
Hash identifier: oJbh60u2N8b9deVtLXSwbxA5m+GH3O/bjqhIgiz7mV0=
Subject key identifier: CB:C2:3C:CD:34:15:83:81:B1:8C:06:AC:C9:FE:91:E4:93:DC:B3:B4
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 019E8D68F75BCA77F57CBF3526FE7EF284F5
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/y8I8zTQVg4GxjAasyf6R5JPcs7Q.roa
Signing time: Wed 03 Jun 2026 12:15:27 +0000
ROA not before: Wed 03 Jun 2026 12:15:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 46.233.32.0/24 maxlen: 24
46.233.34.0/24 maxlen: 24
46.233.35.0/24 maxlen: 24
46.233.42.0/24 maxlen: 24
46.233.44.0/23 maxlen: 24
46.233.52.0/24 maxlen: 24
46.233.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:68:f7:5b:ca:77:f5:7c:bf:35:26:fe:7e:f2:84:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Jun 3 12:15:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbc23ccd34158381b18c06acc9fe91e493dcb3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:3f:df:c6:30:83:3f:6e:9d:99:77:82:b6:
64:f1:5b:bc:d6:1f:92:d5:4b:69:10:c7:42:39:3c:
0d:7c:d9:19:b4:31:4c:34:f0:6b:05:5e:5f:75:20:
89:65:7b:b5:6b:98:17:44:77:e9:a0:2b:b3:db:c6:
29:00:eb:ee:c2:90:c9:b8:d1:48:26:bb:b1:af:3c:
24:ca:15:bc:4a:5e:14:02:a7:cc:96:87:fd:80:b1:
6b:d7:34:ed:7c:39:d5:99:53:be:29:cd:bf:c2:bc:
fc:4f:0e:a1:7f:c0:c7:cd:05:f1:78:5f:14:03:83:
a8:6d:ed:1b:9d:c7:d5:62:40:e2:15:46:bb:fe:15:
80:be:e0:6a:68:2c:69:7c:a1:87:91:28:08:f6:92:
ee:9a:1f:73:e6:06:d7:33:31:95:69:08:5d:96:a8:
a0:68:d3:d7:f7:d0:bc:9c:c3:48:1e:4c:9b:d6:89:
16:8b:01:b0:a4:ff:9e:b4:7c:e0:dc:c1:ab:60:dd:
73:6d:6f:f8:6d:e0:07:b4:c9:ae:87:1e:68:51:c2:
d6:75:52:cd:78:d7:06:e9:08:15:98:ad:e2:26:74:
28:3f:47:8a:c7:30:a1:49:7e:32:9a:3d:41:d0:19:
00:75:79:ac:9d:92:48:3e:55:98:8b:be:66:69:7e:
7c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C2:3C:CD:34:15:83:81:B1:8C:06:AC:C9:FE:91:E4:93:DC:B3:B4
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/y8I8zTQVg4GxjAasyf6R5JPcs7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.32.0/24
46.233.34.0/23
46.233.42.0/24
46.233.44.0/23
46.233.52.0/24
46.233.62.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b7:38:17:a8:bb:9f:2c:84:08:ba:0e:59:1f:e2:89:3b:3c:
66:89:62:44:b7:a9:55:5a:cf:2a:60:a5:2a:7d:dc:8c:77:3d:
e9:02:fc:0a:0a:6e:4d:5e:dc:94:69:42:9a:70:33:7b:65:7f:
b0:42:dd:67:34:d7:6d:6d:19:59:c8:8b:a5:20:ef:c8:e3:b2:
75:7f:a4:9f:a4:5c:35:ec:b0:e9:0e:ba:f9:23:7a:6b:b3:00:
60:67:f6:74:99:46:11:2c:39:13:93:92:c9:0d:4f:3c:8c:46:
39:b0:bc:cf:b8:1e:32:d4:62:b9:80:8a:41:d4:5e:74:8c:fb:
21:04:26:76:5d:24:2e:e2:8d:cf:90:e7:a0:3c:30:f3:4c:fa:
80:3a:fb:b6:8f:04:ad:b1:4d:74:48:3f:22:b0:23:2c:bf:75:
5a:19:69:a3:69:58:08:b0:30:39:60:ee:28:2f:98:d3:5b:86:
82:84:fb:03:6b:dc:5c:80:54:f9:fb:da:37:0d:80:f5:b0:7e:
96:5a:55:c9:be:f2:a4:34:d4:16:59:ae:4c:2d:4b:48:80:14:
39:1b:39:09:f7:ac:fb:75:8a:38:f0:0d:e3:22:fe:33:26:aa:
3b:0d:84:57:02:7f:6f:2b:f2:59:d5:7b:f1:a8:45:bb:b3:3d:
ab:a6:74:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6NaPdbynf1fL81Jv5+8oT1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjYwNjAzMTIxNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmMyM2NjZDM0MTU4MzgxYjE4YzA2YWNjOWZlOTFlNDkzZGNiM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbw/38Ywgz9unZl3grZk8Vu81h+S
1UtpEMdCOTwNfNkZtDFMNPBrBV5fdSCJZXu1a5gXRHfpoCuz28YpAOvuwpDJuNFI
JruxrzwkyhW8Sl4UAqfMlof9gLFr1zTtfDnVmVO+Kc2/wrz8Tw6hf8DHzQXxeF8U
A4Oobe0bncfVYkDiFUa7/hWAvuBqaCxpfKGHkSgI9pLumh9z5gbXMzGVaQhdlqig
aNPX99C8nMNIHkyb1okWiwGwpP+etHzg3MGrYN1zbW/4beAHtMmuhx5oUcLWdVLN
eNcG6QgVmK3iJnQoP0eKxzChSX4ymj1B0BkAdXmsnZJIPlWYi75maX58wQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMvCPM00FYOBsYwGrMn+keST3LO0MB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEveThJOHpUUVZnNEd4akFhc3lmNlI1SlBjczdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALukgAwQB
LukiAwQALukqAwQBLuksAwQALuk0AwQALuk+MA0GCSqGSIb3DQEBCwUAA4IBAQBE
tzgXqLufLIQIug5ZH+KJOzxmiWJEt6lVWs8qYKUqfdyMdz3pAvwKCm5NXtyUaUKa
cDN7ZX+wQt1nNNdtbRlZyIulIO/I47J1f6SfpFw17LDpDrr5I3prswBgZ/Z0mUYR
LDkTk5LJDU88jEY5sLzPuB4y1GK5gIpB1F50jPshBCZ2XSQu4o3PkOegPDDzTPqA
Ovu2jwStsU10SD8isCMsv3VaGWmjaVgIsDA5YO4oL5jTW4aChPsDa9xcgFT5+9o3
DYD1sH6WWlXJvvKkNNQWWa5MLUtIgBQ5GzkJ96z7dYo48A3jIv4zJqo7DYRXAn9v
K/JZ1XvxqEW7sz2rpnTZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:56:10 2026 by rpki-client