Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/43_sVtEAN9sM_Gli2Ps4fniRmp0.roa
File: 43_sVtEAN9sM_Gli2Ps4fniRmp0.roa (raw, json)
Hash identifier: mPUPR17j/yq0N5BXWN68FmsKnul+BBbJTK0lc4PAKLI=
Subject key identifier: E3:7F:EC:56:D1:00:37:DB:0C:FC:69:62:D8:FB:38:7E:78:91:9A:9D
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019EA78A77F59D4CDC93046915A3DDA068DA
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/43_sVtEAN9sM_Gli2Ps4fniRmp0.roa
Signing time: Mon 08 Jun 2026 14:02:10 +0000
ROA not before: Mon 08 Jun 2026 14:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30738
IP address blocks: 46.8.120.0/21 maxlen: 24
188.130.182.0/24 maxlen: 24
188.130.228.0/22 maxlen: 24
188.130.231.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:8a:77:f5:9d:4c:dc:93:04:69:15:a3:dd:a0:68:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 8 14:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e37fec56d10037db0cfc6962d8fb387e78919a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:35:02:38:55:b0:21:50:6f:b6:f9:61:ed:d2:
b6:5a:b0:d4:ba:b6:b4:76:0c:2d:66:47:0b:d3:9e:
d2:0e:13:54:52:30:43:09:10:f8:df:24:91:e4:5d:
10:d3:22:ba:e9:e9:fe:32:33:63:be:d3:3a:05:50:
2a:49:bb:e9:5c:68:0b:76:64:d3:ac:5d:47:6a:c4:
f8:6b:18:0e:aa:ca:67:3b:79:27:e5:c4:2b:5b:ad:
4f:3b:39:42:e3:b4:27:54:fc:cb:93:7e:eb:6b:2a:
bf:32:b7:ee:a1:94:10:a5:18:b2:58:db:a9:c9:3e:
59:44:00:8b:13:7e:18:13:ed:41:fc:8a:07:1d:ce:
f9:e4:2a:55:01:a2:c6:83:c4:8e:9e:21:7c:9c:02:
b4:55:d3:6f:a2:d9:80:32:e5:4a:2d:96:6e:49:1b:
0d:2c:b2:27:86:da:8f:59:51:ce:25:8e:0a:62:e2:
b7:86:0f:c0:a6:71:70:a8:58:01:41:1d:eb:83:2c:
cc:a2:43:46:48:d5:7a:35:1a:ab:41:a2:f6:b4:f0:
26:f3:1a:eb:20:7b:38:9d:2e:38:d1:ab:42:a3:9b:
5b:f8:ec:bb:0b:b7:c0:19:ac:d0:89:b3:fb:81:67:
1c:b3:60:f0:f8:a7:26:63:68:16:70:45:04:ed:20:
f3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7F:EC:56:D1:00:37:DB:0C:FC:69:62:D8:FB:38:7E:78:91:9A:9D
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/43_sVtEAN9sM_Gli2Ps4fniRmp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.120.0/21
188.130.182.0/24
188.130.228.0/22
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
46:72:ca:b6:d8:93:08:9a:4e:12:04:d7:0c:71:22:24:16:7c:
70:dc:06:c6:c3:fa:ea:09:98:1f:eb:3e:c8:bd:0e:ad:19:01:
1d:60:89:83:fc:2b:be:59:3f:7f:9a:ff:85:dd:2f:45:e6:62:
11:15:ae:a0:62:1a:30:98:c1:99:0a:0d:6d:38:60:a4:d6:79:
59:87:56:a2:c9:bd:cb:bd:cb:be:f4:26:80:3e:db:5a:d7:53:
5f:33:63:01:fe:e1:64:53:fd:dd:7d:2b:b6:32:16:ff:00:d5:
59:29:5a:2b:2a:c1:b9:53:fa:17:80:ce:1d:ba:0c:16:e6:b1:
d3:d1:cd:a5:30:56:3e:06:81:84:eb:93:72:da:16:5c:e9:8b:
32:fb:e0:68:9c:e6:3f:c4:f2:b1:99:0f:67:11:1b:14:6a:4d:
c3:24:e7:a3:4d:5f:e6:4d:8d:ce:22:15:b4:6a:d7:f7:3e:0b:
f1:05:79:a4:87:b9:f7:4f:3e:eb:43:39:62:ea:0e:65:7a:ba:
25:18:94:4b:e9:17:fe:75:9f:17:3f:70:7a:35:6a:d2:8c:cc:
04:d1:f5:98:14:e8:6e:93:ec:67:2b:50:2a:96:06:5b:91:e7:
db:99:9d:98:1b:9b:81:ed:98:57:fc:86:db:b3:57:8c:0e:31:
11:c4:a0:d9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ6ninf1nUzckwRpFaPdoGjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjYwNjA4MTQwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzdmZWM1NmQxMDAzN2RiMGNmYzY5NjJkOGZiMzg3ZTc4OTE5YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzUCOFWwIVBvtvlh7dK2WrDUura0
dgwtZkcL057SDhNUUjBDCRD43ySR5F0Q0yK66en+MjNjvtM6BVAqSbvpXGgLdmTT
rF1HasT4axgOqspnO3kn5cQrW61POzlC47QnVPzLk37rayq/MrfuoZQQpRiyWNup
yT5ZRACLE34YE+1B/IoHHc755CpVAaLGg8SOniF8nAK0VdNvotmAMuVKLZZuSRsN
LLInhtqPWVHOJY4KYuK3hg/ApnFwqFgBQR3rgyzMokNGSNV6NRqrQaL2tPAm8xrr
IHs4nS440atCo5tb+Oy7C7fAGazQibP7gWccs2Dw+KcmY2gWcEUE7SDzxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFON/7FbRADfbDPxpYtj7OH54kZqdMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvNDNfc1Z0RUFOOXNNX0dsaTJQczRmbmlSbXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDLgh4AwQA
vIK2AwQCvILkAwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQBGcsq22JMImk4SBNcMcSIkFnxw3AbGw/rqCZgf6z7IvQ6tGQEdYImD/Cu+WT9/
mv+F3S9F5mIRFa6gYhowmMGZCg1tOGCk1nlZh1aiyb3Lvcu+9CaAPtta11NfM2MB
/uFkU/3dfSu2Mhb/ANVZKVorKsG5U/oXgM4dugwW5rHT0c2lMFY+BoGE65Ny2hZc
6Ysy++BonOY/xPKxmQ9nERsUak3DJOejTV/mTY3OIhW0atf3PgvxBXmkh7n3Tz7r
Qzli6g5lerolGJRL6Rf+dZ8XP3B6NWrSjMwE0fWYFOhuk+xnK1AqlgZbkefbmZ2Y
G5uB7ZhX/Ibbs1eMDjERxKDZ
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:03 2026 by rpki-client