Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/B9jipFHD8mb4oybP4aTpGxRFxFI.roa
File: B9jipFHD8mb4oybP4aTpGxRFxFI.roa (raw, json)
Hash identifier: sdDcW3llq1ji5GmBvwJRcxb305INEDAn/6c0o2Tn1gI=
Subject key identifier: 07:D8:E2:A4:51:C3:F2:66:F8:A3:26:CF:E1:A4:E9:1B:14:45:C4:52
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019EEFF908CE5D61BC318FF1F3B59BE4DB37
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/B9jipFHD8mb4oybP4aTpGxRFxFI.roa
Signing time: Mon 22 Jun 2026 15:35:35 +0000
ROA not before: Mon 22 Jun 2026 15:35:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56971
IP address blocks: 46.8.64.0/24 maxlen: 32
46.8.70.0/24 maxlen: 32
46.8.71.0/24 maxlen: 32
46.8.224.0/24 maxlen: 24
46.8.225.0/24 maxlen: 24
46.8.226.0/24 maxlen: 24
46.8.227.0/24 maxlen: 24
46.8.228.0/24 maxlen: 32
46.8.229.0/24 maxlen: 24
46.8.230.0/24 maxlen: 32
46.8.231.0/24 maxlen: 24
46.8.232.0/24 maxlen: 32
46.8.233.0/24 maxlen: 32
46.8.236.0/24 maxlen: 32
46.8.237.0/24 maxlen: 32
46.8.238.0/24 maxlen: 32
95.182.99.0/24 maxlen: 32
95.182.101.0/24 maxlen: 24
95.182.114.0/24 maxlen: 24
95.182.115.0/24 maxlen: 32
95.182.116.0/24 maxlen: 24
109.248.160.0/24 maxlen: 24
109.248.161.0/24 maxlen: 32
109.248.162.0/24 maxlen: 24
109.248.163.0/24 maxlen: 32
188.130.154.0/24 maxlen: 32
188.130.206.0/24 maxlen: 32
188.130.207.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Jun 2026 08:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ef:f9:08:ce:5d:61:bc:31:8f:f1:f3:b5:9b:e4:db:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 22 15:35:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07d8e2a451c3f266f8a326cfe1a4e91b1445c452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5c:c1:bf:d9:9b:e9:5f:20:02:37:bb:7e:68:
47:ca:f5:f6:31:e6:bf:4d:57:c8:97:5b:6e:8f:29:
da:f4:d8:f3:5d:50:2d:cd:0c:50:d0:2b:0e:f1:4c:
c5:dc:6e:90:a3:bb:84:4c:3f:4c:cc:ce:e4:79:c9:
91:d6:df:dc:f9:e4:a9:bc:12:15:63:65:7a:23:25:
6b:3f:c8:53:01:65:06:23:07:f2:9a:33:f2:c7:38:
88:43:be:38:2c:05:9a:13:33:ee:4d:d5:a0:2e:ed:
0d:56:84:1c:64:42:7c:b5:85:53:f0:67:4f:95:23:
17:15:4d:de:3d:63:28:88:6a:db:7b:a7:38:5e:ea:
78:4f:a5:6a:54:1f:94:09:86:95:39:9c:16:4e:5c:
7b:c1:04:2b:d3:90:e9:1c:7b:69:74:30:e2:2d:e5:
c9:d9:79:3a:33:2d:12:76:85:b8:e1:76:6e:46:4b:
9a:2f:c0:98:8f:45:f0:11:87:1f:ac:68:09:f9:74:
49:7a:c3:c8:08:cb:c6:59:6d:d6:82:a5:b7:a2:24:
99:bd:eb:61:a4:01:e4:aa:a1:cc:ca:48:12:f8:c1:
6a:9d:a4:f7:cb:cb:25:f5:45:6a:2d:92:40:91:6e:
62:db:20:d6:70:90:7d:de:c3:fb:4b:13:27:35:4a:
e3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D8:E2:A4:51:C3:F2:66:F8:A3:26:CF:E1:A4:E9:1B:14:45:C4:52
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/B9jipFHD8mb4oybP4aTpGxRFxFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.64.0/24
46.8.70.0/23
46.8.224.0-46.8.233.255
46.8.236.0-46.8.238.255
95.182.99.0/24
95.182.101.0/24
95.182.114.0-95.182.116.255
109.248.160.0/22
188.130.154.0/24
188.130.206.0/23
Signature Algorithm: sha256WithRSAEncryption
10:b1:c9:59:25:75:f7:7b:35:ce:97:1e:c6:bc:aa:b0:6e:08:
90:50:fa:17:d5:53:71:e3:f6:89:3c:ff:9d:1b:b1:71:a1:13:
95:80:11:49:4d:ed:10:ac:64:67:2f:c6:61:b7:fc:f1:de:60:
09:5b:e5:86:2d:08:27:92:4d:c6:51:b4:cf:84:b2:74:7e:65:
bd:22:f3:7a:c1:2f:bd:66:23:20:29:72:f1:34:3a:80:88:9e:
3a:0d:13:53:fa:75:36:f7:01:b2:13:6a:26:1e:98:45:4e:4a:
df:e6:18:55:d0:0d:08:84:bf:a1:82:26:9b:fa:e0:55:6e:6a:
83:91:21:9c:78:20:4d:0d:7a:57:86:a2:77:bc:77:8f:50:ae:
fe:c0:ee:e8:e0:6f:68:a4:a9:18:09:15:4a:7a:4e:3d:bb:62:
e2:5a:5f:28:a3:3e:cf:9e:56:a9:aa:77:52:44:7c:98:66:f1:
a9:f1:2f:53:cb:4f:99:7b:d7:37:d9:33:50:f5:a6:82:19:c5:
5c:1a:ba:59:cc:b3:7e:7a:ac:bf:5b:12:05:3f:7c:6c:59:45:
ad:78:9c:28:88:9e:41:54:0d:ce:ca:3e:66:98:5f:e3:98:54:
33:fe:85:67:3b:dd:89:13:d0:a2:96:e2:8a:47:7b:5c:90:e4:
71:05:58:da
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ7v+QjOXWG8MY/x87Wb5Ns3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjYwNjIyMTUzNTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Q4ZTJhNDUxYzNmMjY2ZjhhMzI2Y2ZlMWE0ZTkxYjE0NDVjNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVzBv9mb6V8gAje7fmhHyvX2Mea/
TVfIl1tujyna9NjzXVAtzQxQ0CsO8UzF3G6Qo7uETD9MzM7kecmR1t/c+eSpvBIV
Y2V6IyVrP8hTAWUGIwfymjPyxziIQ744LAWaEzPuTdWgLu0NVoQcZEJ8tYVT8GdP
lSMXFU3ePWMoiGrbe6c4Xup4T6VqVB+UCYaVOZwWTlx7wQQr05DpHHtpdDDiLeXJ
2Xk6My0SdoW44XZuRkuaL8CYj0XwEYcfrGgJ+XRJesPICMvGWW3WgqW3oiSZveth
pAHkqqHMykgS+MFqnaT3y8sl9UVqLZJAkW5i2yDWcJB93sP7SxMnNUrj0wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFAfY4qRRw/Jm+KMmz+Gk6RsURcRSMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvQjlqaXBGSEQ4bWI0b3liUDRhVHBHeFJGeEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALghAAwQB
LghGMAwDBAUuCOADBAEuCOgwDAMEAi4I7AMEAC4I7gMEAF+2YwMEAF+2ZTAMAwQB
X7ZyAwQAX7Z0AwQCbfigAwQAvIKaAwQBvILOMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
sclZJXX3ezXOlx7GvKqwbgiQUPoX1VNx4/aJPP+dG7FxoROVgBFJTe0QrGRnL8Zh
t/zx3mAJW+WGLQgnkk3GUbTPhLJ0fmW9IvN6wS+9ZiMgKXLxNDqAiJ46DRNT+nU2
9wGyE2omHphFTkrf5hhV0A0IhL+hgiab+uBVbmqDkSGceCBNDXpXhqJ3vHePUK7+
wO7o4G9opKkYCRVKek49u2LiWl8ooz7PnlapqndSRHyYZvGp8S9Ty0+Ze9c32TNQ
9aaCGcVcGrpZzLN+eqy/WxIFP3xsWUWteJwoiJ5BVA3Oyj5mmF/jmFQz/oVnO92J
E9CiluKKR3tckORxBVja
-----END CERTIFICATE-----
Generated at Sun Jun 28 15:18:46 2026 by rpki-client