Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/_99AWFxBbGdkFx08skTKGbVwf1E.roa
File: _99AWFxBbGdkFx08skTKGbVwf1E.roa (raw, json)
Hash identifier: wfKfs4N3JkvFebFzqwY761KKN3vThIsFzZUqv3dY+ns=
Subject key identifier: FF:DF:40:58:5C:41:6C:67:64:17:1D:3C:B2:44:CA:19:B5:70:7F:51
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 019803D8AF03E34AF2685C1B67CF6638DFB6
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/_99AWFxBbGdkFx08skTKGbVwf1E.roa
Signing time: Sun 13 Jul 2025 12:53:08 +0000
ROA not before: Sun 13 Jul 2025 12:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51788
IP address blocks: 46.148.32.0/24 maxlen: 24
46.148.33.0/24 maxlen: 24
46.148.34.0/24 maxlen: 24
46.148.37.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.42.0/24 maxlen: 24
46.148.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:03:d8:af:03:e3:4a:f2:68:5c:1b:67:cf:66:38:df:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Jul 13 12:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffdf40585c416c6764171d3cb244ca19b5707f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:0e:8a:90:6b:54:c5:da:66:fc:09:cc:34:
f2:b0:bf:63:0d:d8:7a:38:e7:cf:49:5c:aa:ec:39:
98:e2:13:d0:4d:ca:1b:f2:d6:f6:42:b8:3f:e5:45:
85:7e:de:0c:56:25:87:52:14:e9:a2:f8:d0:58:bb:
a4:0e:40:f2:7a:50:c6:49:96:2a:38:8e:8e:50:2b:
5c:cc:b7:47:99:6d:5e:94:9e:17:23:ba:43:7d:9a:
d9:3f:5a:af:fe:b6:52:28:e4:21:4e:a2:8f:7d:3d:
8d:f6:35:6d:e4:fc:a7:f1:ba:d6:a4:40:20:43:cb:
4a:76:9f:64:34:6c:60:12:bc:41:08:b6:60:c0:32:
00:db:ce:6d:5e:8e:9e:fc:85:0c:0f:6e:8f:73:83:
b1:55:ef:a5:14:fe:38:05:fd:92:29:c0:4d:89:73:
76:9d:c3:05:2c:58:6a:93:7a:eb:1a:cc:0b:43:bf:
c3:83:d6:d4:b1:6c:1b:2b:82:16:10:89:20:55:c9:
f3:fb:ee:11:af:6f:eb:b6:7e:b1:57:d0:d4:de:84:
a1:4e:95:89:59:21:9f:d1:55:17:bd:78:7c:43:7f:
ad:21:af:76:9e:f0:d7:3d:5e:78:bb:9a:54:81:f7:
4a:7e:52:ed:98:ef:15:b4:82:2c:79:d9:d9:64:39:
1f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DF:40:58:5C:41:6C:67:64:17:1D:3C:B2:44:CA:19:B5:70:7F:51
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/_99AWFxBbGdkFx08skTKGbVwf1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.32.0-46.148.34.255
46.148.37.0/24
46.148.41.0-46.148.42.255
46.148.47.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:31:5d:eb:bc:0f:9f:a0:6c:6b:08:5f:fe:ba:ee:92:3c:11:
52:7f:fc:a4:1d:12:cb:3c:cf:95:75:67:44:23:79:10:e5:64:
22:45:27:e3:9a:b7:1f:3c:19:f0:e9:cf:14:31:ba:57:0c:e0:
e8:0f:de:75:9d:8b:2b:21:51:84:70:a7:8d:38:78:14:7d:81:
65:de:02:90:e6:cc:41:30:5a:90:09:10:0e:ba:6b:f3:46:b2:
f3:d1:a5:e6:b0:03:e8:ea:ca:2d:f9:ef:c7:e9:8b:31:0e:86:
4c:bc:e1:d6:28:d7:d8:af:e3:1b:c1:c0:ac:a3:ef:1a:c9:33:
0e:7d:57:6c:fd:93:69:b5:5e:cd:ba:b7:c8:75:4c:dc:67:27:
5f:a6:07:5a:d2:93:4c:92:8b:1f:3b:4a:b7:6d:6f:11:f4:55:
6b:26:37:a7:16:b9:4c:b4:a8:e1:02:b9:ef:b9:a4:5c:99:f1:
3d:bf:aa:e6:02:c5:0f:aa:dd:f1:33:c0:c8:de:7c:69:c7:b1:
9a:7a:a0:1e:83:7f:82:53:52:3e:d2:fa:05:49:39:ce:1b:7c:
8a:ab:d5:71:8a:02:b4:a6:41:4b:59:f3:69:f7:1b:da:a4:0a:
4a:18:dd:a4:89:74:62:bc:ae:07:4b:e4:2e:27:82:94:dc:2c:
e2:23:86:4f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZgD2K8D40ryaFwbZ89mON+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjUwNzEzMTI1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRmNDA1ODVjNDE2YzY3NjQxNzFkM2NiMjQ0Y2ExOWI1NzA3ZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2wOipBrVMXaZvwJzDTysL9jDdh6
OOfPSVyq7DmY4hPQTcob8tb2Qrg/5UWFft4MViWHUhTpovjQWLukDkDyelDGSZYq
OI6OUCtczLdHmW1elJ4XI7pDfZrZP1qv/rZSKOQhTqKPfT2N9jVt5Pyn8brWpEAg
Q8tKdp9kNGxgErxBCLZgwDIA285tXo6e/IUMD26Pc4OxVe+lFP44Bf2SKcBNiXN2
ncMFLFhqk3rrGswLQ7/Dg9bUsWwbK4IWEIkgVcnz++4Rr2/rtn6xV9DU3oShTpWJ
WSGf0VUXvXh8Q3+tIa92nvDXPV54u5pUgfdKflLtmO8VtIIsednZZDkf4QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP/fQFhcQWxnZBcdPLJEyhm1cH9RMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvXzk5QVdGeEJiR2RrRngwOHNrVEtHYlZ3ZjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAUulCAD
BAAulCIDBAAulCUwDAMEAC6UKQMEAC6UKgMEAC6ULzANBgkqhkiG9w0BAQsFAAOC
AQEATDFd67wPn6Bsawhf/rrukjwRUn/8pB0SyzzPlXVnRCN5EOVkIkUn45q3HzwZ
8OnPFDG6Vwzg6A/edZ2LKyFRhHCnjTh4FH2BZd4CkObMQTBakAkQDrpr80ay89Gl
5rAD6OrKLfnvx+mLMQ6GTLzh1ijX2K/jG8HArKPvGskzDn1XbP2TabVezbq3yHVM
3GcnX6YHWtKTTJKLHztKt21vEfRVayY3pxa5TLSo4QK577mkXJnxPb+q5gLFD6rd
8TPAyN58acexmnqgHoN/glNSPtL6BUk5zht8iqvVcYoCtKZBS1nzafcb2qQKShjd
pIl0YryuB0vkLieClNws4iOGTw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 14:28:31 2025 by rpki-client