Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/p6BywI9GGwmeb7zmkwPwYCeFaw0.roa
File: p6BywI9GGwmeb7zmkwPwYCeFaw0.roa (raw, json)
Hash identifier: FmT1evBUP1t9QXDygh7a4PaImArT/MjNy+wH/psOeog=
Subject key identifier: A7:A0:72:C0:8F:46:1B:09:9E:6F:BC:E6:93:03:F0:60:27:85:6B:0D
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 019803D8AE70FFB22C1883D23B9FD7E19195
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/p6BywI9GGwmeb7zmkwPwYCeFaw0.roa
Signing time: Sun 13 Jul 2025 12:53:08 +0000
ROA not before: Sun 13 Jul 2025 12:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43395
IP address blocks: 46.148.35.0/24 maxlen: 24
46.148.36.0/24 maxlen: 24
46.148.38.0/24 maxlen: 24
46.148.40.0/24 maxlen: 24
46.148.43.0/24 maxlen: 24
46.148.44.0/24 maxlen: 24
46.148.45.0/24 maxlen: 24
46.148.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 03:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:03:d8:ae:70:ff:b2:2c:18:83:d2:3b:9f:d7:e1:91:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Jul 13 12:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7a072c08f461b099e6fbce69303f06027856b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:eb:f5:ec:3a:56:92:26:27:6e:ab:76:48:b0:
7d:e2:a3:b4:a2:59:c7:ea:2f:31:29:13:62:76:9c:
1a:4d:ab:79:1b:de:85:bf:f9:cd:85:b3:dc:64:55:
03:8b:35:9d:10:07:13:ec:08:41:70:c6:b6:0f:0a:
17:b8:65:1a:17:ec:c4:50:cc:03:41:a0:83:2a:4a:
ad:1a:37:9a:5a:0b:15:13:fc:c8:3e:56:60:cc:13:
1c:dd:9b:ea:a5:c1:85:d7:0a:69:81:69:dd:e7:05:
ab:04:5a:81:65:d4:bb:c0:d4:6d:81:38:f6:3b:f1:
57:09:1f:1d:7a:55:fb:74:6b:39:da:6f:78:a0:87:
94:73:c7:b0:0c:cd:c3:cc:4b:13:a5:42:be:51:64:
1a:f2:6b:a9:7a:2a:2f:ab:c9:7c:42:ed:f6:56:28:
d4:3a:3c:0b:22:01:fc:ac:6d:11:dc:02:9f:ce:02:
12:a1:67:c3:26:2d:68:f8:eb:be:bb:db:30:ec:84:
e0:cc:02:96:ed:a0:16:d4:dd:62:ba:ab:fc:e6:c8:
8b:4a:c5:fc:03:9f:12:1b:73:60:ef:82:d2:0e:e8:
03:df:33:74:78:58:72:36:f4:ae:ad:34:a3:29:a9:
4a:42:6b:dc:01:45:01:a4:9d:f7:47:14:9e:d1:f0:
51:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A0:72:C0:8F:46:1B:09:9E:6F:BC:E6:93:03:F0:60:27:85:6B:0D
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/p6BywI9GGwmeb7zmkwPwYCeFaw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.35.0-46.148.36.255
46.148.38.0/24
46.148.40.0/24
46.148.43.0-46.148.46.255
Signature Algorithm: sha256WithRSAEncryption
3b:25:34:87:f4:f1:98:ca:d3:99:fa:5c:ad:83:70:02:d8:35:
0a:4a:3c:39:9a:1f:ee:7f:9e:ae:d9:b5:83:5f:bd:10:7e:13:
38:c5:55:cc:aa:0d:38:9f:20:43:8e:15:74:bb:bd:34:4a:ff:
a7:06:92:67:22:e1:ff:88:c8:7c:13:4f:47:af:19:6b:94:7b:
66:b2:0f:52:d5:c4:84:d8:20:83:95:bd:08:77:82:56:2f:a9:
db:0a:8c:50:36:42:ab:65:30:72:f0:c0:9c:39:94:67:23:b7:
de:8d:6e:8e:4d:7e:5b:c3:17:20:f8:f1:e8:3f:ce:36:fe:20:
5e:9b:b9:8c:40:21:0c:93:e7:48:ea:b5:a4:8d:72:d8:c4:06:
9d:fc:63:e4:07:7c:39:1d:49:0c:bc:74:fc:b5:d3:9f:0e:14:
2c:54:10:4c:a5:71:35:6b:12:09:ad:54:53:14:69:6c:88:9f:
93:ac:de:b6:c1:1b:0d:92:f6:8f:6a:3a:7b:29:de:9a:20:38:
5a:35:19:42:0a:d9:9e:b0:6c:bc:50:c9:9d:95:80:ba:9b:0d:
e5:8e:cd:f0:e5:2b:26:b3:2e:e7:3c:8a:ac:67:03:9c:e9:8b:
74:cc:1b:02:8e:2f:0e:65:ca:9e:f3:bd:b8:8b:4c:0f:f3:6f:
d4:be:46:6d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZgD2K5w/7IsGIPSO5/X4ZGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjUwNzEzMTI1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2EwNzJjMDhmNDYxYjA5OWU2ZmJjZTY5MzAzZjA2MDI3ODU2YjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArev17DpWkiYnbqt2SLB94qO0olnH
6i8xKRNidpwaTat5G96Fv/nNhbPcZFUDizWdEAcT7AhBcMa2DwoXuGUaF+zEUMwD
QaCDKkqtGjeaWgsVE/zIPlZgzBMc3ZvqpcGF1wppgWnd5wWrBFqBZdS7wNRtgTj2
O/FXCR8delX7dGs52m94oIeUc8ewDM3DzEsTpUK+UWQa8mupeiovq8l8Qu32VijU
OjwLIgH8rG0R3AKfzgISoWfDJi1o+Ou+u9sw7ITgzAKW7aAW1N1iuqv85siLSsX8
A58SG3Ng74LSDugD3zN0eFhyNvSurTSjKalKQmvcAUUBpJ33RxSe0fBRVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKegcsCPRhsJnm+85pMD8GAnhWsNMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvcDZCeXdJOUdHd21lYjd6bWt3UHdZQ2VGYXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAulCMD
BAAulCQDBAAulCYDBAAulCgwDAMEAC6UKwMEAC6ULjANBgkqhkiG9w0BAQsFAAOC
AQEAOyU0h/TxmMrTmfpcrYNwAtg1Cko8OZof7n+ertm1g1+9EH4TOMVVzKoNOJ8g
Q44VdLu9NEr/pwaSZyLh/4jIfBNPR68Za5R7ZrIPUtXEhNggg5W9CHeCVi+p2wqM
UDZCq2UwcvDAnDmUZyO33o1ujk1+W8MXIPjx6D/ONv4gXpu5jEAhDJPnSOq1pI1y
2MQGnfxj5Ad8OR1JDLx0/LXTnw4ULFQQTKVxNWsSCa1UUxRpbIifk6zetsEbDZL2
j2o6eynemiA4WjUZQgrZnrBsvFDJnZWAupsN5Y7N8OUrJrMu5zyKrGcDnOmLdMwb
Ao4vDmXKnvO9uItMD/Nv1L5GbQ==
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:43:47 2025 by rpki-client