Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lX3rRAPz9F8BPxbsIulUth9zmtg.roa
File: lX3rRAPz9F8BPxbsIulUth9zmtg.roa (raw, json)
Hash identifier: eoaguB0B1U4+OB+Tbnc82zIbw18sEzTCQ1o3nJux9nU=
Subject key identifier: 95:7D:EB:44:03:F3:F4:5F:01:3F:16:EC:22:E9:54:B6:1F:73:9A:D8
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01982848559394BC1DC6385499123ABD2C8A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lX3rRAPz9F8BPxbsIulUth9zmtg.roa
Signing time: Sun 20 Jul 2025 14:41:25 +0000
ROA not before: Sun 20 Jul 2025 14:41:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216169
IP address blocks: 46.38.136.0/24 maxlen: 24
46.38.137.0/24 maxlen: 24
46.38.142.0/24 maxlen: 24
109.94.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:28:48:55:93:94:bc:1d:c6:38:54:99:12:3a:bd:2c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 20 14:41:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=957deb4403f3f45f013f16ec22e954b61f739ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:40:5b:8e:db:bf:20:ec:cd:ea:1e:30:a6:3e:
66:a5:f6:94:af:3f:5b:13:41:8a:ab:c5:ed:a3:6b:
f3:68:ae:45:6d:71:4d:c2:6b:ee:38:4d:96:dc:ee:
83:34:5b:fb:ff:6e:77:c1:48:6a:1d:7f:a0:02:5f:
23:12:b1:be:ff:b4:7d:f6:51:6f:c3:ea:94:42:75:
e3:23:af:e3:3c:f6:71:98:52:33:84:8d:2d:91:6b:
49:d3:11:a1:bb:bb:b0:21:96:78:69:1d:68:3d:97:
0b:1f:1b:85:98:ee:28:01:e7:8c:36:32:a6:40:e8:
c0:7e:d3:d5:01:78:0c:4d:f2:89:cb:41:d2:31:59:
f3:c4:94:24:eb:f6:e1:fc:6f:81:02:d0:20:ef:ce:
8f:06:cc:fb:ae:88:5a:7e:1b:33:85:3c:6c:f5:8c:
b5:1a:58:15:07:26:df:72:fc:65:f6:3b:90:67:fe:
b4:ee:91:75:18:d9:a4:7e:98:2f:99:bb:2e:35:38:
75:1e:4d:28:5c:0b:32:6b:78:98:24:36:b4:69:20:
30:ab:8d:20:ac:b7:28:b6:18:fc:19:37:bd:2c:99:
74:3e:02:4f:b4:67:06:2d:9c:ca:90:63:da:32:27:
a3:15:a8:49:ae:5a:3c:37:a5:40:16:1d:4d:cf:29:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7D:EB:44:03:F3:F4:5F:01:3F:16:EC:22:E9:54:B6:1F:73:9A:D8
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/lX3rRAPz9F8BPxbsIulUth9zmtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.136.0/23
46.38.142.0/24
109.94.164.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:19:49:27:25:e3:4f:4e:53:db:63:be:ee:4e:bd:28:e1:5d:
29:01:3a:07:d9:16:c4:5c:fd:1e:0a:87:05:68:6e:6e:55:a5:
fb:8f:a6:d0:cb:b1:cd:3c:2f:9d:45:3d:51:ba:15:5e:c8:26:
88:e2:3d:d5:68:2f:4f:dc:c4:09:a2:fc:45:fd:f6:2d:36:a6:
3d:31:a7:0d:cb:92:75:f0:21:77:47:a2:3f:26:f1:21:fb:2d:
a5:e8:ad:71:5e:ee:c5:16:e7:b3:d4:bd:30:84:76:40:07:99:
b5:71:43:c4:42:b7:07:05:1d:2b:86:00:06:77:5a:9f:5f:40:
b1:04:1e:c6:e0:d1:b6:24:10:97:bb:86:36:41:1e:b9:e1:86:
cc:ae:21:03:1b:88:10:64:ce:54:a5:08:e0:e0:bf:53:9f:d2:
26:7c:b3:c6:65:8d:ea:09:5a:21:65:b8:17:3e:2e:75:13:af:
1d:1c:66:d8:0d:93:0f:d3:5f:e5:2b:9b:47:d3:0b:06:df:e1:
09:8f:72:ca:46:2f:82:fd:a6:ec:af:e2:02:86:9b:4b:1c:79:
54:8c:d9:b2:12:97:35:3b:2e:00:10:de:74:6d:e2:64:52:81:
4b:57:70:fb:db:57:b9:b0:0b:da:bc:26:78:10:17:a3:a8:fa:
1a:89:66:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgoSFWTlLwdxjhUmRI6vSyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNzIwMTQ0MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTdkZWI0NDAzZjNmNDVmMDEzZjE2ZWMyMmU5NTRiNjFmNzM5YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkBbjtu/IOzN6h4wpj5mpfaUrz9b
E0GKq8Xto2vzaK5FbXFNwmvuOE2W3O6DNFv7/253wUhqHX+gAl8jErG+/7R99lFv
w+qUQnXjI6/jPPZxmFIzhI0tkWtJ0xGhu7uwIZZ4aR1oPZcLHxuFmO4oAeeMNjKm
QOjAftPVAXgMTfKJy0HSMVnzxJQk6/bh/G+BAtAg786PBsz7rohafhszhTxs9Yy1
GlgVBybfcvxl9juQZ/607pF1GNmkfpgvmbsuNTh1Hk0oXAsya3iYJDa0aSAwq40g
rLcothj8GTe9LJl0PgJPtGcGLZzKkGPaMiejFahJrlo8N6VAFh1Nzym2VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJV960QD8/RfAT8W7CLpVLYfc5rYMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvbFgzclJBUHo5RjhCUHhic0l1bFV0aDl6bXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLiaIAwQA
LiaOAwQAbV6kMA0GCSqGSIb3DQEBCwUAA4IBAQAuGUknJeNPTlPbY77uTr0o4V0p
AToH2RbEXP0eCocFaG5uVaX7j6bQy7HNPC+dRT1RuhVeyCaI4j3VaC9P3MQJovxF
/fYtNqY9MacNy5J18CF3R6I/JvEh+y2l6K1xXu7FFuez1L0whHZAB5m1cUPEQrcH
BR0rhgAGd1qfX0CxBB7G4NG2JBCXu4Y2QR654YbMriEDG4gQZM5UpQjg4L9Tn9Im
fLPGZY3qCVohZbgXPi51E68dHGbYDZMP01/lK5tH0wsG3+EJj3LKRi+C/absr+IC
hptLHHlUjNmyEpc1Oy4AEN50beJkUoFLV3D721e5sAvavCZ4EBejqPoaiWar
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:47:58 2025 by rpki-client