Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/vB2mYLl-xpJ0Cq2pgFmm7hPz5-I.roa
File: vB2mYLl-xpJ0Cq2pgFmm7hPz5-I.roa (raw, json)
Hash identifier: HlHkoQbOa1Me9Kya+Z65Q2TAdCYsxm5jyaE8OV2FKvQ=
Subject key identifier: BC:1D:A6:60:B9:7E:C6:92:74:0A:AD:A9:80:59:A6:EE:13:F3:E7:E2
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0198229068BCF83A9F5CEFC3B2702E5AE26E
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/vB2mYLl-xpJ0Cq2pgFmm7hPz5-I.roa
Signing time: Sat 19 Jul 2025 12:02:25 +0000
ROA not before: Sat 19 Jul 2025 12:02:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:22:90:68:bc:f8:3a:9f:5c:ef:c3:b2:70:2e:5a:e2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 19 12:02:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc1da660b97ec692740aada98059a6ee13f3e7e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:29:3b:98:fe:f5:e8:df:27:52:d4:f0:c6:9c:
04:ce:ec:38:f7:fb:4e:8f:94:2e:08:64:a5:76:08:
1d:05:93:08:59:86:3f:47:a8:cb:44:b4:4e:ad:31:
7a:63:95:86:d4:47:d7:ef:c9:71:ab:6d:46:28:e6:
12:f8:eb:b4:9c:07:b8:43:69:b0:ab:f5:ca:49:a8:
ba:49:6c:4b:a3:e1:0b:9c:3b:4e:af:12:0d:49:e4:
0d:27:8c:37:66:be:9c:a3:47:f4:3b:aa:63:ba:98:
6b:24:d2:15:04:be:1c:f9:0c:65:4e:17:66:2b:ee:
53:20:5d:04:bd:e6:41:e3:47:ce:2f:40:c0:7a:e2:
a1:f2:39:17:71:59:14:e0:4c:88:d5:45:58:7c:3f:
be:bc:0d:9e:f1:40:bc:72:80:d0:fc:3c:b1:ab:c0:
7b:36:1d:1a:05:81:6a:96:ea:b0:82:8b:c3:27:dd:
96:36:16:0e:9b:0b:41:4d:31:96:14:ec:41:7e:d7:
37:64:2a:96:fa:f6:cc:e3:6c:da:38:96:2e:0b:ae:
63:c4:cf:69:06:50:94:15:6a:4b:20:c0:4d:4e:3f:
8b:bd:56:a6:2f:c5:aa:cf:18:70:8f:80:10:68:f7:
86:a3:a3:7c:fb:b7:9d:87:8e:24:71:56:4b:ba:2d:
54:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:1D:A6:60:B9:7E:C6:92:74:0A:AD:A9:80:59:A6:EE:13:F3:E7:E2
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/vB2mYLl-xpJ0Cq2pgFmm7hPz5-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
9e:57:ee:f2:89:8f:35:4b:2e:f4:be:7a:32:85:69:9e:ac:af:
ea:da:01:ca:d8:40:16:ec:6f:01:c6:76:85:af:37:81:e7:f7:
b3:00:b0:15:04:fe:6d:ce:3d:aa:0e:61:c5:73:1b:7f:47:c1:
2c:fb:95:00:89:bd:ad:bf:bc:d6:e9:2a:c4:e3:d6:d9:7c:86:
f7:5d:24:b5:14:9d:0e:9d:ed:d9:d0:58:10:ea:5a:b5:e9:ad:
52:1a:c8:61:13:4b:08:60:d4:38:93:10:06:9a:fa:9d:76:47:
78:43:6b:1e:22:e1:7b:e1:29:80:c0:ff:72:05:04:75:b5:1a:
fe:65:4b:b2:1a:a7:22:65:cb:34:ed:3d:7b:c3:67:4e:31:59:
fe:16:60:fe:f4:27:ff:0f:05:2a:fa:89:e2:7e:c4:05:64:dd:
16:8e:64:c4:63:f1:b4:f3:10:ed:c2:ed:1d:89:45:df:0c:e9:
23:71:e7:e4:ce:ca:f8:08:fb:48:6d:24:2a:7b:8a:19:b7:6c:
54:37:3d:a8:84:9f:bc:75:c4:a5:65:e7:aa:a5:66:31:c2:4a:
f8:3c:9c:04:87:d1:bb:d8:e3:40:ae:0e:88:82:46:92:4e:d3:
a9:e9:14:d8:bf:e6:49:4d:f1:ee:b7:34:20:e8:09:42:2a:36:
78:a9:5d:d9
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZgikGi8+DqfXO/DsnAuWuJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNzE5MTIwMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzFkYTY2MGI5N2VjNjkyNzQwYWFkYTk4MDU5YTZlZTEzZjNlN2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmik7mP716N8nUtTwxpwEzuw49/tO
j5QuCGSldggdBZMIWYY/R6jLRLROrTF6Y5WG1EfX78lxq21GKOYS+Ou0nAe4Q2mw
q/XKSai6SWxLo+ELnDtOrxINSeQNJ4w3Zr6co0f0O6pjuphrJNIVBL4c+QxlThdm
K+5TIF0EveZB40fOL0DAeuKh8jkXcVkU4EyI1UVYfD++vA2e8UC8coDQ/Dyxq8B7
Nh0aBYFqluqwgovDJ92WNhYOmwtBTTGWFOxBftc3ZCqW+vbM42zaOJYuC65jxM9p
BlCUFWpLIMBNTj+LvVamL8Wqzxhwj4AQaPeGo6N8+7edh44kcVZLui1UMQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFLwdpmC5fsaSdAqtqYBZpu4T8+fiMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvdkIybVlMbC14cEowQ3EycGdGbW03aFB6NS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALiaBAwQA
LiaDAwQALiaMAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2A
MA0GCSqGSIb3DQEBCwUAA4IBAQCeV+7yiY81Sy70vnoyhWmerK/q2gHK2EAW7G8B
xnaFrzeB5/ezALAVBP5tzj2qDmHFcxt/R8Es+5UAib2tv7zW6SrE49bZfIb3XSS1
FJ0One3Z0FgQ6lq16a1SGshhE0sIYNQ4kxAGmvqddkd4Q2seIuF74SmAwP9yBQR1
tRr+ZUuyGqciZcs07T17w2dOMVn+FmD+9Cf/DwUq+onifsQFZN0WjmTEY/G08xDt
wu0diUXfDOkjcefkzsr4CPtIbSQqe4oZt2xUNz2ohJ+8dcSlZeeqpWYxwkr4PJwE
h9G72ONArg6IgkaSTtOp6RTYv+ZJTfHutzQg6AlCKjZ4qV3Z
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:24:27 2025 by rpki-client