Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/6_bKweqWY78IaehR0T3SZdY9CQM.roa
File: 6_bKweqWY78IaehR0T3SZdY9CQM.roa (raw, json)
Hash identifier: KTUilrEpIDNHWpqzD3ibc0/4lbQNOJc1mmLoHR7N/88=
Subject key identifier: EB:F6:CA:C1:EA:96:63:BF:08:69:E8:51:D1:3D:D2:65:D6:3D:09:03
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 019830E40150D41D8AC36C4830C2FDE85F1F
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/6_bKweqWY78IaehR0T3SZdY9CQM.roa
Signing time: Tue 22 Jul 2025 06:48:25 +0000
ROA not before: Tue 22 Jul 2025 06:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.80.0/21 maxlen: 21
46.253.88.0/21 maxlen: 21
46.253.90.0/24 maxlen: 24
46.253.90.0/25 maxlen: 25
46.253.90.128/25 maxlen: 25
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 03:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:30:e4:01:50:d4:1d:8a:c3:6c:48:30:c2:fd:e8:5f:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jul 22 06:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebf6cac1ea9663bf0869e851d13dd265d63d0903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3d:ff:ab:f1:d6:af:2c:1e:ff:b2:8c:b2:14:
00:da:85:17:14:fb:cb:a1:36:f9:f1:05:3a:e1:18:
11:65:1b:6a:e7:89:3a:54:0f:30:9e:24:e5:73:fa:
5b:d2:c1:94:d6:ee:09:2a:3d:0a:79:20:be:da:f1:
67:97:f2:c7:5b:46:3e:44:fa:95:94:6a:cf:b8:78:
34:8e:0a:67:04:0d:0b:56:40:31:ac:34:4f:af:59:
11:0e:4b:7b:c0:86:42:b9:b7:43:5a:54:a2:d3:e0:
0b:81:8b:22:ab:45:97:9b:84:e9:8a:55:fe:d8:2c:
e9:01:f2:9d:4a:64:c8:80:54:1b:0f:9f:a7:d1:76:
74:35:1c:f9:96:49:85:c0:d4:02:ac:1b:b2:7f:04:
fc:88:0a:dd:1b:72:e3:cc:6e:05:26:12:c7:1b:37:
93:80:14:65:b3:0e:6d:5e:3e:27:a7:c2:51:a4:a2:
4f:cd:e9:07:81:9f:c0:59:99:c6:f8:60:aa:5e:9e:
e7:91:4d:d0:ec:1f:05:d4:81:3f:76:45:7f:29:3f:
80:86:dc:0e:69:21:99:11:2b:6a:3d:84:de:f2:10:
51:e4:e9:8e:76:50:7f:72:c0:d4:d8:37:f2:34:fd:
12:d8:2b:11:ee:c4:24:04:09:02:33:9c:1b:bc:ee:
39:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:F6:CA:C1:EA:96:63:BF:08:69:E8:51:D1:3D:D2:65:D6:3D:09:03
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/6_bKweqWY78IaehR0T3SZdY9CQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/20
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:fb:ea:1e:eb:5b:13:b0:d5:77:e6:8e:6b:6f:05:9d:70:12:
62:66:7a:4a:db:c5:38:d4:d4:10:a5:02:0f:38:93:f4:ce:ec:
3b:65:f3:49:32:a6:51:95:95:67:e7:02:a5:1b:e1:a3:3b:ca:
4e:25:36:01:d5:29:70:1d:89:7e:db:d4:4d:f3:f3:7e:7a:76:
05:c1:d1:01:bc:c9:13:be:1b:1a:70:81:bc:ad:68:cf:4a:3a:
42:51:6e:a8:e6:7a:ce:b3:4b:27:84:cc:05:40:9e:a0:8c:f5:
d4:41:9a:33:45:d3:89:a6:18:24:16:c7:52:a2:ca:7b:b2:8a:
b8:ab:3c:1a:23:cf:36:67:6e:fe:c2:87:bd:83:d3:0a:9d:d2:
a1:27:67:e3:c1:20:03:3a:59:2e:18:48:65:40:00:71:99:7a:
ef:19:d9:4b:7c:26:ee:97:a1:d5:92:04:20:b5:ba:92:08:c6:
72:7a:ab:dd:46:d7:5a:c1:2b:cc:a2:7b:02:f0:e0:3e:13:63:
9a:2b:d5:74:43:28:b9:aa:11:65:e1:41:1f:2a:97:f6:d8:6d:
1f:3a:15:10:4e:e5:1f:7b:60:24:d2:9f:9d:14:ec:4c:0e:f9:
1c:79:a8:c8:e8:c7:e8:51:11:8f:c1:5e:5b:f8:a1:25:62:8e:
06:2a:3f:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgw5AFQ1B2Kw2xIMML96F8fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjUwNzIyMDY0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmY2Y2FjMWVhOTY2M2JmMDg2OWU4NTFkMTNkZDI2NWQ2M2QwOTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz3/q/HWrywe/7KMshQA2oUXFPvL
oTb58QU64RgRZRtq54k6VA8wniTlc/pb0sGU1u4JKj0KeSC+2vFnl/LHW0Y+RPqV
lGrPuHg0jgpnBA0LVkAxrDRPr1kRDkt7wIZCubdDWlSi0+ALgYsiq0WXm4TpilX+
2CzpAfKdSmTIgFQbD5+n0XZ0NRz5lkmFwNQCrBuyfwT8iArdG3LjzG4FJhLHGzeT
gBRlsw5tXj4np8JRpKJPzekHgZ/AWZnG+GCqXp7nkU3Q7B8F1IE/dkV/KT+AhtwO
aSGZEStqPYTe8hBR5OmOdlB/csDU2DfyNP0S2CsR7sQkBAkCM5wbvO45BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOv2ysHqlmO/CGnoUdE90mXWPQkDMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvNl9iS3dlcVdZNzhJYWVoUjBUM1NaZFk5Q1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQELv1QMA0E
AgACMAcDBQMqBBnAMA0GCSqGSIb3DQEBCwUAA4IBAQCN++oe61sTsNV35o5rbwWd
cBJiZnpK28U41NQQpQIPOJP0zuw7ZfNJMqZRlZVn5wKlG+GjO8pOJTYB1SlwHYl+
29RN8/N+enYFwdEBvMkTvhsacIG8rWjPSjpCUW6o5nrOs0snhMwFQJ6gjPXUQZoz
RdOJphgkFsdSosp7soq4qzwaI882Z27+woe9g9MKndKhJ2fjwSADOlkuGEhlQABx
mXrvGdlLfCbul6HVkgQgtbqSCMZyeqvdRtdawSvMonsC8OA+E2OaK9V0Qyi5qhFl
4UEfKpf22G0fOhUQTuUfe2Ak0p+dFOxMDvkceajI6MfoURGPwV5b+KElYo4GKj9+
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:43:34 2025 by rpki-client