Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/GriK4KCJf_pD-27uHbjP7oEGNcE.roa
File: GriK4KCJf_pD-27uHbjP7oEGNcE.roa (raw, json)
Hash identifier: ZFT+MzdQyFzyxpSKYu1uYqlJsuD4hjBAizP1SCZZEkg=
Subject key identifier: 1A:B8:8A:E0:A0:89:7F:FA:43:FB:6E:EE:1D:B8:CF:EE:81:06:35:C1
Certificate issuer: /CN=d187d4c98b3ed8a717c7d6e45554d353ea3e05ca
Certificate serial: 01982CE646F28092FC8858BE91AF1DCF323F
Authority key identifier: D1:87:D4:C9:8B:3E:D8:A7:17:C7:D6:E4:55:54:D3:53:EA:3E:05:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YfUyYs-2KcXx9bkVVTTU-o-Bco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/GriK4KCJf_pD-27uHbjP7oEGNcE.roa
Signing time: Mon 21 Jul 2025 12:12:25 +0000
ROA not before: Mon 21 Jul 2025 12:12:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197350
IP address blocks: 46.60.1.0/24 maxlen: 24
46.60.4.0/22 maxlen: 22
46.60.5.0/24 maxlen: 24
46.60.7.0/24 maxlen: 24
46.60.13.0/24 maxlen: 24
46.60.14.0/24 maxlen: 24
46.60.15.0/24 maxlen: 24
46.60.48.0/24 maxlen: 24
46.60.49.0/24 maxlen: 24
46.60.51.0/24 maxlen: 24
46.60.52.0/24 maxlen: 24
46.60.53.0/24 maxlen: 24
46.60.54.0/24 maxlen: 24
46.60.55.0/24 maxlen: 24
46.60.56.0/22 maxlen: 22
46.60.58.0/23 maxlen: 23
46.60.60.0/24 maxlen: 24
46.60.61.0/24 maxlen: 24
46.60.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/0YfUyYs-2KcXx9bkVVTTU-o-Bco.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/0YfUyYs-2KcXx9bkVVTTU-o-Bco.mft
rsync://rpki.ripe.net/repository/DEFAULT/0YfUyYs-2KcXx9bkVVTTU-o-Bco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 31 Jul 2025 12:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:e6:46:f2:80:92:fc:88:58:be:91:af:1d:cf:32:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d187d4c98b3ed8a717c7d6e45554d353ea3e05ca
Validity
Not Before: Jul 21 12:12:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ab88ae0a0897ffa43fb6eee1db8cfee810635c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5f:13:b3:7d:10:b3:1f:57:40:28:34:1a:3a:
8d:c1:18:5c:53:55:e3:42:16:bc:f9:1e:df:e9:74:
2b:1e:03:df:95:14:29:33:c2:0f:5c:dd:3a:22:22:
e9:00:de:de:9e:d9:d4:26:18:ab:ec:27:f2:eb:be:
0e:6a:79:80:e4:55:eb:e9:ac:70:1e:e0:86:22:58:
30:e0:cb:28:b8:8d:13:50:4d:14:40:9f:e6:98:82:
73:ae:66:89:5e:3c:56:cd:ba:e9:df:ff:eb:96:7b:
80:24:16:49:ca:4d:5b:e4:31:a8:b5:b5:18:c5:f7:
af:48:f5:87:83:fb:e9:99:49:a7:a7:c0:32:85:f3:
20:5d:e2:6a:d1:7e:51:55:1c:ce:44:cb:54:d0:3f:
7e:62:a6:41:b0:cd:5b:ae:e9:6f:7e:95:02:7e:6a:
b6:f9:bc:2e:83:98:3d:ce:7c:02:91:a7:08:d9:eb:
4a:97:4a:9d:59:29:17:2d:3f:e6:10:bf:03:72:1a:
b5:da:70:e3:41:b2:dc:36:b3:66:ad:58:f3:11:bf:
26:b1:38:6a:3d:f0:98:99:b8:fd:66:13:21:14:a3:
9d:9a:3b:0c:59:b6:f7:9e:9e:b0:93:5d:ad:33:7d:
e3:35:92:7b:90:b6:60:a7:0a:4f:aa:53:bb:cf:7c:
64:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:B8:8A:E0:A0:89:7F:FA:43:FB:6E:EE:1D:B8:CF:EE:81:06:35:C1
X509v3 Authority Key Identifier:
keyid:D1:87:D4:C9:8B:3E:D8:A7:17:C7:D6:E4:55:54:D3:53:EA:3E:05:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YfUyYs-2KcXx9bkVVTTU-o-Bco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/GriK4KCJf_pD-27uHbjP7oEGNcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ba3316-5b95-4e12-875c-502967dfcc48/1/0YfUyYs-2KcXx9bkVVTTU-o-Bco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.60.1.0/24
46.60.4.0/22
46.60.13.0-46.60.15.255
46.60.48.0/23
46.60.51.0-46.60.63.255
Signature Algorithm: sha256WithRSAEncryption
16:4e:3a:39:2b:a6:17:3c:5a:fc:1a:08:88:27:99:fd:88:9c:
22:9c:b1:66:54:ff:fc:30:8a:4e:e3:bc:7c:32:b3:31:dd:e3:
d5:41:ad:b1:c7:b6:a6:9c:39:91:eb:ca:71:c2:5d:bb:7b:bc:
9d:87:23:0e:d4:78:3b:b8:ad:19:f9:76:4f:74:e5:d3:f0:f8:
f7:74:86:25:d1:6c:ea:0f:24:d9:b0:2d:f9:87:cd:a7:c2:c7:
b1:03:b4:01:52:15:0b:41:c6:0a:5d:40:c5:fc:e2:42:d2:52:
1d:d0:9c:49:ce:ef:d7:5f:ed:e1:91:7a:24:4e:e9:29:9e:57:
f9:d1:da:24:e6:e9:7e:0e:dc:31:ac:ff:8e:03:f9:17:09:21:
ec:bc:cb:7b:5b:c1:68:c6:4a:b8:3e:c8:e7:df:1a:88:bd:24:
2f:5f:44:f4:b6:59:bc:43:3f:e0:ac:e8:6e:e2:1b:96:12:74:
f4:e2:f6:11:f0:85:0b:83:28:bc:5c:2e:14:16:2e:74:95:9a:
cf:56:27:9f:13:e5:c9:99:7f:b9:b1:4f:47:ee:22:2d:69:d2:
93:b3:84:c5:a9:24:ca:eb:b9:a3:9b:a0:26:50:68:b5:67:02:
27:e6:a2:e7:dc:be:93:5a:02:47:9b:b6:56:89:f3:91:64:a7:
9f:9c:2f:54
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZgs5kbygJL8iFi+ka8dzzI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxODdkNGM5OGIzZWQ4YTcxN2M3ZDZlNDU1NTRkMzUzZWEz
ZTA1Y2EwHhcNMjUwNzIxMTIxMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWI4OGFlMGEwODk3ZmZhNDNmYjZlZWUxZGI4Y2ZlZTgxMDYzNWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu18Ts30Qsx9XQCg0GjqNwRhcU1Xj
Qha8+R7f6XQrHgPflRQpM8IPXN06IiLpAN7entnUJhir7Cfy674OanmA5FXr6axw
HuCGIlgw4MsouI0TUE0UQJ/mmIJzrmaJXjxWzbrp3//rlnuAJBZJyk1b5DGotbUY
xfevSPWHg/vpmUmnp8AyhfMgXeJq0X5RVRzORMtU0D9+YqZBsM1brulvfpUCfmq2
+bwug5g9znwCkacI2etKl0qdWSkXLT/mEL8Dchq12nDjQbLcNrNmrVjzEb8msThq
PfCYmbj9ZhMhFKOdmjsMWbb3np6wk12tM33jNZJ7kLZgpwpPqlO7z3xkLwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBq4iuCgiX/6Q/tu7h24z+6BBjXBMB8GA1UdIwQY
MBaAFNGH1MmLPtinF8fW5FVU01PqPgXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFlmVXlZcy0yS2NYeDlia1ZWVFRVLW8tQmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iYTMzMTYtNWI5NS00ZTEyLTg3NWMt
NTAyOTY3ZGZjYzQ4LzEvR3JpSzRLQ0pmX3BELTI3dUhialA3b0VHTmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iYTMzMTYtNWI5NS00ZTEyLTg3NWMtNTAyOTY3ZGZjYzQ4
LzEvMFlmVXlZcy0yS2NYeDlia1ZWVFRVLW8tQmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALjwBAwQC
LjwEMAwDBAAuPA0DBAQuPAADBAEuPDAwDAMEAC48MwMEBi48ADANBgkqhkiG9w0B
AQsFAAOCAQEAFk46OSumFzxa/BoIiCeZ/YicIpyxZlT//DCKTuO8fDKzMd3j1UGt
sce2ppw5kevKccJdu3u8nYcjDtR4O7itGfl2T3Tl0/D493SGJdFs6g8k2bAt+YfN
p8LHsQO0AVIVC0HGCl1AxfziQtJSHdCcSc7v11/t4ZF6JE7pKZ5X+dHaJObpfg7c
Maz/jgP5Fwkh7LzLe1vBaMZKuD7I598aiL0kL19E9LZZvEM/4KzobuIblhJ09OL2
EfCFC4MovFwuFBYudJWaz1YnnxPlyZl/ubFPR+4iLWnSk7OExakkyuu5o5ugJlBo
tWcCJ+ai59y+k1oCR5u2VonzkWSnn5wvVA==
-----END CERTIFICATE-----
Generated at Wed Jul 30 18:42:14 2025 by rpki-client