Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3jJZVXR76aOFchH2XpnzbLR0IWo.roa
File: 3jJZVXR76aOFchH2XpnzbLR0IWo.roa (raw, json)
Hash identifier: zHKnHcHp/PL5mg9H6WCik0iUnC6NdfAFnCs/0dptCUQ=
Subject key identifier: DE:32:59:55:74:7B:E9:A3:85:72:11:F6:5E:99:F3:6C:B4:74:21:6A
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019745227F2187F5723389CF2D8A020FAEA6
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3jJZVXR76aOFchH2XpnzbLR0IWo.roa
Signing time: Fri 06 Jun 2025 12:06:18 +0000
ROA not before: Fri 06 Jun 2025 12:06:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62163
IP address blocks: 46.161.216.0/24 maxlen: 24
46.161.217.0/24 maxlen: 24
46.161.218.0/24 maxlen: 24
46.161.219.0/24 maxlen: 24
193.56.239.0/24 maxlen: 24
194.40.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:45:22:7f:21:87:f5:72:33:89:cf:2d:8a:02:0f:ae:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jun 6 12:06:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de325955747be9a3857211f65e99f36cb474216a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e9:f5:06:1e:52:6e:82:db:8d:2c:b2:98:a0:
ff:a1:df:0c:13:01:2b:a7:61:26:3e:70:2e:04:8f:
a7:7d:99:23:84:77:a7:a1:b0:93:60:db:6b:f2:97:
2e:69:fd:b4:e4:f9:55:cd:f8:bb:22:e0:d8:ed:80:
a9:06:87:e6:e8:99:1b:2a:26:7b:8f:91:f0:08:96:
75:b4:13:57:a0:48:91:ef:4f:2b:c9:25:ba:b6:b7:
35:63:be:8e:e7:bd:7a:7d:68:f0:6d:18:0a:4a:fa:
9e:28:86:c4:ed:57:87:8f:6b:d4:35:39:68:9d:8e:
6b:7b:db:70:4c:bc:ea:39:07:61:87:36:1f:7b:9a:
50:62:d9:a1:83:84:21:81:cc:a0:ed:96:1f:ed:79:
0a:11:28:5e:3f:50:a3:9d:f5:6f:88:ed:c4:ff:53:
1a:c1:af:b0:40:23:b0:c5:75:07:cf:b2:64:87:bd:
74:7b:e2:22:91:23:9a:ca:be:f6:f5:80:41:54:56:
a2:65:28:28:81:7c:80:66:0f:92:43:a4:0f:45:2f:
ef:87:f0:d9:c0:de:aa:4e:95:ec:01:8a:07:49:c8:
fe:52:e4:57:c4:d3:fe:a3:f9:3c:aa:1e:43:96:48:
53:cb:ec:3a:6f:1a:07:fa:4f:5c:d9:42:d2:ae:70:
54:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:32:59:55:74:7B:E9:A3:85:72:11:F6:5E:99:F3:6C:B4:74:21:6A
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/3jJZVXR76aOFchH2XpnzbLR0IWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.216.0/22
193.56.239.0/24
194.40.246.0/23
Signature Algorithm: sha256WithRSAEncryption
79:e7:1c:ed:0e:74:c4:55:e2:a9:31:77:24:24:eb:85:17:56:
82:6d:8d:0b:3b:63:e3:43:65:d5:4e:21:93:08:c8:5f:11:81:
53:16:a9:74:7e:a4:0c:5b:65:ec:d4:4c:68:46:da:a6:05:4b:
d8:5f:39:28:ae:41:d3:91:9f:a8:9c:94:06:7e:e4:ea:7b:94:
bf:d4:40:b2:34:1d:a6:0c:41:de:bb:0b:8d:b9:85:a8:fe:49:
63:28:1c:e7:d3:ea:da:9e:c5:f2:1b:9b:31:f6:7e:dd:98:51:
f5:f3:cb:67:05:70:5f:ea:72:24:96:38:a5:e2:41:cf:37:01:
64:77:0e:e5:1e:b0:67:c0:7f:16:64:ff:5b:11:5c:f6:01:7c:
88:ce:72:73:dd:9e:5a:6c:8b:9b:bc:97:9d:c7:f1:03:94:38:
7b:f5:13:85:c5:61:93:4f:36:16:9f:af:8f:ad:ea:8b:58:7a:
15:97:50:64:7e:51:de:e8:cf:2e:fd:10:92:ef:9d:6e:e8:97:
5b:7f:3c:c8:e6:7d:23:91:3e:4d:b5:0a:d1:f5:71:64:d6:4d:
70:d7:2c:3d:72:7d:8b:31:65:25:d5:9f:cb:bf:f1:05:12:20:
1f:1d:1d:52:64:4d:2d:86:42:f7:96:49:55:c0:d6:5a:7f:5a:
a9:ad:ce:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdFIn8hh/VyM4nPLYoCD66mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUwNjA2MTIwNjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTMyNTk1NTc0N2JlOWEzODU3MjExZjY1ZTk5ZjM2Y2I0NzQyMTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOn1Bh5SboLbjSyymKD/od8MEwEr
p2EmPnAuBI+nfZkjhHenobCTYNtr8pcuaf205PlVzfi7IuDY7YCpBofm6JkbKiZ7
j5HwCJZ1tBNXoEiR708rySW6trc1Y76O5716fWjwbRgKSvqeKIbE7VeHj2vUNTlo
nY5re9twTLzqOQdhhzYfe5pQYtmhg4Qhgcyg7ZYf7XkKESheP1CjnfVviO3E/1Ma
wa+wQCOwxXUHz7Jkh710e+IikSOayr729YBBVFaiZSgogXyAZg+SQ6QPRS/vh/DZ
wN6qTpXsAYoHScj+UuRXxNP+o/k8qh5DlkhTy+w6bxoH+k9c2ULSrnBURQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN4yWVV0e+mjhXIR9l6Z82y0dCFqMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvM2pKWlZYUjc2YU9GY2hIMlhwbnpiTFIwSVdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLqHYAwQA
wTjvAwQBwij2MA0GCSqGSIb3DQEBCwUAA4IBAQB55xztDnTEVeKpMXckJOuFF1aC
bY0LO2PjQ2XVTiGTCMhfEYFTFql0fqQMW2Xs1ExoRtqmBUvYXzkorkHTkZ+onJQG
fuTqe5S/1ECyNB2mDEHeuwuNuYWo/kljKBzn0+ransXyG5sx9n7dmFH188tnBXBf
6nIkljil4kHPNwFkdw7lHrBnwH8WZP9bEVz2AXyIznJz3Z5abIubvJedx/EDlDh7
9ROFxWGTTzYWn6+PreqLWHoVl1BkflHe6M8u/RCS751u6JdbfzzI5n0jkT5NtQrR
9XFk1k1w1yw9cn2LMWUl1Z/Lv/EFEiAfHR1SZE0thkL3lklVwNZaf1qprc5A
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:47:47 2025 by rpki-client