Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/wzadBw7uhjprp9F5uJq5T8ApPtk.roa
File: wzadBw7uhjprp9F5uJq5T8ApPtk.roa (raw, json)
Hash identifier: uUYBqpYur2LbXv+L36BoiBD056HnrM6iitJd8ms8xzs=
Subject key identifier: C3:36:9D:07:0E:EE:86:3A:6B:A7:D1:79:B8:9A:B9:4F:C0:29:3E:D9
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 0196B94C5809F67300AD45F39002CB01CCF4
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/wzadBw7uhjprp9F5uJq5T8ApPtk.roa
Signing time: Sat 10 May 2025 08:25:10 +0000
ROA not before: Sat 10 May 2025 08:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47376
IP address blocks: 46.148.38.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.43.0/24 maxlen: 24
46.148.44.0/24 maxlen: 24
46.148.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 17:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b9:4c:58:09:f6:73:00:ad:45:f3:90:02:cb:01:cc:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: May 10 08:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3369d070eee863a6ba7d179b89ab94fc0293ed9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:48:a6:5a:28:49:50:b4:c0:a1:d7:f2:ca:
94:31:29:7b:32:71:a3:fc:ff:29:45:62:91:b9:84:
69:9b:62:41:75:71:9f:ff:74:eb:bb:91:a6:f2:ab:
53:5e:b3:c3:99:da:86:1f:fe:f5:ab:8d:8a:82:38:
41:6b:1f:3f:6c:9f:96:f8:a2:b4:27:75:e2:68:35:
45:25:a5:90:fe:82:79:38:08:13:0e:6c:a9:af:72:
ff:50:4b:48:c3:19:6d:22:c6:b3:5a:71:24:9f:23:
9c:ee:0a:87:48:ba:c1:bd:3b:15:ed:8a:8c:67:dd:
e8:2e:ad:e8:d2:7f:09:38:63:d4:07:cc:48:2d:5d:
79:67:e8:2b:7b:49:2d:be:b9:03:ab:50:0a:bd:47:
73:89:f0:ca:66:e6:44:59:04:31:ac:d1:23:31:18:
0a:da:0b:34:7f:20:bd:07:0f:c5:41:a6:55:9e:7c:
b9:15:c5:63:86:e6:85:c8:66:e7:84:7d:97:5f:ab:
0d:01:67:87:9c:21:41:ca:f6:9a:46:9b:7e:f9:90:
67:ab:f6:2c:89:f3:cf:13:ff:90:4e:42:b6:4a:5c:
88:b2:89:fa:14:1f:23:9a:94:ca:b1:eb:fa:78:cc:
05:67:9e:de:d1:ad:16:b6:43:57:df:5f:50:f0:37:
19:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:36:9D:07:0E:EE:86:3A:6B:A7:D1:79:B8:9A:B9:4F:C0:29:3E:D9
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/wzadBw7uhjprp9F5uJq5T8ApPtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.38.0/24
46.148.41.0/24
46.148.43.0-46.148.44.255
46.148.46.0/24
Signature Algorithm: sha256WithRSAEncryption
48:93:2c:eb:94:d0:19:d0:29:46:1e:e8:69:2b:30:9b:c7:73:
1e:99:98:72:2f:4d:c7:68:07:15:fb:93:03:8e:f6:17:b9:b0:
c2:fb:b8:b3:b8:e4:fc:1a:b7:cc:d6:30:17:ed:c2:a9:12:71:
bd:0d:e5:52:3e:b1:69:34:8c:2c:63:5e:25:ca:19:a6:47:3f:
98:30:c8:dd:04:1a:f6:d7:d5:4e:c3:67:40:45:3b:ef:8a:06:
f9:90:67:83:50:19:66:63:fa:ca:be:e7:e4:6e:35:f3:49:14:
31:cf:69:a8:db:61:96:95:54:5a:49:bb:ad:91:84:1c:23:bb:
1d:a8:f1:af:6f:ad:cf:5c:23:17:a6:bf:15:59:52:fa:2a:6f:
ee:f8:b7:4c:09:e7:2a:18:0f:be:f4:24:ba:dd:89:f8:7b:af:
c9:73:55:21:bc:d8:69:01:04:4a:7c:fd:57:b7:30:31:4a:1a:
88:3c:fd:73:ff:48:0e:56:b1:fb:d2:07:aa:d0:23:11:0b:0c:
5c:2f:fd:c1:ed:92:41:13:85:78:de:89:34:77:05:ea:61:cf:
5a:2f:88:df:2b:a6:72:00:ee:77:88:4b:22:f8:23:3e:5a:1e:
c4:81:7e:ee:35:95:0b:3c:a8:26:73:b9:eb:26:ff:6c:01:78:
de:06:bb:ec
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZa5TFgJ9nMArUXzkALLAcz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjUwNTEwMDgyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzM2OWQwNzBlZWU4NjNhNmJhN2QxNzliODlhYjk0ZmMwMjkzZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbdIplooSVC0wKHX8sqUMSl7MnGj
/P8pRWKRuYRpm2JBdXGf/3Tru5Gm8qtTXrPDmdqGH/71q42KgjhBax8/bJ+W+KK0
J3XiaDVFJaWQ/oJ5OAgTDmypr3L/UEtIwxltIsazWnEknyOc7gqHSLrBvTsV7YqM
Z93oLq3o0n8JOGPUB8xILV15Z+gre0ktvrkDq1AKvUdzifDKZuZEWQQxrNEjMRgK
2gs0fyC9Bw/FQaZVnny5FcVjhuaFyGbnhH2XX6sNAWeHnCFByvaaRpt++ZBnq/Ys
ifPPE/+QTkK2SlyIson6FB8jmpTKsev6eMwFZ57e0a0WtkNX319Q8DcZKwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFMM2nQcO7oY6a6fRebiauU/AKT7ZMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvd3phZEJ3N3VoanBycDlGNXVKcTVUOEFwUHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALpQmAwQA
LpQpMAwDBAAulCsDBAAulCwDBAAulC4wDQYJKoZIhvcNAQELBQADggEBAEiTLOuU
0BnQKUYe6GkrMJvHcx6ZmHIvTcdoBxX7kwOO9he5sML7uLO45Pwat8zWMBftwqkS
cb0N5VI+sWk0jCxjXiXKGaZHP5gwyN0EGvbX1U7DZ0BFO++KBvmQZ4NQGWZj+sq+
5+RuNfNJFDHPaajbYZaVVFpJu62RhBwjux2o8a9vrc9cIxemvxVZUvoqb+74t0wJ
5yoYD770JLrdifh7r8lzVSG82GkBBEp8/Ve3MDFKGog8/XP/SA5WsfvSB6rQIxEL
DFwv/cHtkkEThXjeiTR3Bephz1oviN8rpnIA7neISyL4Iz5aHsSBfu41lQs8qCZz
uesm/2wBeN4Gu+w=
-----END CERTIFICATE-----
Generated at Sat Jun 7 02:15:21 2025 by rpki-client