Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/V--YEWarZp-pZj4S7ao82lnZyNQ.roa
File: V--YEWarZp-pZj4S7ao82lnZyNQ.roa (raw, json)
Hash identifier: vmHxWxvB0zZJz5gvZLSnNwgdgRThQ5Iu5CaLJ08hviM=
Subject key identifier: 57:EF:98:11:66:AB:66:9F:A9:66:3E:12:ED:AA:3C:DA:59:D9:C8:D4
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197319D8CEE95D9FAE07D3D8B14CD8A2FE2
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/V--YEWarZp-pZj4S7ao82lnZyNQ.roa
Signing time: Mon 02 Jun 2025 17:08:18 +0000
ROA not before: Mon 02 Jun 2025 17:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213732
IP address blocks: 46.38.144.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:9d:8c:ee:95:d9:fa:e0:7d:3d:8b:14:cd:8a:2f:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 2 17:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57ef981166ab669fa9663e12edaa3cda59d9c8d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:8a:db:c5:72:6a:9d:79:85:f2:0b:1e:2c:78:
2f:4b:da:01:71:cb:fa:c9:d4:6c:f8:55:ba:93:23:
01:fa:f8:42:dc:5e:16:8b:52:b6:64:11:f3:77:3b:
c0:59:a9:f7:ea:dc:06:1d:88:19:f4:c1:06:8c:87:
71:1e:e4:50:2d:68:32:31:1d:1d:3a:eb:21:65:01:
cc:9a:9a:fd:3a:1a:16:4b:88:6b:0e:bc:a8:67:e4:
fa:ca:78:af:51:11:6d:52:f9:41:07:87:54:4d:9a:
49:35:b3:a4:85:fc:bb:79:e8:fc:31:cb:0b:57:33:
b4:b9:76:5f:55:8f:64:e4:75:31:c6:fd:98:da:cf:
f2:c3:4e:07:13:58:28:75:dc:19:ab:f7:c2:a3:bb:
96:11:35:6c:c8:16:82:f4:ff:f3:10:49:00:d9:9d:
a7:93:44:2f:02:79:81:6a:a2:d9:81:2d:b2:d0:ce:
41:1a:60:fb:ef:d1:5b:b4:cf:ad:7e:75:2e:4a:20:
94:2e:ce:a7:e6:2e:4c:b2:6d:be:96:56:8e:b2:53:
c7:ed:ef:57:3b:0b:79:16:f3:40:ef:06:76:a0:80:
85:13:63:f1:d5:7c:ce:eb:a1:be:c6:a2:18:bb:ea:
47:ad:3b:78:9e:32:66:60:dc:9b:b8:75:45:a9:1e:
81:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:EF:98:11:66:AB:66:9F:A9:66:3E:12:ED:AA:3C:DA:59:D9:C8:D4
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/V--YEWarZp-pZj4S7ao82lnZyNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.144.0/24
46.38.146.0-46.38.149.255
185.29.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:8e:84:7f:21:22:59:c5:e3:94:d1:d1:a8:dc:67:31:58:fe:
ff:00:ad:df:48:ef:09:2c:3f:d1:bd:3f:42:10:35:8c:6f:8a:
bd:58:67:52:7e:78:d9:85:1f:2e:ee:4b:f6:4e:c4:17:c3:aa:
22:c8:5b:5d:da:ce:e1:a1:94:7e:89:5b:af:df:67:2f:be:e2:
6e:10:47:fd:00:e8:0f:5f:83:23:53:44:04:e5:9f:47:bd:60:
d6:c7:76:98:22:67:65:02:86:eb:41:53:ee:19:73:ef:93:0b:
9f:46:2b:45:0b:ad:58:a7:aa:4d:be:dd:a4:fb:79:13:55:98:
06:cd:62:8d:4f:a4:4d:2a:aa:ed:b2:e1:c2:ae:0a:df:47:a5:
cb:9b:76:85:4e:44:1f:e9:a8:3d:50:17:68:dc:0a:16:91:10:
d6:68:41:4e:bf:81:00:7d:7c:ca:73:9e:ae:7c:5f:2d:bb:c3:
d9:a6:6b:13:b1:89:46:76:c3:c4:26:4b:92:51:85:b4:d8:86:
30:18:5b:a7:bd:43:d1:42:c7:e2:10:7f:94:c8:ab:9c:3f:74:
4b:80:fd:b9:00:61:2e:3f:b0:d2:ac:21:a4:b4:c3:73:da:b3:
68:9f:e5:54:51:5c:30:2d:b9:82:2c:84:65:b8:d5:b1:b1:03:
c6:78:87:ef
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZcxnYzuldn64H09ixTNii/iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNjAyMTcwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2VmOTgxMTY2YWI2NjlmYTk2NjNlMTJlZGFhM2NkYTU5ZDljOGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIrbxXJqnXmF8gseLHgvS9oBccv6
ydRs+FW6kyMB+vhC3F4Wi1K2ZBHzdzvAWan36twGHYgZ9MEGjIdxHuRQLWgyMR0d
OushZQHMmpr9OhoWS4hrDryoZ+T6ynivURFtUvlBB4dUTZpJNbOkhfy7eej8McsL
VzO0uXZfVY9k5HUxxv2Y2s/yw04HE1goddwZq/fCo7uWETVsyBaC9P/zEEkA2Z2n
k0QvAnmBaqLZgS2y0M5BGmD779FbtM+tfnUuSiCULs6n5i5Msm2+llaOslPH7e9X
Owt5FvNA7wZ2oICFE2Px1XzO66G+xqIYu+pHrTt4njJmYNybuHVFqR6BZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFfvmBFmq2afqWY+Eu2qPNpZ2cjUMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvVi0tWUVXYXJacC1wWmo0UzdhbzgybG5aeU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALiaQMAwD
BAEuJpIDBAEuJpQDBAC5Hd8wDQYJKoZIhvcNAQELBQADggEBAF2OhH8hIlnF45TR
0ajcZzFY/v8Ard9I7wksP9G9P0IQNYxvir1YZ1J+eNmFHy7uS/ZOxBfDqiLIW13a
zuGhlH6JW6/fZy++4m4QR/0A6A9fgyNTRATln0e9YNbHdpgiZ2UChutBU+4Zc++T
C59GK0ULrVinqk2+3aT7eRNVmAbNYo1PpE0qqu2y4cKuCt9HpcubdoVORB/pqD1Q
F2jcChaRENZoQU6/gQB9fMpznq58Xy27w9mmaxOxiUZ2w8QmS5JRhbTYhjAYW6e9
Q9FCx+IQf5TIq5w/dEuA/bkAYS4/sNKsIaS0w3Pas2if5VRRXDAtuYIshGW41bGx
A8Z4h+8=
-----END CERTIFICATE-----
Generated at Sat Jun 7 07:58:48 2025 by rpki-client