Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bY02TJ85XALli7bRDyRec26WgJ8.roa
File: bY02TJ85XALli7bRDyRec26WgJ8.roa (raw, json)
Hash identifier: tOV02U2b76DFTOnpaGQjxC2K/3vK6ug+7G42xGsXgGg=
Subject key identifier: 6D:8D:36:4C:9F:39:5C:02:E5:8B:B6:D1:0F:24:5E:73:6E:96:80:9F
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0196D073797DFD89A98733CD4538852BE281
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bY02TJ85XALli7bRDyRec26WgJ8.roa
Signing time: Wed 14 May 2025 20:19:10 +0000
ROA not before: Wed 14 May 2025 20:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.139.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 03:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:73:79:7d:fd:89:a9:87:33:cd:45:38:85:2b:e2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: May 14 20:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d8d364c9f395c02e58bb6d10f245e736e96809f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:56:97:0b:db:20:0e:fc:b1:c9:39:59:9f:
6a:56:84:49:3e:5b:92:07:de:2f:27:1e:98:be:99:
a5:15:ca:85:88:06:73:99:d1:21:ac:35:38:20:e3:
39:29:2e:b1:80:59:36:7d:ea:00:71:b1:26:b2:24:
6a:52:8d:6a:8d:8b:78:d8:19:05:e4:cd:4a:96:3b:
21:80:7c:b3:d9:de:ee:f8:d8:9d:de:e1:28:9a:ac:
6d:1f:89:07:46:25:2b:5b:ee:27:94:78:2e:4d:8e:
29:7b:6c:cd:f6:39:5c:be:59:90:ea:20:4a:8e:f0:
2e:07:35:65:a3:c9:27:fc:56:8f:d2:8f:24:79:33:
f7:06:75:82:1d:b3:93:96:32:d1:9a:c3:05:40:10:
98:7d:34:41:e0:16:cc:1c:20:4b:b5:5c:2a:58:04:
6a:c5:da:28:fe:4e:ef:b2:35:29:9b:76:c7:e8:92:
09:7e:91:3b:77:89:49:8a:d0:fa:f1:c9:8d:fa:fc:
65:f5:7b:20:2e:81:73:a3:2c:92:52:d5:39:1f:24:
69:9a:99:1f:02:19:79:e6:c8:6e:5c:3b:03:2d:b3:
9d:a5:e1:d4:7b:72:66:19:b1:d6:04:c7:4e:a6:3f:
0d:84:10:96:89:0c:53:d1:43:68:16:ba:46:ef:2d:
19:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:8D:36:4C:9F:39:5C:02:E5:8B:B6:D1:0F:24:5E:73:6E:96:80:9F
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/bY02TJ85XALli7bRDyRec26WgJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.139.0-46.38.140.255
46.38.151.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
50:23:40:62:f2:0d:07:70:33:49:2b:e0:3c:d6:b0:33:19:b1:
69:ef:24:f2:56:21:b9:5a:6b:d9:d6:2f:2a:d2:2a:80:65:fc:
9f:b0:c8:37:10:88:3d:92:92:8e:b3:da:c3:c2:7b:19:82:8d:
6f:db:62:b0:55:ad:46:8a:36:cc:a7:1d:0d:ad:0f:88:35:41:
02:b3:00:9a:c5:08:61:65:65:00:4e:f0:7f:64:a4:29:eb:1b:
26:03:45:42:36:b8:91:58:7e:4e:bf:7e:bb:e9:ab:b4:b6:6e:
7a:5d:82:15:43:68:d8:e1:dc:b4:27:63:61:ce:7b:87:36:d6:
e8:34:f4:c8:f0:14:16:ef:9e:bb:3b:49:8b:54:4f:dc:2f:84:
1b:59:bf:c2:ac:67:38:3b:9e:62:61:3c:b7:a6:4f:82:3b:41:
54:c8:26:ab:58:7b:e6:02:2e:b9:ab:0f:a7:0c:60:ac:e9:62:
ac:d9:be:97:78:bf:37:f6:9b:7d:05:af:1a:03:c5:96:e4:05:
47:34:c7:e8:1c:d8:a1:2a:65:c1:0c:f5:62:c6:a0:c9:70:ae:
f8:22:0f:89:a3:ce:29:e7:bf:1c:c6:a3:31:80:2e:5d:b8:11:
03:ea:8d:2c:0e:f7:46:13:9d:80:98:9a:ab:10:68:4f:25:d8:
66:28:8d:1a
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZbQc3l9/YmphzPNRTiFK+KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNTE0MjAxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDhkMzY0YzlmMzk1YzAyZTU4YmI2ZDEwZjI0NWU3MzZlOTY4MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkBWlwvbIA78sck5WZ9qVoRJPluS
B94vJx6YvpmlFcqFiAZzmdEhrDU4IOM5KS6xgFk2feoAcbEmsiRqUo1qjYt42BkF
5M1KljshgHyz2d7u+Nid3uEomqxtH4kHRiUrW+4nlHguTY4pe2zN9jlcvlmQ6iBK
jvAuBzVlo8kn/FaP0o8keTP3BnWCHbOTljLRmsMFQBCYfTRB4BbMHCBLtVwqWARq
xdoo/k7vsjUpm3bH6JIJfpE7d4lJitD68cmN+vxl9XsgLoFzoyySUtU5HyRpmpkf
Ahl55shuXDsDLbOdpeHUe3JmGbHWBMdOpj8NhBCWiQxT0UNoFrpG7y0ZJQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG2NNkyfOVwC5Yu20Q8kXnNuloCfMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvYlkwMlRKODVYQUxsaTdiUkR5UmVjMjZXZ0o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQALiaBAwQA
LiaDMAwDBAAuJosDBAAuJowDBAAuJpcDBAC5GJYDBAG5HdwDBAXUEEADBAXUUAAw
DQQCAAIwBwMFAyoAfYAwDQYJKoZIhvcNAQELBQADggEBAFAjQGLyDQdwM0kr4DzW
sDMZsWnvJPJWIblaa9nWLyrSKoBl/J+wyDcQiD2Sko6z2sPCexmCjW/bYrBVrUaK
NsynHQ2tD4g1QQKzAJrFCGFlZQBO8H9kpCnrGyYDRUI2uJFYfk6/frvpq7S2bnpd
ghVDaNjh3LQnY2HOe4c21ug09MjwFBbvnrs7SYtUT9wvhBtZv8KsZzg7nmJhPLem
T4I7QVTIJqtYe+YCLrmrD6cMYKzpYqzZvpd4vzf2m30FrxoDxZbkBUc0x+gc2KEq
ZcEM9WLGoMlwrvgiD4mjzinnvxzGozGALl24EQPqjSwO90YTnYCYmqsQaE8l2GYo
jRo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 12:39:40 2025 by rpki-client