Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/V9Ig1pXUbN50LMFOuKXdZ5mkCig.roa
File: V9Ig1pXUbN50LMFOuKXdZ5mkCig.roa (raw, json)
Hash identifier: y87CF5Ma433/41wTDv6chywUFnZfYbGNq95lOWwWnTA=
Subject key identifier: 57:D2:20:D6:95:D4:6C:DE:74:2C:C1:4E:B8:A5:DD:67:99:A4:0A:28
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 0196DFCB1632233417613D0E0CAEAD6F7FBE
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/V9Ig1pXUbN50LMFOuKXdZ5mkCig.roa
Signing time: Sat 17 May 2025 19:49:10 +0000
ROA not before: Sat 17 May 2025 19:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201942
IP address blocks: 46.31.68.0/24 maxlen: 24
46.226.144.0/21 maxlen: 21
185.58.196.0/22 maxlen: 22
185.119.112.0/22 maxlen: 24
185.232.41.0/24 maxlen: 24
193.46.216.0/24 maxlen: 24
193.163.117.0/24 maxlen: 24
194.26.143.0/24 maxlen: 24
195.182.205.0/24 maxlen: 24
195.184.72.0/24 maxlen: 24
212.23.223.0/24 maxlen: 24
2a02:6520::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:df:cb:16:32:23:34:17:61:3d:0e:0c:ae:ad:6f:7f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: May 17 19:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57d220d695d46cde742cc14eb8a5dd6799a40a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:96:e5:90:2d:49:eb:ee:11:33:e0:ab:39:60:
8e:0d:f6:02:75:01:94:af:4b:f8:5c:00:86:1d:19:
68:fa:02:49:a0:b9:b8:13:58:66:18:d8:19:fd:6c:
ef:b0:f7:a3:19:52:a6:1c:2c:4d:77:f7:3d:d0:05:
41:d5:57:4d:15:0b:76:4d:de:4f:e8:64:62:79:d0:
bd:ca:07:e8:47:07:4b:a4:25:df:22:8a:ef:2d:ea:
e2:93:af:64:7c:28:57:36:16:bb:86:6a:fa:0a:3f:
37:07:63:48:60:0c:12:f4:a7:1d:49:ad:da:3a:8d:
8d:7f:6d:02:e9:51:97:60:d3:c1:d6:c3:67:27:46:
d7:5f:c5:4c:83:af:ef:b8:4e:3c:16:b3:f4:f9:df:
29:0b:a8:80:20:b2:cf:c5:aa:41:eb:d6:7f:fc:a9:
c8:1d:86:b9:4e:40:29:8f:1e:83:32:5c:34:45:8d:
46:03:d3:26:e0:18:cd:78:42:af:3c:17:65:8c:43:
5b:ae:85:f9:8c:eb:9e:c5:a2:29:a8:30:b3:cf:82:
01:c6:be:55:a4:ca:39:e4:0f:20:38:2e:bd:3b:be:
29:05:38:c1:95:cd:13:70:25:b7:d1:7b:1e:60:b1:
17:22:87:dd:52:9f:e4:67:88:f4:79:a8:56:79:d9:
f9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D2:20:D6:95:D4:6C:DE:74:2C:C1:4E:B8:A5:DD:67:99:A4:0A:28
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/V9Ig1pXUbN50LMFOuKXdZ5mkCig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.68.0/24
46.226.144.0/21
185.58.196.0/22
185.119.112.0/22
185.232.41.0/24
193.46.216.0/24
193.163.117.0/24
194.26.143.0/24
195.182.205.0/24
195.184.72.0/24
212.23.223.0/24
IPv6:
2a02:6520::/32
Signature Algorithm: sha256WithRSAEncryption
05:a3:af:de:20:48:68:95:c0:b4:c6:80:d7:88:01:3d:9b:4c:
39:79:fe:b2:91:ff:ff:d7:2e:35:37:88:df:57:9c:e8:b8:28:
1b:93:4c:dc:67:96:6f:63:4e:08:ea:26:b7:9d:ca:c4:4c:c3:
84:c9:ce:ce:61:bd:15:e0:f0:37:6f:29:a9:b2:43:aa:6d:ac:
b0:51:a4:3b:b7:de:60:5b:2c:de:86:39:e5:d9:d8:83:44:f3:
04:ac:dc:0a:8b:6f:38:44:9d:cb:91:a4:0a:c2:60:cd:5e:ef:
a6:2e:24:d0:6c:12:71:74:89:85:56:43:69:09:2e:07:0b:3c:
c3:35:35:c9:63:42:0e:5e:a2:9d:82:04:04:03:33:7c:94:ff:
86:c0:b1:d5:af:5b:de:30:7f:26:26:18:a3:1a:c5:aa:df:89:
56:60:fe:5f:6f:ac:6c:84:cc:61:93:00:4c:8f:49:27:59:6b:
bd:99:57:09:b8:84:9c:2c:f5:c1:96:1a:cc:42:5a:b4:07:f7:
aa:f2:20:fe:e1:d3:9e:0d:9a:a1:57:a5:23:08:69:a5:7d:a6:
5f:de:20:38:d8:1a:4b:2a:21:93:7a:9b:ee:42:cc:50:d3:21:
c8:55:2a:46:c8:3b:5f:e5:33:86:46:2e:3d:01:0e:24:71:39:
64:85:0c:e6
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZbfyxYyIzQXYT0ODK6tb3++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjUwNTE3MTk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2QyMjBkNjk1ZDQ2Y2RlNzQyY2MxNGViOGE1ZGQ2Nzk5YTQwYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pblkC1J6+4RM+CrOWCODfYCdQGU
r0v4XACGHRlo+gJJoLm4E1hmGNgZ/WzvsPejGVKmHCxNd/c90AVB1VdNFQt2Td5P
6GRiedC9ygfoRwdLpCXfIorvLerik69kfChXNha7hmr6Cj83B2NIYAwS9KcdSa3a
Oo2Nf20C6VGXYNPB1sNnJ0bXX8VMg6/vuE48FrP0+d8pC6iAILLPxapB69Z//KnI
HYa5TkApjx6DMlw0RY1GA9Mm4BjNeEKvPBdljENbroX5jOuexaIpqDCzz4IBxr5V
pMo55A8gOC69O74pBTjBlc0TcCW30XseYLEXIofdUp/kZ4j0eahWedn5MwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFFfSINaV1GzedCzBTril3WeZpAooMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvVjlJZzFwWFViTjUwTE1GT3VLWGRaNW1rQ2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALh9EAwQD
LuKQAwQCuTrEAwQCuXdwAwQAuegpAwQAwS7YAwQAwaN1AwQAwhqPAwQAw7bNAwQA
w7hIAwQA1BffMA0EAgACMAcDBQAqAmUgMA0GCSqGSIb3DQEBCwUAA4IBAQAFo6/e
IEholcC0xoDXiAE9m0w5ef6ykf//1y41N4jfV5zouCgbk0zcZ5ZvY04I6ia3ncrE
TMOEyc7OYb0V4PA3bympskOqbaywUaQ7t95gWyzehjnl2diDRPMErNwKi284RJ3L
kaQKwmDNXu+mLiTQbBJxdImFVkNpCS4HCzzDNTXJY0IOXqKdggQEAzN8lP+GwLHV
r1veMH8mJhijGsWq34lWYP5fb6xshMxhkwBMj0knWWu9mVcJuIScLPXBlhrMQlq0
B/eq8iD+4dOeDZqhV6UjCGmlfaZf3iA42BpLKiGTepvuQsxQ0yHIVSpGyDtf5TOG
Ri49AQ4kcTlkhQzm
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:12:00 2025 by rpki-client