Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/GaU5Eq42VTrbkS9DN7cpQxhD-9A.roa
File: GaU5Eq42VTrbkS9DN7cpQxhD-9A.roa (raw, json)
Hash identifier: T8zuVX1HB0HXBwZRH7DVkpYoCf1HKAucp9HXXPT+TAg=
Subject key identifier: 19:A5:39:12:AE:36:55:3A:DB:91:2F:43:37:B7:29:43:18:43:FB:D0
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01963D6152273FA6E30C340624EAFAEBC738
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/GaU5Eq42VTrbkS9DN7cpQxhD-9A.roa
Signing time: Wed 16 Apr 2025 06:55:10 +0000
ROA not before: Wed 16 Apr 2025 06:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 46.3.8.0/22 maxlen: 22
46.3.12.0/22 maxlen: 24
46.3.28.0/23 maxlen: 24
46.3.40.0/21 maxlen: 24
46.3.48.0/20 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.84.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.118.0/24 maxlen: 24
46.3.119.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.128.0/22 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.164.0/22 maxlen: 24
46.3.168.0/24 maxlen: 24
46.3.169.0/24 maxlen: 24
46.3.170.0/24 maxlen: 24
46.3.171.0/24 maxlen: 24
46.3.172.0/24 maxlen: 24
46.3.174.0/24 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.189.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.220.0/23 maxlen: 24
46.3.223.0/24 maxlen: 24
46.3.228.0/23 maxlen: 24
46.3.230.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.252.0/22 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.16.0/23 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.236.0/22 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:61:52:27:3f:a6:e3:0c:34:06:24:ea:fa:eb:c7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 16 06:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19a53912ae36553adb912f4337b729431843fbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:e7:2d:80:29:1b:30:98:5a:28:f6:d4:9e:72:
20:56:3b:65:4a:b3:ba:d0:5a:1f:6e:38:69:c8:a5:
24:f9:39:98:25:77:ad:56:f2:8e:d9:8d:3b:89:4c:
df:ef:1d:91:d9:f9:07:ef:20:d7:a2:43:d0:71:b1:
51:10:2f:7d:ca:6d:0b:db:ff:be:21:00:63:0f:10:
48:1f:5e:ad:97:73:03:31:f5:7d:59:a1:4b:3a:8a:
80:2c:aa:a5:e8:c2:ff:0d:f4:93:49:3e:46:f1:d3:
e8:06:30:39:7d:2e:bc:63:fb:ad:92:9a:fb:d8:fb:
d6:2e:80:76:e9:77:8f:00:86:25:a4:42:ba:d6:65:
91:38:89:8c:f7:e2:76:21:47:3b:bd:d0:09:35:65:
78:83:dc:fc:30:11:ff:43:b1:1e:84:b9:39:0c:ee:
0d:d2:d4:d9:60:14:b5:68:56:98:8f:db:c5:0e:1e:
17:43:95:65:d4:f9:fc:0c:7b:c7:3f:09:1d:56:95:
38:70:d7:74:4f:bc:9a:40:fd:f5:c5:a2:c3:90:e2:
2e:92:c8:e3:db:18:f1:6a:09:67:89:4f:66:9d:e1:
7e:ed:36:7b:f7:84:a2:38:98:dd:5e:46:a6:5a:0c:
66:b4:c6:7f:90:7c:79:8b:f8:93:fd:df:75:f6:02:
67:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A5:39:12:AE:36:55:3A:DB:91:2F:43:37:B7:29:43:18:43:FB:D0
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/GaU5Eq42VTrbkS9DN7cpQxhD-9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/21
46.3.28.0/23
46.3.40.0-46.3.63.255
46.3.77.0/24
46.3.84.0/24
46.3.89.0-46.3.91.255
46.3.118.0-46.3.131.255
46.3.134.0/23
46.3.156.0/23
46.3.160.0-46.3.172.255
46.3.174.0/24
46.3.184.0-46.3.190.255
46.3.205.0-46.3.215.255
46.3.220.0/23
46.3.223.0/24
46.3.228.0/22
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.3.248.0/24
46.3.251.0-46.3.255.255
46.232.0.0/22
46.232.16.0/22
46.232.64.0-46.232.66.255
46.232.68.0/24
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.196.0/24
149.126.198.0/24
149.126.204.0/24
149.126.208.0/24
149.126.224.0-149.126.226.255
149.126.228.0/24
149.126.231.0/24
149.126.236.0/22
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
69:56:b2:63:d7:cc:9b:97:ca:ce:43:19:7c:7e:29:fa:82:7c:
f7:87:c1:0a:c6:ea:db:94:0b:8a:84:8d:e7:ae:b9:68:0b:48:
a1:0c:ef:84:97:8c:1d:25:70:5f:b9:2e:d8:36:44:52:5f:d2:
84:51:31:e4:6b:50:65:35:88:b8:15:48:f2:01:32:c1:65:30:
0f:a8:ca:78:3a:ee:9a:9e:0a:80:3c:73:3c:54:58:fc:e0:12:
6f:d4:c0:c4:2d:ea:cf:32:a2:da:d6:29:1d:02:29:48:9b:6d:
81:7e:9d:07:d7:dc:7f:c8:93:f9:d6:a9:ca:86:57:11:5b:6d:
07:4d:e7:18:da:ef:d9:87:b1:0c:22:b9:b6:62:6b:f8:13:7e:
88:e5:1f:b9:27:51:10:98:e5:ae:8f:7d:ed:3d:0a:ff:b3:d6:
d7:a9:c9:ee:3b:f8:88:72:66:9b:1d:1f:4c:89:10:b7:7f:8d:
37:29:39:3e:ef:3f:e8:b1:a6:06:b0:56:37:ee:c3:91:84:35:
fc:74:f2:50:c7:d2:53:6e:eb:d8:54:92:d0:a4:be:03:e7:14:
6d:c2:f3:22:8a:a8:40:e8:89:36:91:35:49:05:de:0a:9a:8f:
df:df:85:9e:55:25:d8:03:c5:eb:fe:f1:18:64:b1:86:38:98:
7d:88:31:bd
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgISAZY9YVInP6bjDDQGJOr668c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNDE2MDY1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE1MzkxMmFlMzY1NTNhZGI5MTJmNDMzN2I3Mjk0MzE4NDNmYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OctgCkbMJhaKPbUnnIgVjtlSrO6
0FofbjhpyKUk+TmYJXetVvKO2Y07iUzf7x2R2fkH7yDXokPQcbFREC99ym0L2/++
IQBjDxBIH16tl3MDMfV9WaFLOoqALKql6ML/DfSTST5G8dPoBjA5fS68Y/utkpr7
2PvWLoB26XePAIYlpEK61mWROImM9+J2IUc7vdAJNWV4g9z8MBH/Q7EehLk5DO4N
0tTZYBS1aFaYj9vFDh4XQ5Vl1Pn8DHvHPwkdVpU4cNd0T7yaQP31xaLDkOIuksjj
2xjxaglniU9mneF+7TZ794SiOJjdXkamWgxmtMZ/kHx5i/iT/d919gJnHwIDAQAB
o4IDWzCCA1cwHQYDVR0OBBYEFBmlORKuNlU625EvQze3KUMYQ/vQMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvR2FVNUVxNDJWVHJia1M5RE43Y3BReGhELTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCCAVYEAgABMIIB
TgMEAy4DCAMEAS4DHDAMAwQDLgMoAwQGLgMAAwQALgNNAwQALgNUMAwDBAAuA1kD
BAIuA1gwDAMEAS4DdgMEAi4DgAMEAS4DhgMEAS4DnDAMAwQFLgOgAwQALgOsAwQA
LgOuMAwDBAMuA7gDBAAuA74wDAMEAC4DzQMEAy4D0AMEAS4D3AMEAC4D3wMEAi4D
5AMEAS4D7DAMAwQALgPzAwQALgP0AwQALgP2AwQALgP4MAsDBAAuA/sDAwIuAAME
Ai7oAAMEAi7oEDAMAwQGLuhAAwQALuhCAwQALuhEAwQCLuh0AwQCLuh8AwQAlX7B
AwQAlX7EAwQAlX7GAwQAlX7MAwQAlX7QMAwDBAWVfuADBACVfuIDBACVfuQDBACV
fucDBAKVfuwDBACVfvIDBAGVfvQwDAMEAJV+9wMEAJV++jALAwQAlX79AwMAlX4w
DQYJKoZIhvcNAQELBQADggEBAGlWsmPXzJuXys5DGXx+KfqCfPeHwQrG6tuUC4qE
jeeuuWgLSKEM74SXjB0lcF+5Ltg2RFJf0oRRMeRrUGU1iLgVSPIBMsFlMA+oyng6
7pqeCoA8czxUWPzgEm/UwMQt6s8yotrWKR0CKUibbYF+nQfX3H/Ik/nWqcqGVxFb
bQdN5xja79mHsQwiubZia/gTfojlH7knURCY5a6Pfe09Cv+z1tepye47+IhyZpsd
H0yJELd/jTcpOT7vP+ixpgawVjfuw5GENfx08lDH0lNu69hUktCkvgPnFG3C8yKK
qEDoiTaRNUkF3gqaj9/fhZ5VJdgDxev+8RhksYY4mH2IMb0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:15:25 2025 by rpki-client