Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/RvXzj38mjaqFaRw0nfNqF7T6Y1s.roa
File: RvXzj38mjaqFaRw0nfNqF7T6Y1s.roa (raw, json)
Hash identifier: 7kZy3m542Pm+kVfiULPOgrM3DNzZKNd1618+U/zm6+0=
Subject key identifier: 46:F5:F3:8F:7F:26:8D:AA:85:69:1C:34:9D:F3:6A:17:B4:FA:63:5B
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01963B2F31A0AA08E8BC18070C47C1156741
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/RvXzj38mjaqFaRw0nfNqF7T6Y1s.roa
Signing time: Tue 15 Apr 2025 20:41:10 +0000
ROA not before: Tue 15 Apr 2025 20:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399989
IP address blocks: 46.3.8.0/23 maxlen: 24
46.3.32.0/20 maxlen: 20
46.3.48.0/20 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.80.0/21 maxlen: 21
46.3.84.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.128.0/22 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.164.0/22 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.184.0/23 maxlen: 24
46.3.188.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.216.0/21 maxlen: 21
46.3.224.0/21 maxlen: 21
46.3.228.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.203.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.251.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/24 maxlen: 24
149.126.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3b:2f:31:a0:aa:08:e8:bc:18:07:0c:47:c1:15:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Apr 15 20:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46f5f38f7f268daa85691c349df36a17b4fa635b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:65:78:71:e0:42:27:91:05:10:10:6c:72:3f:
2b:01:68:c2:27:79:9d:ec:68:57:32:e2:89:ce:95:
20:da:40:f4:b4:bb:e0:ad:8d:c5:68:58:c2:b1:4e:
10:89:bd:fc:7b:8c:2b:0a:d1:d4:5d:6a:77:5e:5f:
82:d3:3f:f1:9b:62:74:40:c4:42:89:4a:90:8e:d0:
cf:32:70:7d:18:de:95:7a:72:aa:17:96:18:af:cf:
9c:4f:22:bc:75:fb:3e:e4:11:96:fb:26:5f:91:57:
0a:4b:2e:b8:67:17:79:ad:b9:45:bb:ca:04:09:9f:
fd:6a:92:14:72:78:95:c9:4e:ed:08:de:db:b4:7f:
8d:03:3b:c1:84:34:2a:13:0c:26:dd:bf:e6:43:61:
8b:00:c2:0b:7b:a8:61:a1:d7:26:30:27:1e:be:3a:
dd:d2:2a:c0:ed:b4:24:54:2a:a0:2f:51:01:31:cf:
6d:9c:a0:34:44:f7:7b:35:46:1c:c2:af:71:c1:9c:
61:00:94:0a:c7:a2:a8:c1:da:83:cd:da:69:eb:99:
ec:bc:9f:0b:a9:df:96:99:7c:ed:2a:cc:b8:a7:ab:
7a:2a:68:3d:ed:df:1b:53:35:d0:42:35:6b:ad:9a:
b8:be:c7:e8:df:a7:45:f1:be:58:74:c8:a8:51:5d:
b8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F5:F3:8F:7F:26:8D:AA:85:69:1C:34:9D:F3:6A:17:B4:FA:63:5B
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/RvXzj38mjaqFaRw0nfNqF7T6Y1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/23
46.3.32.0/19
46.3.77.0/24
46.3.80.0/21
46.3.89.0-46.3.91.255
46.3.120.0-46.3.131.255
46.3.134.0/23
46.3.156.0/23
46.3.160.0/21
46.3.184.0/21
46.3.205.0-46.3.231.255
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.232.0.0/22
46.232.18.0/23
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.203.0/24
149.126.228.0/24
149.126.231.0/24
149.126.242.0/24
149.126.251.0/24
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
8f:9c:5c:d6:7e:26:8b:77:70:91:d8:45:1a:3b:c2:d0:73:db:
14:41:a9:2c:e4:c6:5f:c0:61:ac:9b:a8:2b:d7:33:d0:53:fe:
bf:79:19:e8:c7:0e:90:06:98:4f:2a:77:f6:ad:4b:1d:29:83:
92:0e:54:34:76:cb:59:6a:5a:91:4d:7b:33:9b:7b:15:d4:04:
b5:06:7f:5b:e3:eb:1d:bf:e2:4f:4f:89:fb:02:a0:98:4d:46:
e2:34:41:f9:b1:66:6c:bb:7f:87:e8:a5:3e:88:1c:68:3a:fe:
2e:20:b0:22:59:91:4e:61:6c:0a:7c:27:ab:3c:3b:db:03:6d:
35:ed:10:05:97:e2:38:86:fc:97:8d:58:ae:14:8e:fd:af:17:
19:08:f8:df:a9:bb:21:a3:4e:db:d8:47:73:5a:88:1b:4e:72:
1a:18:a2:08:71:47:23:d1:ec:6e:b7:8b:0b:af:cd:31:66:9f:
22:03:2d:76:79:bf:c6:2c:b1:cc:b7:8a:b3:d9:9c:de:26:c9:
59:4c:3a:28:8b:da:a0:84:8e:84:db:da:a8:fe:53:5c:6a:1f:
04:be:3e:b2:f6:71:bf:47:f4:57:5f:d0:b3:0c:bc:af:22:0a:
f2:c7:8f:7c:12:08:9a:5c:c0:73:fc:39:48:af:4c:16:bd:8f:
ec:65:95:f4
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgISAZY7LzGgqgjovBgHDEfBFWdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNDE1MjA0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmY1ZjM4ZjdmMjY4ZGFhODU2OTFjMzQ5ZGYzNmExN2I0ZmE2MzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mV4ceBCJ5EFEBBscj8rAWjCJ3md
7GhXMuKJzpUg2kD0tLvgrY3FaFjCsU4Qib38e4wrCtHUXWp3Xl+C0z/xm2J0QMRC
iUqQjtDPMnB9GN6VenKqF5YYr8+cTyK8dfs+5BGW+yZfkVcKSy64Zxd5rblFu8oE
CZ/9apIUcniVyU7tCN7btH+NAzvBhDQqEwwm3b/mQ2GLAMILe6hhodcmMCcevjrd
0irA7bQkVCqgL1EBMc9tnKA0RPd7NUYcwq9xwZxhAJQKx6KowdqDzdpp65nsvJ8L
qd+WmXztKsy4p6t6Kmg97d8bUzXQQjVrrZq4vsfo36dF8b5YdMioUV24OQIDAQAB
o4ICxTCCAsEwHQYDVR0OBBYEFEb1849/Jo2qhWkcNJ3zahe0+mNbMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvUnZYemozOG1qYXFGYVJ3MG5mTnFGN1Q2WTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHaBggrBgEFBQcBBwEB/wSByjCBxzCBxAQCAAEwgb0DBAEu
AwgDBAUuAyADBAAuA00DBAMuA1AwDAMEAC4DWQMEAi4DWDAMAwQDLgN4AwQCLgOA
AwQBLgOGAwQBLgOcAwQDLgOgAwQDLgO4MAwDBAAuA80DBAMuA+ADBAEuA+wwDAME
AC4D8wMEAC4D9AMEAC4D9gMEAi7oAAMEAS7oEgMEAi7odAMEAi7ofAMEAJV+wQME
AJV+ywMEAJV+5AMEAJV+5wMEAJV+8gMEAJV++zALAwQAlX79AwMAlX4wDQYJKoZI
hvcNAQELBQADggEBAI+cXNZ+Jot3cJHYRRo7wtBz2xRBqSzkxl/AYaybqCvXM9BT
/r95GejHDpAGmE8qd/atSx0pg5IOVDR2y1lqWpFNezObexXUBLUGf1vj6x2/4k9P
ifsCoJhNRuI0QfmxZmy7f4fopT6IHGg6/i4gsCJZkU5hbAp8J6s8O9sDbTXtEAWX
4jiG/JeNWK4Ujv2vFxkI+N+puyGjTtvYR3NaiBtOchoYoghxRyPR7G63iwuvzTFm
nyIDLXZ5v8Ysscy3irPZnN4myVlMOiiL2qCEjoTb2qj+U1xqHwS+PrL2cb9H9Fdf
0LMMvK8iCvLHj3wSCJpcwHP8OUivTBa9j+xllfQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:21:27 2025 by rpki-client