Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/UoYvqwb3hE00Zp84hhGnmd240hg.roa
File: UoYvqwb3hE00Zp84hhGnmd240hg.roa (raw, json)
Hash identifier: 49MJ1dNROv8Nj0PtdLTYeEIUO4m9yUrrFOkmEumOu1s=
Subject key identifier: 52:86:2F:AB:06:F7:84:4D:34:66:9F:38:86:11:A7:99:DD:B8:D2:18
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 0197407B65F411A90F9FC0010C35F73B9DC9
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/UoYvqwb3hE00Zp84hhGnmd240hg.roa
Signing time: Thu 05 Jun 2025 14:25:18 +0000
ROA not before: Thu 05 Jun 2025 14:25:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 46.3.0.0/16 maxlen: 24
46.3.252.0/23 maxlen: 24
46.232.0.0/17 maxlen: 24
46.232.4.0/23 maxlen: 24
149.126.192.0/18 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:7b:65:f4:11:a9:0f:9f:c0:01:0c:35:f7:3b:9d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 5 14:25:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52862fab06f7844d34669f388611a799ddb8d218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:16:c4:0d:83:59:2e:48:56:f6:32:85:0c:f1:
8c:0a:73:47:6f:64:0f:7a:4b:f9:94:31:84:97:5a:
1e:73:e4:b0:63:28:a7:8a:65:ff:ab:2b:64:3f:09:
a4:c6:73:b0:7d:be:ec:a8:33:4c:1d:33:db:7f:3c:
d2:7f:90:4d:37:c0:df:66:fc:cd:e4:88:ba:bd:14:
cb:06:27:d8:67:91:b0:fa:d4:1c:5b:47:f6:eb:9c:
94:a6:ff:ac:f2:39:f4:e7:aa:18:f1:9e:72:c6:fe:
e9:45:98:96:8b:18:37:84:8d:78:92:1c:71:81:1a:
e5:07:e9:3c:7a:83:08:5f:8c:e5:3d:59:aa:73:8c:
bf:49:6d:a5:8e:cc:99:4e:88:f2:4b:d3:54:86:4d:
6e:c3:08:10:05:5f:85:f3:cc:c8:10:f8:68:1f:06:
97:16:e2:e3:9b:d3:76:06:e2:b0:dd:fe:d9:93:08:
07:f6:b8:47:53:a6:0a:47:46:5a:b5:cb:aa:0d:4f:
b3:3e:ea:23:76:0d:4b:fe:a8:d9:77:cb:32:92:b1:
3a:af:65:ee:ae:ca:29:a1:96:2b:19:0c:1f:ab:2a:
42:f9:2f:ed:06:8a:6d:a5:1b:10:6f:b3:06:67:b4:
49:aa:0f:db:25:ff:ff:e9:e6:04:7d:96:79:89:7b:
36:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:86:2F:AB:06:F7:84:4D:34:66:9F:38:86:11:A7:99:DD:B8:D2:18
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/UoYvqwb3hE00Zp84hhGnmd240hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.0.0/16
46.232.0.0/17
149.126.192.0/18
Signature Algorithm: sha256WithRSAEncryption
10:77:1c:1a:19:e6:47:7f:c1:85:12:5d:dd:eb:bd:a9:27:7e:
7a:1c:dc:42:9c:50:c5:77:42:d8:04:94:6a:0d:1b:ff:2b:c8:
fc:80:05:37:5f:ab:ca:26:34:05:68:cf:32:b7:81:67:18:56:
2c:6b:dd:03:7c:23:a1:d5:0c:2d:98:a8:9f:85:9e:a4:f5:58:
d4:a9:8a:70:cb:94:45:12:21:d8:c0:9e:81:ac:9a:40:a4:0b:
c7:9e:f9:ea:51:dd:af:93:59:ad:9b:3a:06:e5:1c:08:ea:46:
4c:5a:fa:a9:0a:54:6b:ea:34:9c:78:bb:ab:96:9c:72:bb:57:
d0:a2:94:6a:6b:9c:3a:8e:ce:73:66:ec:3f:2b:6b:40:e3:ca:
ee:0b:8b:6a:1e:7b:4d:07:a6:1e:62:71:27:70:5d:b8:39:7b:
44:b0:6b:30:90:85:1c:02:1f:0b:ef:1e:a7:5a:cf:9e:0b:84:
d1:c9:9c:77:6f:39:b2:90:e6:58:57:7b:f5:5f:3c:c9:d5:2b:
b6:6f:f6:6b:c1:1a:9d:8d:69:33:0a:43:23:43:b8:11:56:1c:
27:12:fc:1b:ba:08:8e:90:63:32:d3:49:df:7d:59:12:a3:e9:
7d:7d:ec:1e:90:94:51:c3:8f:a4:48:06:a9:56:d5:a0:1e:38:
ca:6e:2b:02
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZdAe2X0EakPn8ABDDX3O53JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNjA1MTQyNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjg2MmZhYjA2Zjc4NDRkMzQ2NjlmMzg4NjExYTc5OWRkYjhkMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+hbEDYNZLkhW9jKFDPGMCnNHb2QP
ekv5lDGEl1oec+SwYyinimX/qytkPwmkxnOwfb7sqDNMHTPbfzzSf5BNN8DfZvzN
5Ii6vRTLBifYZ5Gw+tQcW0f265yUpv+s8jn056oY8Z5yxv7pRZiWixg3hI14khxx
gRrlB+k8eoMIX4zlPVmqc4y/SW2ljsyZTojyS9NUhk1uwwgQBV+F88zIEPhoHwaX
FuLjm9N2BuKw3f7ZkwgH9rhHU6YKR0ZatcuqDU+zPuojdg1L/qjZd8sykrE6r2Xu
rsopoZYrGQwfqypC+S/tBoptpRsQb7MGZ7RJqg/bJf//6eYEfZZ5iXs2DQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFFKGL6sG94RNNGafOIYRp5nduNIYMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvVW9ZdnF3YjNoRTAwWnA4NGhoR25tZDI0MGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMALgMDBAcu
6AADBAaVfsAwDQYJKoZIhvcNAQELBQADggEBABB3HBoZ5kd/wYUSXd3rvaknfnoc
3EKcUMV3QtgElGoNG/8ryPyABTdfq8omNAVozzK3gWcYVixr3QN8I6HVDC2YqJ+F
nqT1WNSpinDLlEUSIdjAnoGsmkCkC8ee+epR3a+TWa2bOgblHAjqRkxa+qkKVGvq
NJx4u6uWnHK7V9CilGprnDqOznNm7D8ra0Djyu4Li2oee00Hph5icSdwXbg5e0Sw
azCQhRwCHwvvHqdaz54LhNHJnHdvObKQ5lhXe/VfPMnVK7Zv9mvBGp2NaTMKQyND
uBFWHCcS/Bu6CI6QYzLTSd99WRKj6X197B6QlFHDj6RIBqlW1aAeOMpuKwI=
-----END CERTIFICATE-----
Generated at Sat Jun 7 09:04:32 2025 by rpki-client