Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/tMeBGTuGSwohf-7boauvhzyPvss.roa
File: tMeBGTuGSwohf-7boauvhzyPvss.roa (raw, json)
Hash identifier: y1qDCVuVZWdlz8wZ0Ap/hODUeFnsM+Z6HgC7LYl/o6U=
Subject key identifier: B4:C7:81:19:3B:86:4B:0A:21:7F:EE:DB:A1:AB:AF:87:3C:8F:BE:CB
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0199B80071B67E340677A283EB3F03C642EA
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/tMeBGTuGSwohf-7boauvhzyPvss.roa
Signing time: Mon 06 Oct 2025 05:31:00 +0000
ROA not before: Mon 06 Oct 2025 05:31:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.100.0/24 maxlen: 24
46.37.101.0/24 maxlen: 24
46.37.102.0/24 maxlen: 24
46.37.105.0/24 maxlen: 24
46.37.106.0/24 maxlen: 24
46.37.109.0/24 maxlen: 24
185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 20:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:00:71:b6:7e:34:06:77:a2:83:eb:3f:03:c6:42:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Oct 6 05:31:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4c781193b864b0a217feedba1abaf873c8fbecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:13:7c:ee:66:35:9c:fb:ed:ab:9a:cf:e4:78:
d9:d8:f0:64:b6:7e:93:17:ad:07:91:6b:99:28:d8:
ad:ba:81:68:0c:a6:4e:5f:60:af:57:67:0e:c4:cb:
7b:c9:a9:e5:54:89:d8:6f:3a:2a:e0:72:5a:f7:18:
93:84:f4:dc:45:f2:91:27:ca:a5:c2:9a:07:ac:dc:
7d:18:93:d4:b6:0c:fc:20:8f:fb:36:04:cd:6b:98:
58:56:6c:7e:d7:4a:a2:2a:e6:a0:4c:5e:80:67:1e:
ee:d7:19:9f:fc:b3:7a:fb:8c:97:1e:6f:93:e7:fb:
6e:17:fc:d7:f9:90:25:4a:17:b5:26:89:bc:33:75:
ac:86:4f:d6:cd:ae:98:14:5e:ce:8e:44:41:f0:a9:
58:3d:6a:63:4d:39:48:de:96:2f:f6:7b:57:e5:f5:
f0:74:2d:fe:f6:50:11:75:a3:66:05:21:ce:c3:cb:
d2:d7:de:4b:09:94:4a:c8:ea:8d:c0:5d:e6:50:29:
67:0b:60:12:e8:1e:c4:8d:d5:da:7e:c9:a1:fc:67:
fe:da:6c:b9:01:aa:16:c7:54:6a:7c:37:d8:fb:e9:
7b:39:24:37:56:02:56:ab:80:13:56:3c:41:af:a1:
db:c1:90:34:94:bb:a3:7b:00:d2:be:b3:5e:e2:4c:
80:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C7:81:19:3B:86:4B:0A:21:7F:EE:DB:A1:AB:AF:87:3C:8F:BE:CB
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/tMeBGTuGSwohf-7boauvhzyPvss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.100.0-46.37.102.255
46.37.105.0-46.37.106.255
46.37.109.0/24
185.92.46.0/24
Signature Algorithm: sha256WithRSAEncryption
67:69:e3:35:38:e6:ef:cd:5b:53:82:7e:25:94:66:49:d1:c0:
01:09:bb:ce:b7:f2:41:50:70:a1:87:40:eb:a6:40:33:fe:ec:
19:40:08:ae:1b:eb:1a:0d:55:ee:4d:3c:90:a0:69:84:92:60:
3a:ec:29:ae:ab:aa:fa:71:29:bc:ef:67:60:a9:64:2a:32:65:
96:5b:5b:f1:a5:25:85:8f:39:b3:ef:65:3a:20:15:30:6e:27:
f0:a9:2b:64:56:2d:d1:e0:23:f4:c2:4d:9c:c7:c4:3a:61:2c:
11:aa:4a:b9:71:53:53:6d:5e:a4:93:42:41:0e:68:9e:12:d9:
fd:65:a2:2c:73:09:fb:ec:92:aa:05:57:48:97:54:3e:ed:80:
98:ee:b5:50:e0:76:6b:ed:b1:75:7e:df:24:16:62:31:c2:e0:
42:f6:f0:36:a8:9c:0c:d9:9d:b5:67:13:b7:be:1d:f5:15:6d:
2d:dc:0f:62:27:f0:91:68:28:74:ab:f1:19:ce:cd:64:fb:62:
cf:3c:7f:a0:db:8d:88:1a:08:2a:da:f7:84:de:69:4d:05:d2:
26:e2:22:71:c5:ee:cb:bc:8b:2c:46:5d:9b:2c:4a:f0:99:4d:
44:0f:c2:5b:93:52:19:4f:45:d8:dc:21:9b:37:34:05:10:76:
58:c1:92:fc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZm4AHG2fjQGd6KD6z8DxkLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUxMDA2MDUzMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGM3ODExOTNiODY0YjBhMjE3ZmVlZGJhMWFiYWY4NzNjOGZiZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRN87mY1nPvtq5rP5HjZ2PBktn6T
F60HkWuZKNituoFoDKZOX2CvV2cOxMt7yanlVInYbzoq4HJa9xiThPTcRfKRJ8ql
wpoHrNx9GJPUtgz8II/7NgTNa5hYVmx+10qiKuagTF6AZx7u1xmf/LN6+4yXHm+T
5/tuF/zX+ZAlShe1Jom8M3Wshk/Wza6YFF7OjkRB8KlYPWpjTTlI3pYv9ntX5fXw
dC3+9lARdaNmBSHOw8vS195LCZRKyOqNwF3mUClnC2AS6B7EjdXafsmh/Gf+2my5
AaoWx1RqfDfY++l7OSQ3VgJWq4ATVjxBr6HbwZA0lLujewDSvrNe4kyAYwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFLTHgRk7hksKIX/u26Grr4c8j77LMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvdE1lQkdUdUdTd29oZi03Ym9hdXZoenlQdnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQALiViMAwD
BAIuJWQDBAAuJWYwDAMEAC4laQMEAC4lagMEAC4lbQMEALlcLjANBgkqhkiG9w0B
AQsFAAOCAQEAZ2njNTjm781bU4J+JZRmSdHAAQm7zrfyQVBwoYdA66ZAM/7sGUAI
rhvrGg1V7k08kKBphJJgOuwprquq+nEpvO9nYKlkKjJllltb8aUlhY85s+9lOiAV
MG4n8KkrZFYt0eAj9MJNnMfEOmEsEapKuXFTU21epJNCQQ5onhLZ/WWiLHMJ++yS
qgVXSJdUPu2AmO61UOB2a+2xdX7fJBZiMcLgQvbwNqicDNmdtWcTt74d9RVtLdwP
YifwkWgodKvxGc7NZPtizzx/oNuNiBoIKtr3hN5pTQXSJuIiccXuy7yLLEZdmyxK
8JlNRA/CW5NSGU9F2Nwhmzc0BRB2WMGS/A==
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:45:45 2025 by rpki-client