Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/Ov6Yc_rfnF29LDL468R6Q7PHjd0.roa
File: Ov6Yc_rfnF29LDL468R6Q7PHjd0.roa (raw, json)
Hash identifier: +oLQZvjsGV1UxrKj7moqOOLBa/KXbzk5oX2tFPHRRW0=
Subject key identifier: 3A:FE:98:73:FA:DF:9C:5D:BD:2C:32:F8:EB:C4:7A:43:B3:C7:8D:DD
Certificate issuer: /CN=ed6d4b57a5a1f7617a9e3603efbaeef03b0cf921
Certificate serial: 01971C299207DF00B60CB81449FBDBE10DFA
Authority key identifier: ED:6D:4B:57:A5:A1:F7:61:7A:9E:36:03:EF:BA:EE:F0:3B:0C:F9:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7W1LV6Wh92F6njYD77ru8DsM-SE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/Ov6Yc_rfnF29LDL468R6Q7PHjd0.roa
Signing time: Thu 29 May 2025 13:09:35 +0000
ROA not before: Thu 29 May 2025 13:09:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197460
IP address blocks: 46.175.24.0/21 maxlen: 21
46.175.24.0/22 maxlen: 22
46.175.24.0/24 maxlen: 24
46.175.25.0/24 maxlen: 24
46.175.26.0/24 maxlen: 24
46.175.27.0/24 maxlen: 24
46.175.28.0/22 maxlen: 22
46.175.28.0/24 maxlen: 24
46.175.29.0/24 maxlen: 24
46.175.30.0/24 maxlen: 24
46.175.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/7W1LV6Wh92F6njYD77ru8DsM-SE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/7W1LV6Wh92F6njYD77ru8DsM-SE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7W1LV6Wh92F6njYD77ru8DsM-SE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 13:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:29:92:07:df:00:b6:0c:b8:14:49:fb:db:e1:0d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed6d4b57a5a1f7617a9e3603efbaeef03b0cf921
Validity
Not Before: May 29 13:09:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3afe9873fadf9c5dbd2c32f8ebc47a43b3c78ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6f:20:99:de:54:01:86:2f:4d:77:81:e1:69:
c5:3a:db:30:cc:45:df:7d:26:2d:78:f9:d1:44:5a:
80:e4:0b:3a:cf:69:62:f0:63:42:90:bf:20:71:b5:
a5:8a:b7:a9:6c:a0:97:84:d0:eb:fb:4e:da:ed:f6:
67:2e:bd:b6:48:1e:71:e3:0b:85:5c:ea:c3:c5:fa:
06:ce:99:d0:de:fc:ab:12:36:7f:be:19:7b:09:6a:
d6:a0:a5:e0:1e:78:a4:fe:50:14:d0:a9:27:6b:16:
d8:83:40:21:99:1c:26:e9:d7:b6:be:d9:5c:89:92:
72:d0:30:72:d6:2d:67:e1:b3:1d:05:d3:92:ac:a2:
78:e8:ca:7b:cc:75:bc:0f:df:fa:f4:63:98:66:aa:
28:73:1b:b9:56:93:03:0d:72:af:77:dd:ff:22:a6:
54:e4:47:c5:c3:fa:cd:44:7a:a3:cb:a7:cb:30:58:
2f:94:55:fd:c7:16:65:4e:37:ef:c7:6d:7c:68:19:
81:bc:38:6a:94:74:6d:94:52:07:27:97:04:49:a0:
25:91:b5:e4:10:23:73:06:c5:f0:cf:9a:1e:5d:1e:
45:45:74:6c:0d:1c:72:8d:01:61:ac:fe:7e:ef:47:
10:86:52:18:52:d9:13:e4:3c:28:52:ea:2a:49:7b:
7a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:FE:98:73:FA:DF:9C:5D:BD:2C:32:F8:EB:C4:7A:43:B3:C7:8D:DD
X509v3 Authority Key Identifier:
keyid:ED:6D:4B:57:A5:A1:F7:61:7A:9E:36:03:EF:BA:EE:F0:3B:0C:F9:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7W1LV6Wh92F6njYD77ru8DsM-SE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/Ov6Yc_rfnF29LDL468R6Q7PHjd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/fdcb01-a80c-451f-adb1-ebc224f765a2/1/7W1LV6Wh92F6njYD77ru8DsM-SE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.24.0/21
Signature Algorithm: sha256WithRSAEncryption
05:ef:20:31:d3:0a:a4:71:c2:da:b0:b5:c9:f8:d1:77:da:3f:
aa:d2:3a:4f:28:02:ac:d4:81:6c:eb:2d:1b:ef:6c:e8:62:39:
e6:d5:d1:0c:39:a4:d6:d4:41:6c:54:d7:db:60:c9:a8:94:7c:
86:72:03:3c:b5:44:ac:40:18:5b:15:c4:a5:bf:20:3e:a9:78:
1d:57:81:8e:9e:61:70:c6:f4:cf:f7:4e:03:0d:8a:45:63:ef:
33:e5:8d:cd:7e:bb:94:ac:48:b2:da:40:d3:08:9a:f8:50:36:
5f:cb:5d:8e:0e:12:4e:d3:b3:7f:eb:dc:40:65:08:c8:5e:68:
b0:07:e6:f3:54:d8:52:ed:37:40:25:61:68:fc:57:49:a9:58:
69:5f:2c:7f:46:9d:aa:e5:26:6e:2b:b4:ca:8a:3c:1d:62:34:
8c:d5:95:37:dd:9c:b4:0d:8d:bd:45:05:20:61:12:dc:07:fd:
74:a2:ef:bc:e8:62:6a:70:05:f7:b6:d8:34:1a:fb:a8:b1:a5:
26:c5:b4:c0:b8:0e:73:7e:da:5d:6f:c0:a3:ae:c1:23:82:6f:
18:bf:9d:6c:b9:66:52:7c:ad:50:38:b0:ac:81:ac:8f:e0:ae:
87:b4:6f:ac:65:07:99:3d:2b:50:ed:91:c9:62:dd:b3:24:1a:
65:fe:2f:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZccKZIH3wC2DLgUSfvb4Q36MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNmQ0YjU3YTVhMWY3NjE3YTllMzYwM2VmYmFlZWYwM2Iw
Y2Y5MjEwHhcNMjUwNTI5MTMwOTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWZlOTg3M2ZhZGY5YzVkYmQyYzMyZjhlYmM0N2E0M2IzYzc4ZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqG8gmd5UAYYvTXeB4WnFOtswzEXf
fSYtePnRRFqA5As6z2li8GNCkL8gcbWlirepbKCXhNDr+07a7fZnLr22SB5x4wuF
XOrDxfoGzpnQ3vyrEjZ/vhl7CWrWoKXgHnik/lAU0KknaxbYg0AhmRwm6de2vtlc
iZJy0DBy1i1n4bMdBdOSrKJ46Mp7zHW8D9/69GOYZqoocxu5VpMDDXKvd93/IqZU
5EfFw/rNRHqjy6fLMFgvlFX9xxZlTjfvx218aBmBvDhqlHRtlFIHJ5cESaAlkbXk
ECNzBsXwz5oeXR5FRXRsDRxyjQFhrP5+70cQhlIYUtkT5DwoUuoqSXt6QwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDr+mHP635xdvSwy+OvEekOzx43dMB8GA1UdIwQY
MBaAFO1tS1elofdhep42A++67vA7DPkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1cxTFY2V2g5MkY2bmpZRDc3cnU4RHNNLVNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9mZGNiMDEtYTgwYy00NTFmLWFkYjEt
ZWJjMjI0Zjc2NWEyLzEvT3Y2WWNfcmZuRjI5TERMNDY4UjZRN1BIamQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9mZGNiMDEtYTgwYy00NTFmLWFkYjEtZWJjMjI0Zjc2NWEy
LzEvN1cxTFY2V2g5MkY2bmpZRDc3cnU4RHNNLVNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLq8YMA0G
CSqGSIb3DQEBCwUAA4IBAQAF7yAx0wqkccLasLXJ+NF32j+q0jpPKAKs1IFs6y0b
72zoYjnm1dEMOaTW1EFsVNfbYMmolHyGcgM8tUSsQBhbFcSlvyA+qXgdV4GOnmFw
xvTP904DDYpFY+8z5Y3NfruUrEiy2kDTCJr4UDZfy12ODhJO07N/69xAZQjIXmiw
B+bzVNhS7TdAJWFo/FdJqVhpXyx/Rp2q5SZuK7TKijwdYjSM1ZU33Zy0DY29RQUg
YRLcB/10ou+86GJqcAX3ttg0GvuosaUmxbTAuA5zftpdb8CjrsEjgm8Yv51suWZS
fK1QOLCsgayP4K6HtG+sZQeZPStQ7ZHJYt2zJBpl/i8A
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:38:55 2025 by rpki-client