Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/4lyP_XtLW1h3NI-vGWGjLTNLSfs.roa
File: 4lyP_XtLW1h3NI-vGWGjLTNLSfs.roa (raw, json)
Hash identifier: wCaH//OrmPa6FcL1bsRu2GwqBfLRMK34kAaOY7fa6WI=
Subject key identifier: E2:5C:8F:FD:7B:4B:5B:58:77:34:8F:AF:19:61:A3:2D:33:4B:49:FB
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0198D5958BCB743581D8FE2CE71EEBCA0837
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/4lyP_XtLW1h3NI-vGWGjLTNLSfs.roa
Signing time: Sat 23 Aug 2025 06:20:04 +0000
ROA not before: Sat 23 Aug 2025 06:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213732
IP address blocks: 46.38.140.0/24 maxlen: 24
46.38.145.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.148.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
46.38.151.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
212.80.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:95:8b:cb:74:35:81:d8:fe:2c:e7:1e:eb:ca:08:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 23 06:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e25c8ffd7b4b5b5877348faf1961a32d334b49fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:46:fd:15:c4:93:55:22:c4:ad:5d:81:e0:cd:
d5:6f:e9:a3:b5:cc:df:64:39:5e:23:c7:46:15:79:
72:e5:e3:36:54:cd:9d:aa:6b:38:2f:6a:89:f8:6c:
cf:a2:58:49:fd:d6:f4:e0:a4:59:72:e3:04:2e:35:
89:8d:61:3d:a9:11:8d:9d:f9:4d:f3:c8:69:b5:66:
c7:07:7a:7f:d1:e8:5b:9e:ce:0a:31:cb:16:1c:2d:
8e:68:fc:57:6f:3c:92:d0:00:4f:c8:fc:24:b1:66:
7e:0a:af:f6:e8:d0:a5:91:7e:c3:44:36:56:30:84:
1b:19:14:6e:ab:87:ba:50:71:80:1a:08:39:3f:dc:
61:8c:53:84:f0:9e:a9:ae:14:64:8a:e7:96:73:46:
26:a5:ae:0e:b5:c5:b7:46:fd:11:e9:fc:ad:fd:95:
5e:fc:91:63:e4:85:43:f7:8e:1a:8e:82:8b:e6:28:
fb:1c:27:1e:f9:aa:41:17:fe:6b:8f:dd:ce:48:40:
ce:70:2f:0f:18:7f:76:b7:05:bb:b8:6b:45:f5:81:
e8:8a:a2:13:56:ea:cf:b3:b1:6b:7f:f6:18:27:77:
35:5a:2d:6b:bb:f0:27:d9:d2:da:2a:e4:ec:36:f7:
12:6f:78:5b:49:38:d6:ce:1c:50:56:73:98:38:15:
5e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5C:8F:FD:7B:4B:5B:58:77:34:8F:AF:19:61:A3:2D:33:4B:49:FB
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/4lyP_XtLW1h3NI-vGWGjLTNLSfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.140.0/24
46.38.145.0-46.38.151.255
185.29.223.0/24
212.80.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f1:77:d3:f7:83:dc:80:14:80:9c:1a:c1:b4:77:c8:17:c5:
ba:8b:6f:93:17:09:25:f6:9d:3e:20:ea:42:20:97:d6:db:49:
c9:99:75:24:23:aa:8c:6b:41:5d:61:23:d1:2c:b7:8a:2a:bd:
10:3b:86:93:c3:da:6e:51:68:9b:90:e6:92:ef:17:49:04:e5:
bc:a9:9f:7b:df:14:c8:22:1e:81:d6:05:3f:f9:77:63:1f:c1:
23:03:a4:4a:0b:04:34:e7:ca:c3:68:aa:3d:fb:f7:8d:a8:d2:
1d:54:5c:e5:6c:94:25:49:af:21:c3:e7:ca:9e:fc:78:e7:05:
1f:8e:b7:34:99:27:f2:7c:3f:1e:51:bc:7c:29:25:ee:be:b6:
e1:d2:4a:b6:25:5b:be:75:e2:47:0c:86:9b:63:5c:49:07:82:
bd:92:a1:49:7b:9d:8a:43:c7:b8:65:c6:f3:45:33:bd:dc:ff:
c0:d9:b2:e1:5a:26:4a:d6:8b:de:c2:dd:40:6a:36:be:7b:2b:
ed:26:88:6d:7f:45:95:a7:5c:4d:ab:bb:9c:53:c7:b9:a8:9d:
bb:3d:21:52:42:19:4f:d9:3b:03:2d:63:b3:f7:d3:1b:f4:1a:
5e:16:45:c0:cf:21:8d:f1:33:61:28:85:78:8f:d8:63:6b:64:
7e:90:2c:75
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZjVlYvLdDWB2P4s5x7rygg3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwODIzMDYyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVjOGZmZDdiNGI1YjU4NzczNDhmYWYxOTYxYTMyZDMzNGI0OWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0b9FcSTVSLErV2B4M3Vb+mjtczf
ZDleI8dGFXly5eM2VM2dqms4L2qJ+GzPolhJ/db04KRZcuMELjWJjWE9qRGNnflN
88hptWbHB3p/0ehbns4KMcsWHC2OaPxXbzyS0ABPyPwksWZ+Cq/26NClkX7DRDZW
MIQbGRRuq4e6UHGAGgg5P9xhjFOE8J6prhRkiueWc0Ympa4OtcW3Rv0R6fyt/ZVe
/JFj5IVD944ajoKL5ij7HCce+apBF/5rj93OSEDOcC8PGH92twW7uGtF9YHoiqIT
VurPs7Frf/YYJ3c1Wi1ru/An2dLaKuTsNvcSb3hbSTjWzhxQVnOYOBVenQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOJcj/17S1tYdzSPrxlhoy0zS0n7MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvNGx5UF9YdExXMWgzTkktdkdXR2pMVE5MU2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALiaMMAwD
BAAuJpEDBAMuJpADBAC5Hd8DBADUUB0wDQYJKoZIhvcNAQELBQADggEBAH/xd9P3
g9yAFICcGsG0d8gXxbqLb5MXCSX2nT4g6kIgl9bbScmZdSQjqoxrQV1hI9Est4oq
vRA7hpPD2m5RaJuQ5pLvF0kE5bypn3vfFMgiHoHWBT/5d2MfwSMDpEoLBDTnysNo
qj37942o0h1UXOVslCVJryHD58qe/HjnBR+OtzSZJ/J8Px5RvHwpJe6+tuHSSrYl
W7514kcMhptjXEkHgr2SoUl7nYpDx7hlxvNFM73c/8DZsuFaJkrWi97C3UBqNr57
K+0miG1/RZWnXE2ru5xTx7monbs9IVJCGU/ZOwMtY7P30xv0Gl4WRcDPIY3xM2Eo
hXiP2GNrZH6QLHU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:15:55 2025 by rpki-client