Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/8VeZzKCSYwY0DCbXzIW1NSYlnco.roa
File: 8VeZzKCSYwY0DCbXzIW1NSYlnco.roa (raw, json)
Hash identifier: I9e2BdnaNqb224QzcqVlasgDfHBu0PzpJuiVTcPLBkY=
Subject key identifier: F1:57:99:CC:A0:92:63:06:34:0C:26:D7:CC:85:B5:35:26:25:9D:CA
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0198D59675D609DE6AB578497705862F0E53
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/8VeZzKCSYwY0DCbXzIW1NSYlnco.roa
Signing time: Sat 23 Aug 2025 06:21:04 +0000
ROA not before: Sat 23 Aug 2025 06:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 46.38.140.0/24 maxlen: 24
46.38.146.0/24 maxlen: 24
46.38.147.0/24 maxlen: 24
46.38.149.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
185.29.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:96:75:d6:09:de:6a:b5:78:49:77:05:86:2f:0e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 23 06:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f15799cca0926306340c26d7cc85b53526259dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:74:95:1d:8c:b9:28:94:6d:21:d3:55:58:c8:
d4:76:09:91:02:55:21:db:c6:df:38:6a:dd:53:1e:
64:53:63:ed:ba:77:ba:d0:28:9a:02:84:41:98:93:
36:c5:49:6e:2a:c1:c1:16:c3:ed:e8:52:4a:84:82:
10:f4:88:fa:78:a1:72:a9:65:ee:98:68:d9:7c:45:
0a:22:90:41:64:9e:66:89:f7:a9:07:0f:39:22:fa:
f5:75:0e:df:af:91:b6:fe:a7:26:e6:a8:02:4c:65:
49:d1:88:ba:1a:d7:37:64:64:98:c2:4d:fa:09:ae:
03:06:73:d7:e6:53:72:63:1e:67:3d:12:c8:ff:5a:
2b:70:e4:bb:10:b1:4b:46:ba:a3:8a:eb:0f:46:b0:
98:6d:af:b1:4a:a9:c5:65:48:bd:f8:9d:6e:7b:55:
0a:86:db:1e:d3:e7:60:e5:4b:64:1d:a6:8f:9d:47:
b8:69:29:81:87:9c:58:ea:92:4a:f3:b3:31:d6:f5:
93:63:c6:d7:0d:3a:6d:cf:3c:78:87:a7:c3:9e:6e:
ca:8d:22:2b:27:9d:25:80:b1:85:0d:37:4a:98:d0:
69:26:5b:2c:ac:b4:36:5f:9e:2d:41:fd:b5:ec:98:
81:4a:b7:fd:ba:01:7a:c2:44:d9:c7:89:f3:8e:4b:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:57:99:CC:A0:92:63:06:34:0C:26:D7:CC:85:B5:35:26:25:9D:CA
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/8VeZzKCSYwY0DCbXzIW1NSYlnco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.140.0/24
46.38.146.0/23
46.38.149.0/24
109.94.165.0/24
185.29.223.0/24
Signature Algorithm: sha256WithRSAEncryption
79:da:3c:02:f2:5c:af:e8:44:43:c6:d5:9f:c1:5d:ff:b2:23:
aa:6d:86:3d:a2:6d:2c:61:1f:e4:9f:06:ca:db:03:51:81:31:
02:65:d6:36:85:28:d8:e5:da:0b:95:6d:ca:bf:95:9b:fb:39:
45:b9:d3:b0:39:0e:fb:ce:df:ad:4a:95:b5:06:76:99:29:90:
3d:0d:97:46:fd:04:da:52:2f:cd:03:5f:31:3c:c7:db:22:06:
32:e8:fc:e1:ae:b5:6a:2e:e6:f7:24:1e:17:b4:c8:f0:a1:47:
83:29:2c:4b:29:a8:2d:1f:51:a9:a8:10:a8:92:85:4b:5c:7d:
ff:d1:c9:a3:9f:09:cd:2c:59:03:2a:01:60:87:44:34:02:3b:
f8:df:4d:25:ed:1a:a8:d7:2f:41:4b:0f:8c:b5:3f:1b:73:75:
03:80:48:00:9e:01:4d:5f:86:22:da:0f:d8:19:5c:39:2c:b5:
18:5e:cb:c3:52:89:4e:f2:dc:ab:85:39:5c:72:36:57:37:72:
3b:47:7a:b8:89:3b:2c:b8:24:e5:e0:75:4a:3c:6e:77:31:de:
31:df:69:f4:0c:c8:e2:3f:f6:aa:f4:5d:af:31:5f:8f:db:e9:
17:9c:55:8b:96:c9:a2:04:85:a5:48:01:1f:9a:42:ee:49:8a:
ad:d9:64:78
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjVlnXWCd5qtXhJdwWGLw5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwODIzMDYyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTU3OTljY2EwOTI2MzA2MzQwYzI2ZDdjYzg1YjUzNTI2MjU5ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnSVHYy5KJRtIdNVWMjUdgmRAlUh
28bfOGrdUx5kU2Ptune60CiaAoRBmJM2xUluKsHBFsPt6FJKhIIQ9Ij6eKFyqWXu
mGjZfEUKIpBBZJ5mifepBw85Ivr1dQ7fr5G2/qcm5qgCTGVJ0Yi6Gtc3ZGSYwk36
Ca4DBnPX5lNyYx5nPRLI/1orcOS7ELFLRrqjiusPRrCYba+xSqnFZUi9+J1ue1UK
htse0+dg5UtkHaaPnUe4aSmBh5xY6pJK87Mx1vWTY8bXDTptzzx4h6fDnm7KjSIr
J50lgLGFDTdKmNBpJlssrLQ2X54tQf217JiBSrf9ugF6wkTZx4nzjksmFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPFXmcygkmMGNAwm18yFtTUmJZ3KMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvOFZlWnpLQ1NZd1kwRENiWHpJVzFOU1lsbmNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiaMAwQB
LiaSAwQALiaVAwQAbV6lAwQAuR3fMA0GCSqGSIb3DQEBCwUAA4IBAQB52jwC8lyv
6ERDxtWfwV3/siOqbYY9om0sYR/knwbK2wNRgTECZdY2hSjY5doLlW3Kv5Wb+zlF
udOwOQ77zt+tSpW1BnaZKZA9DZdG/QTaUi/NA18xPMfbIgYy6PzhrrVqLub3JB4X
tMjwoUeDKSxLKagtH1GpqBCokoVLXH3/0cmjnwnNLFkDKgFgh0Q0Ajv4300l7Rqo
1y9BSw+MtT8bc3UDgEgAngFNX4Yi2g/YGVw5LLUYXsvDUolO8tyrhTlccjZXN3I7
R3q4iTssuCTl4HVKPG53Md4x32n0DMjiP/aq9F2vMV+P2+kXnFWLlsmiBIWlSAEf
mkLuSYqt2WR4
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:03:40 2025 by rpki-client