Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/IbhS6h3nTSvMTH1bZLFoGSouwG0.roa
File: IbhS6h3nTSvMTH1bZLFoGSouwG0.roa (raw, json)
Hash identifier: mE7Z7M3WJDW8Xxj5N/cTaa8dFMKyZgrGuttacm28HxI=
Subject key identifier: 21:B8:52:EA:1D:E7:4D:2B:CC:4C:7D:5B:64:B1:68:19:2A:2E:C0:6D
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197A1F82C8FAC72663D27271167845EA9C6
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/IbhS6h3nTSvMTH1bZLFoGSouwG0.roa
Signing time: Tue 24 Jun 2025 12:44:45 +0000
ROA not before: Tue 24 Jun 2025 12:44:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34837
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.64.0/24 maxlen: 24
212.16.65.0/24 maxlen: 24
212.16.66.0/24 maxlen: 24
212.16.67.0/24 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.75.0/24 maxlen: 24
212.16.76.0/24 maxlen: 24
212.16.82.0/24 maxlen: 24
212.16.83.0/24 maxlen: 24
212.16.88.0/24 maxlen: 24
212.16.90.0/24 maxlen: 24
212.16.91.0/24 maxlen: 24
212.80.0.0/19 maxlen: 19
212.80.1.0/24 maxlen: 24
212.80.3.0/24 maxlen: 24
212.80.5.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
212.80.16.0/24 maxlen: 24
212.80.28.0/24 maxlen: 24
212.80.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:f8:2c:8f:ac:72:66:3d:27:27:11:67:84:5e:a9:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 24 12:44:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21b852ea1de74d2bcc4c7d5b64b168192a2ec06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:29:91:fb:2f:3a:19:5b:df:5e:e3:33:c1:33:
99:be:e5:02:a9:fa:f8:ba:e3:0b:0e:4e:31:54:d2:
e3:8d:c1:e7:3a:8e:c2:e5:2d:b6:75:d5:20:93:9e:
93:78:1b:64:c5:19:d8:40:88:7c:f3:1a:08:65:ce:
ea:d7:dc:c5:f7:98:84:fe:40:a3:5a:e1:67:f3:86:
fc:ff:3c:62:ac:dc:21:8f:f3:f3:6c:28:33:21:db:
47:dd:a6:a4:50:a9:9e:cd:e2:8d:f2:ff:60:57:00:
f5:b1:32:1e:5a:65:ef:f3:a8:3e:25:1c:40:ca:f0:
3e:42:d6:9a:30:97:59:43:22:40:71:0d:ce:d5:01:
3f:ab:b7:de:18:b6:40:ca:88:da:74:bf:c0:7b:b6:
c1:b1:a8:ce:7f:8f:8b:92:7f:d7:8b:fc:8d:53:c4:
49:a4:f9:14:38:44:8a:36:c7:ed:b8:3e:35:51:43:
fa:92:dd:b6:26:3e:b1:0d:96:cd:c7:74:f9:14:49:
86:17:bf:37:cb:3e:30:dd:55:9d:aa:75:c3:f9:c6:
a0:87:bb:d4:c6:b0:a2:5b:a9:05:c3:cd:75:52:26:
b8:97:7c:f7:04:b5:d7:d2:e2:ca:e7:05:89:f2:05:
42:f9:8d:07:b0:a0:35:d2:2b:e5:1c:d1:39:f3:52:
b2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B8:52:EA:1D:E7:4D:2B:CC:4C:7D:5B:64:B1:68:19:2A:2E:C0:6D
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/IbhS6h3nTSvMTH1bZLFoGSouwG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
212.16.64.0-212.16.68.255
212.16.75.0-212.16.76.255
212.16.82.0/23
212.16.88.0/24
212.16.90.0/23
212.80.0.0/19
Signature Algorithm: sha256WithRSAEncryption
af:3e:98:23:97:fb:c0:ee:ed:14:fa:0d:9d:37:d1:2e:13:78:
ee:8c:45:f3:de:cc:35:f5:91:97:9c:d9:e7:82:1d:dd:af:21:
54:b1:5a:58:bd:02:f6:7b:da:24:a0:75:96:45:34:3e:59:dc:
a6:75:9f:60:96:52:ca:b4:b5:a7:dc:1e:d5:c2:6c:54:28:a2:
d0:7f:40:71:4c:61:db:3f:68:f6:a8:c4:22:2e:07:90:72:ae:
2f:e3:bd:30:fc:61:f3:9c:e8:7b:79:37:9b:11:cb:be:82:12:
30:d2:de:7f:8b:73:d1:6e:96:b2:51:ca:f2:9c:40:ba:c6:fe:
5d:f6:56:07:e4:c3:15:08:02:cd:31:44:a1:9f:12:80:04:6e:
b4:e3:ca:ba:f5:db:06:51:79:7d:24:d6:7a:d1:0e:7a:f5:b8:
dc:25:fc:b8:52:dd:4a:c9:01:51:d5:df:3a:ec:de:5c:dd:05:
3e:c3:88:39:33:ad:e6:b3:11:b6:77:4f:75:4e:fe:46:09:4a:
e0:46:83:16:8e:a3:98:e4:6c:a9:53:46:d6:66:d7:99:a4:d7:
57:16:29:4b:f1:8d:9f:ff:9f:27:14:45:55:89:62:e4:ff:be:
33:30:d7:42:4a:8b:c0:ca:2f:cf:7f:1e:0b:eb:de:66:12:bf:
b9:3d:94:79
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZeh+CyPrHJmPScnEWeEXqnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNjI0MTI0NDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI4NTJlYTFkZTc0ZDJiY2M0YzdkNWI2NGIxNjgxOTJhMmVjMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCmR+y86GVvfXuMzwTOZvuUCqfr4
uuMLDk4xVNLjjcHnOo7C5S22ddUgk56TeBtkxRnYQIh88xoIZc7q19zF95iE/kCj
WuFn84b8/zxirNwhj/PzbCgzIdtH3aakUKmezeKN8v9gVwD1sTIeWmXv86g+JRxA
yvA+QtaaMJdZQyJAcQ3O1QE/q7feGLZAyojadL/Ae7bBsajOf4+Lkn/Xi/yNU8RJ
pPkUOESKNsftuD41UUP6kt22Jj6xDZbNx3T5FEmGF783yz4w3VWdqnXD+cagh7vU
xrCiW6kFw811Uia4l3z3BLXX0uLK5wWJ8gVC+Y0HsKA10ivlHNE581Ky8QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCG4Uuod500rzEx9W2SxaBkqLsBtMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvSWJoUzZoM25UU3ZNVEgxYlpMRm9HU291d0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQALiaBAwQA
LiaDAwQALiaMMAwDBAbUEEADBADUEEQwDAMEANQQSwMEANQQTAMEAdQQUgMEANQQ
WAMEAdQQWgMEBdRQADANBgkqhkiG9w0BAQsFAAOCAQEArz6YI5f7wO7tFPoNnTfR
LhN47oxF897MNfWRl5zZ54Id3a8hVLFaWL0C9nvaJKB1lkU0PlncpnWfYJZSyrS1
p9we1cJsVCii0H9AcUxh2z9o9qjEIi4HkHKuL+O9MPxh85zoe3k3mxHLvoISMNLe
f4tz0W6WslHK8pxAusb+XfZWB+TDFQgCzTFEoZ8SgARutOPKuvXbBlF5fSTWetEO
evW43CX8uFLdSskBUdXfOuzeXN0FPsOIOTOt5rMRtndPdU7+RglK4EaDFo6jmORs
qVNG1mbXmaTXVxYpS/GNn/+fJxRFVYli5P++MzDXQkqLwMovz38eC+veZhK/uT2U
eQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:20:31 2025 by rpki-client