Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PjmdCi_SKObZ-ay6--Kx14dle_w.roa
File: PjmdCi_SKObZ-ay6--Kx14dle_w.roa (raw, json)
Hash identifier: I3VJPj1bjyVE1JKxBBSHYg/pO1V9gSk31a25iRaOVaA=
Subject key identifier: 3E:39:9D:0A:2F:D2:28:E6:D9:F9:AC:BA:FB:E2:B1:D7:87:65:7B:FC
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0198B8B3BFE0789A0E2CFBC56A6FB7ACD68A
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PjmdCi_SKObZ-ay6--Kx14dle_w.roa
Signing time: Sun 17 Aug 2025 15:44:04 +0000
ROA not before: Sun 17 Aug 2025 15:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b8:b3:bf:e0:78:9a:0e:2c:fb:c5:6a:6f:b7:ac:d6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 17 15:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e399d0a2fd228e6d9f9acbafbe2b1d787657bfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:55:6d:82:88:1e:3a:d7:9d:2c:d2:a4:5d:01:
c1:57:c8:8d:45:8a:ed:99:97:ff:d9:84:a7:da:e1:
25:e5:f8:02:eb:18:03:9a:de:2c:f5:79:2e:5e:7a:
e5:ec:9b:d5:ff:e3:70:53:4c:54:57:2a:08:45:f0:
e8:c5:1d:26:ef:94:2b:16:dc:1f:5d:6e:07:36:31:
97:20:8b:c5:14:cf:bd:92:ea:75:b2:47:35:72:46:
d2:2a:bb:f9:98:6f:b1:b7:17:4f:d9:a7:1f:ac:4f:
23:c3:25:29:a6:27:88:e2:bd:0f:48:d3:a3:5c:01:
b7:dc:83:35:a6:71:d4:fa:91:52:fd:ff:04:41:fd:
a7:e6:3d:8b:bb:59:7d:0f:51:2c:d0:14:60:14:f0:
cf:4d:60:66:56:27:06:96:f4:6f:16:3a:4f:dc:5e:
ad:7a:c1:64:0e:e0:50:20:25:13:8a:12:49:d9:ea:
b2:5b:e6:a8:39:81:16:bd:c8:fa:09:94:25:2e:89:
84:a1:80:cc:22:f3:dc:22:e4:4e:da:ee:2a:de:83:
fd:41:c0:b4:6a:19:85:62:b4:bf:73:cf:a3:c6:98:
52:c2:08:8d:f5:02:fb:50:04:04:47:f8:b3:99:ef:
03:f7:dd:10:d7:f9:39:df:5e:9b:1f:87:8c:75:90:
94:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:39:9D:0A:2F:D2:28:E6:D9:F9:AC:BA:FB:E2:B1:D7:87:65:7B:FC
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/PjmdCi_SKObZ-ay6--Kx14dle_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
ac:b5:18:03:89:cf:dc:69:05:53:ec:08:39:29:7a:28:23:b2:
ff:91:c9:89:34:1e:58:ff:b9:91:2f:89:04:e6:99:04:a1:0f:
1a:6a:83:83:cb:dd:74:2c:45:77:c1:6d:3f:27:9b:c7:bd:a1:
76:cf:48:ac:a1:73:b6:54:1a:78:c4:85:ab:17:62:72:f1:15:
57:b7:b8:2f:c8:c3:14:7e:23:86:61:5f:b7:4f:fb:49:be:d0:
82:d2:ca:88:38:09:ea:88:47:f6:0d:0d:e8:b0:a7:09:a3:39:
11:0e:63:51:e6:ad:74:f3:52:4e:a7:03:52:91:81:1d:38:03:
b6:cb:89:bc:1d:be:a8:eb:6c:69:d1:69:d3:87:ec:b1:55:2c:
d6:3c:83:26:df:97:f6:8d:7f:87:ea:04:c7:42:32:c3:76:53:
cb:ed:b8:18:9e:bf:c9:21:3d:ba:52:b9:ac:6d:ce:08:20:d6:
4e:1d:f1:ad:07:4e:b7:26:ca:43:dc:ff:2b:fb:22:37:73:98:
f6:07:26:0f:a9:c5:40:0a:76:ae:fa:0e:a2:97:17:77:9a:1a:
5a:9a:01:db:4e:73:94:18:4d:06:f4:c6:d5:03:91:61:9f:69:
41:8b:2f:c8:b6:31:32:21:71:60:3c:8d:f2:8e:98:cd:33:13:
86:4b:bd:a1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZi4s7/geJoOLPvFam+3rNaKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwODE3MTU0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTM5OWQwYTJmZDIyOGU2ZDlmOWFjYmFmYmUyYjFkNzg3NjU3YmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1VtgogeOtedLNKkXQHBV8iNRYrt
mZf/2YSn2uEl5fgC6xgDmt4s9XkuXnrl7JvV/+NwU0xUVyoIRfDoxR0m75QrFtwf
XW4HNjGXIIvFFM+9kup1skc1ckbSKrv5mG+xtxdP2acfrE8jwyUppieI4r0PSNOj
XAG33IM1pnHU+pFS/f8EQf2n5j2Lu1l9D1Es0BRgFPDPTWBmVicGlvRvFjpP3F6t
esFkDuBQICUTihJJ2eqyW+aoOYEWvcj6CZQlLomEoYDMIvPcIuRO2u4q3oP9QcC0
ahmFYrS/c8+jxphSwgiN9QL7UAQER/izme8D990Q1/k5316bH4eMdZCU/QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFD45nQov0ijm2fmsuvvisdeHZXv8MB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUGptZENpX1NLT2JaLWF5Ni0tS3gxNGRsZV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQCstRgDic/caQVT7Ag5KXooI7L/kcmJNB5Y/7mRL4kE5pkE
oQ8aaoODy910LEV3wW0/J5vHvaF2z0isoXO2VBp4xIWrF2Jy8RVXt7gvyMMUfiOG
YV+3T/tJvtCC0sqIOAnqiEf2DQ3osKcJozkRDmNR5q1081JOpwNSkYEdOAO2y4m8
Hb6o62xp0WnTh+yxVSzWPIMm35f2jX+H6gTHQjLDdlPL7bgYnr/JIT26Urmsbc4I
INZOHfGtB063JspD3P8r+yI3c5j2ByYPqcVACnau+g6ilxd3mhpamgHbTnOUGE0G
9MbVA5Fhn2lBiy/ItjEyIXFgPI3yjpjNMxOGS72h
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:13:02 2025 by rpki-client