Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/R3enN_CEN9QZmwFHuvmlngJF5mA.roa
File: R3enN_CEN9QZmwFHuvmlngJF5mA.roa (raw, json)
Hash identifier: 2raqyTXYc8p7c+qyBdj1OqG1VKTRjTXkrwPm0ExcfaY=
Subject key identifier: 47:77:A7:37:F0:84:37:D4:19:9B:01:47:BA:F9:A5:9E:02:45:E6:60
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0199B9D35C039E194231D83E9FAE575127E9
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/R3enN_CEN9QZmwFHuvmlngJF5mA.roa
Signing time: Mon 06 Oct 2025 14:01:00 +0000
ROA not before: Mon 06 Oct 2025 14:01:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.78.0/24 maxlen: 24
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:d3:5c:03:9e:19:42:31:d8:3e:9f:ae:57:51:27:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Oct 6 14:01:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4777a737f08437d4199b0147baf9a59e0245e660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8f:e0:a4:2b:63:27:7b:63:e8:62:5b:22:9a:
b6:52:2c:94:39:c6:10:cb:38:11:fb:b0:03:65:2f:
6f:c2:fa:26:e5:fd:07:f3:39:62:0a:21:fe:1b:b6:
f9:20:a1:db:28:2c:07:21:ff:b2:07:bb:ac:07:61:
f2:c8:ca:84:4c:4c:fa:b7:4a:77:db:fb:3e:0a:67:
01:3e:67:0c:08:0f:35:3a:9c:2d:f3:d0:69:e7:f0:
17:8c:89:5b:95:8c:4a:e0:e9:1b:82:1f:06:a6:54:
1f:be:11:55:b5:70:3a:59:7a:17:b6:73:0c:40:a6:
8b:c6:42:45:8e:45:43:4e:15:1d:b2:44:f7:1a:bf:
b2:af:0a:7c:82:d0:5a:9a:49:8f:21:c0:1e:84:af:
bd:34:26:ed:5d:78:c1:e8:4b:43:3c:7b:77:85:3c:
69:aa:c2:c7:15:e0:15:0d:2c:21:b5:5b:a2:8f:0f:
4e:0e:47:da:4d:42:c5:cc:25:e7:75:a7:8f:9a:3a:
c2:5a:3a:2e:67:46:d7:19:e5:e9:86:40:5d:3a:7c:
44:cd:a5:78:fa:cf:bc:a6:40:8d:48:ca:ff:0e:03:
86:4f:d9:82:6d:98:02:99:11:47:ce:27:cf:d1:b0:
78:9d:74:54:d5:5a:77:1d:a2:11:a0:9f:d4:50:3b:
20:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:77:A7:37:F0:84:37:D4:19:9B:01:47:BA:F9:A5:9E:02:45:E6:60
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/R3enN_CEN9QZmwFHuvmlngJF5mA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
9b:eb:c0:6e:c3:28:82:0f:06:db:2a:01:d8:13:72:8d:dd:50:
cc:73:bb:72:7e:30:84:cc:57:bf:2a:37:34:73:7b:db:ab:3c:
7a:e2:bf:2a:01:21:31:5e:a0:d9:e2:23:2d:ea:5d:98:62:e8:
2a:00:d4:19:46:8c:d6:f8:3b:bf:04:6c:05:31:90:d3:11:62:
eb:cc:53:f9:c3:ff:7c:e7:51:1d:02:f8:d4:ac:8f:66:4e:96:
c4:71:7c:d7:bc:5b:48:e3:12:c7:51:67:c2:93:47:e3:8f:e7:
9e:76:4e:0b:46:5d:18:5c:38:a7:b9:06:5b:ac:eb:32:d8:0a:
c5:cf:e2:d0:25:b6:54:c6:91:23:76:8b:b2:dc:e0:ac:78:1f:
ce:58:fb:04:1a:e8:75:e5:df:10:c6:51:3d:13:6b:ea:e5:f9:
55:13:95:3d:7e:ca:76:39:69:26:ae:0d:57:9b:f3:8d:c4:26:
59:57:84:6e:1d:81:04:f3:49:ce:08:17:e6:8e:5e:4f:20:d1:
1d:09:54:f3:cb:eb:0b:ac:ef:a9:ca:fc:f1:01:c9:58:0b:bb:
20:01:4c:eb:81:80:c3:ae:5b:c6:d0:f8:29:34:68:bb:e1:5e:
cb:46:63:51:2c:e4:40:f8:cb:5b:45:71:78:5f:50:8c:0e:75:
08:91:11:5f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZm501wDnhlCMdg+n65XUSfpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUxMDA2MTQwMTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzc3YTczN2YwODQzN2Q0MTk5YjAxNDdiYWY5YTU5ZTAyNDVlNjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04/gpCtjJ3tj6GJbIpq2UiyUOcYQ
yzgR+7ADZS9vwvom5f0H8zliCiH+G7b5IKHbKCwHIf+yB7usB2HyyMqETEz6t0p3
2/s+CmcBPmcMCA81Opwt89Bp5/AXjIlblYxK4Okbgh8GplQfvhFVtXA6WXoXtnMM
QKaLxkJFjkVDThUdskT3Gr+yrwp8gtBamkmPIcAehK+9NCbtXXjB6EtDPHt3hTxp
qsLHFeAVDSwhtVuijw9ODkfaTULFzCXndaePmjrCWjouZ0bXGeXphkBdOnxEzaV4
+s+8pkCNSMr/DgOGT9mCbZgCmRFHzifP0bB4nXRU1Vp3HaIRoJ/UUDsgCwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFEd3pzfwhDfUGZsBR7r5pZ4CReZgMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvUjNlbk5fQ0VOOVFabXdGSHV2bWxuZ0pGNW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQCb68BuwyiCDwbbKgHYE3KN3VDMc7tyfjCEzFe/Kjc0c3vb
qzx64r8qASExXqDZ4iMt6l2YYugqANQZRozW+Du/BGwFMZDTEWLrzFP5w/9851Ed
AvjUrI9mTpbEcXzXvFtI4xLHUWfCk0fjj+eedk4LRl0YXDinuQZbrOsy2ArFz+LQ
JbZUxpEjdouy3OCseB/OWPsEGuh15d8QxlE9E2vq5flVE5U9fsp2OWkmrg1Xm/ON
xCZZV4RuHYEE80nOCBfmjl5PINEdCVTzy+sLrO+pyvzxAclYC7sgAUzrgYDDrlvG
0PgpNGi74V7LRmNRLORA+MtbRXF4X1CMDnUIkRFf
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:44 2025 by rpki-client