Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/chWLRFv81xPN9pmuBjcNAvjz_wA.roa
File: chWLRFv81xPN9pmuBjcNAvjz_wA.roa (raw, json)
Hash identifier: OVNYRwIfyIOnKtd+cAUelVQ0JunBmH7qqPn9KkvN1Tk=
Subject key identifier: 72:15:8B:44:5B:FC:D7:13:CD:F6:99:AE:06:37:0D:02:F8:F3:FF:00
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0197C62A2EC65314CD45495A8EDFD1AE8BE5
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/chWLRFv81xPN9pmuBjcNAvjz_wA.roa
Signing time: Tue 01 Jul 2025 13:25:42 +0000
ROA not before: Tue 01 Jul 2025 13:25:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44889
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
185.24.150.0/24 maxlen: 24
185.29.220.0/24 maxlen: 24
185.29.221.0/24 maxlen: 24
212.16.64.0/19 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.86.0/23 maxlen: 23
212.16.89.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
212.80.2.0/24 maxlen: 24
212.80.11.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 13:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:2a:2e:c6:53:14:cd:45:49:5a:8e:df:d1:ae:8b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 1 13:25:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72158b445bfcd713cdf699ae06370d02f8f3ff00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a0:77:69:30:42:fc:c6:fb:3b:f8:27:26:ba:
7f:28:a7:e2:f1:47:58:fd:d5:40:3a:ba:2f:4a:cf:
68:e5:b9:b0:1c:ab:05:14:57:bd:1b:03:93:9f:5b:
20:19:43:32:9c:1c:32:f4:08:ce:5f:1f:f4:f4:d0:
ec:9c:e2:cb:0e:47:0b:9b:93:d3:fa:17:3e:49:97:
18:f6:6e:de:34:09:63:be:dc:37:39:6a:4e:a3:17:
8a:b1:eb:4b:1d:8d:da:c1:14:87:78:b3:06:13:35:
a7:b1:a9:e3:dd:ea:ee:b0:27:29:7d:28:3d:50:2f:
0e:47:93:b1:ef:43:12:32:a7:68:81:60:df:bd:2e:
3d:9f:54:23:1f:1f:00:70:74:8f:08:6c:ae:e3:e2:
ae:cb:d7:00:9d:94:00:d0:0c:31:88:93:a1:3b:1c:
a4:ca:af:8b:07:d6:35:5c:7d:33:68:a6:24:74:6f:
8e:07:d1:a4:d8:c8:19:06:d6:e9:c5:eb:00:81:8f:
34:cb:88:4a:0c:8b:36:7c:65:36:82:4b:2b:9e:d5:
d4:32:47:77:5e:eb:11:d7:39:a1:5d:b2:0d:d6:9d:
a6:b5:18:2f:d7:1d:22:2e:cd:12:f3:2d:59:20:2a:
e1:26:e8:8f:82:3e:17:f9:b1:65:ac:c6:9f:3d:0a:
0e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:15:8B:44:5B:FC:D7:13:CD:F6:99:AE:06:37:0D:02:F8:F3:FF:00
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/chWLRFv81xPN9pmuBjcNAvjz_wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.150.0/24
185.29.220.0/23
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
82:61:10:8d:13:b1:87:81:e4:29:ab:97:c1:39:de:69:64:13:
eb:c8:89:78:40:e0:e7:6a:e8:38:0a:13:a6:8c:8a:b9:dc:ba:
aa:16:46:5a:16:f5:d8:ff:85:01:65:7a:1a:11:c6:4a:fa:6b:
3e:56:49:62:42:eb:73:d3:3c:b5:29:ed:57:06:ef:02:1b:3f:
05:f0:13:d8:04:2b:19:3c:05:6e:99:ef:c8:a5:93:43:6f:a0:
9c:63:d8:15:22:2b:7c:6d:5a:ce:d4:2c:c3:db:be:fa:82:0b:
97:85:57:58:ed:09:c3:3e:6c:6b:28:61:9e:77:09:9b:ae:d9:
23:05:f6:97:0f:27:b0:15:64:59:12:ea:6c:72:9c:2b:aa:e4:
19:90:c3:70:e4:8a:16:79:31:37:29:28:be:34:b4:94:19:9a:
f9:00:60:10:e5:19:0f:5e:d1:79:10:d8:c7:33:0a:04:e2:b1:
98:e9:db:4e:9c:d7:51:f5:b1:7f:7f:ce:22:b6:c4:75:00:61:
21:92:45:6e:5a:dc:a6:36:a5:70:ab:7c:69:12:a7:9c:74:4f:
89:4a:a5:62:8f:17:ce:fc:30:30:a0:48:84:55:3b:26:37:cd:
7f:a7:d6:4f:f1:14:e2:b4:37:8e:80:56:bc:ff:8f:dd:70:04:
3d:1f:87:81
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZfGKi7GUxTNRUlajt/RrovlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNzAxMTMyNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE1OGI0NDViZmNkNzEzY2RmNjk5YWUwNjM3MGQwMmY4ZjNmZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKB3aTBC/Mb7O/gnJrp/KKfi8UdY
/dVAOrovSs9o5bmwHKsFFFe9GwOTn1sgGUMynBwy9AjOXx/09NDsnOLLDkcLm5PT
+hc+SZcY9m7eNAljvtw3OWpOoxeKsetLHY3awRSHeLMGEzWnsanj3erusCcpfSg9
UC8OR5Ox70MSMqdogWDfvS49n1QjHx8AcHSPCGyu4+Kuy9cAnZQA0AwxiJOhOxyk
yq+LB9Y1XH0zaKYkdG+OB9Gk2MgZBtbpxesAgY80y4hKDIs2fGU2gksrntXUMkd3
XusR1zmhXbIN1p2mtRgv1x0iLs0S8y1ZICrhJuiPgj4X+bFlrMafPQoOkQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHIVi0Rb/NcTzfaZrgY3DQL48/8AMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvY2hXTFJGdjgxeFBOOXBtdUJqY05Bdmp6X3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALiaBAwQA
LiaDAwQALiaMAwQAuRiWAwQBuR3cAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2A
MA0GCSqGSIb3DQEBCwUAA4IBAQCCYRCNE7GHgeQpq5fBOd5pZBPryIl4QODnaug4
ChOmjIq53LqqFkZaFvXY/4UBZXoaEcZK+ms+VkliQutz0zy1Ke1XBu8CGz8F8BPY
BCsZPAVume/IpZNDb6CcY9gVIit8bVrO1CzD2776gguXhVdY7QnDPmxrKGGedwmb
rtkjBfaXDyewFWRZEupscpwrquQZkMNw5IoWeTE3KSi+NLSUGZr5AGAQ5RkPXtF5
ENjHMwoE4rGY6dtOnNdR9bF/f84itsR1AGEhkkVuWtymNqVwq3xpEqecdE+JSqVi
jxfO/DAwoEiEVTsmN81/p9ZP8RTitDeOgFa8/4/dcAQ9H4eB
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:43:01 2025 by rpki-client