Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3ESXVdPElkEvcYz_QpjExjuwDEo.roa
File: 3ESXVdPElkEvcYz_QpjExjuwDEo.roa (raw, json)
Hash identifier: LztcpEPi6uDXOr7HoSwmUg13DGCFYBRppSgnWG7SNfw=
Subject key identifier: DC:44:97:55:D3:C4:96:41:2F:71:8C:FF:42:98:C4:C6:3B:B0:0C:4A
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01993D8FC4DC50C1A1A390DD156B32FA5633
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3ESXVdPElkEvcYz_QpjExjuwDEo.roa
Signing time: Fri 12 Sep 2025 10:54:15 +0000
ROA not before: Fri 12 Sep 2025 10:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57494
IP address blocks: 46.8.97.0/24 maxlen: 24
46.8.99.0/24 maxlen: 24
46.8.196.0/23 maxlen: 24
46.8.200.0/23 maxlen: 24
46.8.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:8f:c4:dc:50:c1:a1:a3:90:dd:15:6b:32:fa:56:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Sep 12 10:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc449755d3c496412f718cff4298c4c63bb00c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9b:ea:23:7d:fb:ac:5e:05:b7:bd:72:69:c8:
82:fe:f6:b8:cc:0e:67:26:61:aa:44:fd:ae:1c:45:
e2:97:32:e6:b1:a4:62:bc:28:e4:69:ec:74:03:9e:
19:de:49:b7:71:ad:c5:ae:ac:08:86:c3:45:9e:3d:
6f:d2:af:d2:e7:c1:e4:fe:d9:c2:ca:d8:93:25:3d:
81:b0:cb:cc:dd:23:86:1e:4d:76:16:c5:6a:9b:30:
d8:76:4f:c3:ae:3e:58:d2:e4:ed:ca:08:35:72:f5:
8f:a4:0d:89:ac:1c:f1:96:bf:fe:dd:6e:75:90:7b:
24:7e:9f:cf:e1:17:cc:fb:3e:ab:2d:ee:32:bd:84:
b1:87:c7:d6:43:5d:a2:b2:19:77:6a:c6:1f:b6:d8:
fa:68:0d:43:b4:a5:f7:06:61:5b:c3:5b:9b:28:87:
96:e5:ed:a2:87:62:a8:20:39:1f:e9:15:87:bf:82:
69:98:33:9a:90:ad:f1:3f:52:03:61:c3:9a:4b:74:
bb:c4:0b:bf:6c:ea:0d:c7:db:a9:b6:f8:05:28:5f:
16:cd:00:49:6d:fa:4e:7a:72:8a:9d:24:dd:70:d2:
f3:53:88:13:d8:da:f5:f3:95:c3:ec:87:10:50:72:
54:1b:95:5d:21:01:1c:0a:97:b9:56:2b:0e:be:34:
99:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:44:97:55:D3:C4:96:41:2F:71:8C:FF:42:98:C4:C6:3B:B0:0C:4A
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/3ESXVdPElkEvcYz_QpjExjuwDEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.97.0/24
46.8.99.0/24
46.8.196.0/23
46.8.200.0/23
46.8.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:a1:73:8f:8a:26:9e:bf:67:7f:e3:91:d7:6a:e0:21:83:36:
9b:28:06:2e:e1:b1:38:1d:a8:1c:3d:c7:f5:2e:2c:be:0f:71:
b4:4d:94:3c:a5:ba:e4:30:08:e8:73:57:77:09:6f:c7:5e:79:
e7:ce:64:10:98:85:82:76:a5:a8:b9:6d:37:d7:a6:e2:56:b4:
4c:b3:78:67:a9:da:92:10:e8:df:37:ac:03:6e:ac:6f:e9:aa:
c2:d4:5b:fa:9a:94:0b:ce:d1:8e:28:82:01:74:5a:ef:31:01:
29:ea:6f:d6:d6:ec:1c:50:8f:07:51:4f:85:80:98:b1:cd:2b:
9a:cd:d1:cf:ff:4b:d9:b4:ce:12:02:5e:97:89:58:91:1d:3e:
ef:45:6c:27:b3:c4:60:cb:7a:53:8c:3b:9a:14:fd:ec:45:20:
cf:fc:d8:09:f2:6f:e0:08:7a:3e:7b:0a:b8:46:bf:e1:fb:3a:
5f:3e:d2:88:b2:e5:10:d9:44:d7:6a:79:a5:81:ce:f7:fd:13:
e2:03:db:d2:7b:74:d2:58:54:4c:b1:58:21:d5:6e:d2:5e:53:
cc:f9:52:84:e6:7e:39:49:54:0e:e0:6f:67:b8:69:9e:89:a1:
9c:ff:7e:c5:50:f1:b1:73:b3:1d:37:11:93:49:65:28:96:df:
fb:2e:62:37
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZk9j8TcUMGho5DdFWsy+lYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwOTEyMTA1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzQ0OTc1NWQzYzQ5NjQxMmY3MThjZmY0Mjk4YzRjNjNiYjAwYzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pvqI337rF4Ft71yaciC/va4zA5n
JmGqRP2uHEXilzLmsaRivCjkaex0A54Z3km3ca3FrqwIhsNFnj1v0q/S58Hk/tnC
ytiTJT2BsMvM3SOGHk12FsVqmzDYdk/Drj5Y0uTtygg1cvWPpA2JrBzxlr/+3W51
kHskfp/P4RfM+z6rLe4yvYSxh8fWQ12ishl3asYfttj6aA1DtKX3BmFbw1ubKIeW
5e2ih2KoIDkf6RWHv4JpmDOakK3xP1IDYcOaS3S7xAu/bOoNx9uptvgFKF8WzQBJ
bfpOenKKnSTdcNLzU4gT2Nr185XD7IcQUHJUG5VdIQEcCpe5VisOvjSZcwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNxEl1XTxJZBL3GM/0KYxMY7sAxKMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvM0VTWFZkUEVsa0V2Y1l6X1FwakV4anV3REVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALghhAwQA
LghjAwQBLgjEAwQBLgjIAwQALgjLMA0GCSqGSIb3DQEBCwUAA4IBAQA7oXOPiiae
v2d/45HXauAhgzabKAYu4bE4HagcPcf1Liy+D3G0TZQ8pbrkMAjoc1d3CW/HXnnn
zmQQmIWCdqWouW0316biVrRMs3hnqdqSEOjfN6wDbqxv6arC1Fv6mpQLztGOKIIB
dFrvMQEp6m/W1uwcUI8HUU+FgJixzSuazdHP/0vZtM4SAl6XiViRHT7vRWwns8Rg
y3pTjDuaFP3sRSDP/NgJ8m/gCHo+ewq4Rr/h+zpfPtKIsuUQ2UTXanmlgc73/RPi
A9vSe3TSWFRMsVgh1W7SXlPM+VKE5n45SVQO4G9nuGmeiaGc/37FUPGxc7MdNxGT
SWUolt/7LmI3
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:44 2025 by rpki-client