Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/_T7yWpkJzBK6Q3eizwK2Fv5qIsU.roa
File: _T7yWpkJzBK6Q3eizwK2Fv5qIsU.roa (raw, json)
Hash identifier: kxu3F/kuHsl6rKKBSWQEq/G1abOxmhYczpyjKK+a/pk=
Subject key identifier: FD:3E:F2:5A:99:09:CC:12:BA:43:77:A2:CF:02:B6:16:FE:6A:22:C5
Certificate issuer: /CN=79b5134b11f940911f0ff315c948daa53f732ee0
Certificate serial: 019765DD65B71697ECD5F2F73ACA91CEB2F6
Authority key identifier: 79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/_T7yWpkJzBK6Q3eizwK2Fv5qIsU.roa
Signing time: Thu 12 Jun 2025 20:38:17 +0000
ROA not before: Thu 12 Jun 2025 20:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 46.254.48.0/24 maxlen: 24
46.254.49.0/24 maxlen: 24
46.254.50.0/24 maxlen: 24
46.254.51.0/24 maxlen: 24
46.254.52.0/24 maxlen: 24
46.254.53.0/24 maxlen: 24
46.254.54.0/24 maxlen: 24
46.254.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:dd:65:b7:16:97:ec:d5:f2:f7:3a:ca:91:ce:b2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79b5134b11f940911f0ff315c948daa53f732ee0
Validity
Not Before: Jun 12 20:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd3ef25a9909cc12ba4377a2cf02b616fe6a22c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b6:92:fa:3d:cd:84:48:b3:fb:2e:73:9e:f6:
a4:e5:5c:4d:75:22:0c:b3:a3:4f:c9:8f:48:87:78:
ae:47:98:33:46:aa:d5:31:54:22:da:a4:09:75:75:
33:ba:aa:21:e0:6b:65:43:a1:ed:f8:25:31:b8:09:
4d:96:ca:6b:47:84:b1:bc:b3:50:61:88:3a:91:f9:
a9:2e:f1:a0:c9:5d:f0:06:ab:e8:3c:3c:d8:49:85:
b8:ac:2d:fc:ca:9b:7c:57:e5:7e:89:ef:6d:1f:b4:
78:c5:50:9a:b2:df:db:ab:ff:8d:c1:f3:99:e0:35:
98:46:fe:25:81:0d:ca:ec:5d:9c:79:53:72:a8:79:
7a:f4:d8:d9:45:de:75:fa:0f:7a:5a:09:fb:d6:25:
c7:e9:04:2c:38:7e:66:d3:2f:de:0f:2e:29:a0:3d:
96:22:81:db:93:47:63:df:9f:e0:02:cb:4a:62:d8:
cb:6e:7d:ce:2e:8f:a6:a2:a0:9e:7b:8d:34:98:0b:
1a:60:e6:76:df:af:17:de:78:48:35:45:87:15:86:
6e:a6:8d:2d:c2:54:da:cc:db:3e:6f:8e:61:14:fb:
32:2a:f4:f3:c5:ce:e9:e4:93:1d:f9:0c:0f:93:25:
1a:d9:18:0c:63:03:a0:91:f2:e3:43:26:22:f2:94:
38:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:3E:F2:5A:99:09:CC:12:BA:43:77:A2:CF:02:B6:16:FE:6A:22:C5
X509v3 Authority Key Identifier:
keyid:79:B5:13:4B:11:F9:40:91:1F:0F:F3:15:C9:48:DA:A5:3F:73:2E:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ebUTSxH5QJEfD_MVyUjapT9zLuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/_T7yWpkJzBK6Q3eizwK2Fv5qIsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/5e0994-94d2-46e1-8066-cec22ea79513/1/ebUTSxH5QJEfD_MVyUjapT9zLuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.48.0/21
Signature Algorithm: sha256WithRSAEncryption
b7:36:5f:dc:19:74:70:72:6e:2c:72:28:dd:db:fa:43:a8:41:
f8:59:7d:b6:57:64:83:61:3b:5e:3c:75:69:f2:b5:b9:e0:e2:
e6:ea:ad:a1:e3:fe:56:09:85:32:5c:e8:38:9f:0a:c0:fe:b6:
e9:19:dc:c4:3d:87:59:bd:25:14:d3:7b:7d:14:93:44:84:76:
23:91:f5:f5:b3:36:b4:0d:26:0a:49:7e:2e:0d:ab:04:99:39:
6a:71:1d:c8:58:dc:d3:13:3e:ac:08:ae:b0:c5:dd:88:0e:d3:
6a:ee:c5:8d:98:0e:27:a4:2d:1e:d1:af:c9:f5:31:1c:8f:f6:
ac:1c:43:cc:4e:d1:6c:2a:27:2f:a0:e2:59:a2:da:63:b6:b3:
fe:30:04:13:bd:87:67:e8:2f:0f:ad:2e:eb:c7:32:32:d3:8a:
7d:2b:5c:9b:0d:c8:1f:4b:0e:dc:ad:4f:ba:b1:dd:67:cd:05:
44:e0:36:77:02:96:d7:2f:27:24:36:49:f8:f5:cc:e8:01:12:
47:c5:79:11:75:78:a5:70:7f:c9:be:4a:c8:58:dd:a9:f5:bc:
6a:94:0d:2c:ce:4b:63:22:07:4b:62:73:6d:0e:95:62:ef:09:
96:9b:52:bc:d9:ed:4d:fb:d4:be:43:ea:ff:68:d3:5c:2c:8e:
e0:09:9f:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdl3WW3Fpfs1fL3OsqRzrL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YjUxMzRiMTFmOTQwOTExZjBmZjMxNWM5NDhkYWE1M2Y3
MzJlZTAwHhcNMjUwNjEyMjAzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDNlZjI1YTk5MDljYzEyYmE0Mzc3YTJjZjAyYjYxNmZlNmEyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybaS+j3NhEiz+y5znvak5VxNdSIM
s6NPyY9Ih3iuR5gzRqrVMVQi2qQJdXUzuqoh4GtlQ6Ht+CUxuAlNlsprR4SxvLNQ
YYg6kfmpLvGgyV3wBqvoPDzYSYW4rC38ypt8V+V+ie9tH7R4xVCast/bq/+NwfOZ
4DWYRv4lgQ3K7F2ceVNyqHl69NjZRd51+g96Wgn71iXH6QQsOH5m0y/eDy4poD2W
IoHbk0dj35/gAstKYtjLbn3OLo+moqCee400mAsaYOZ2368X3nhINUWHFYZupo0t
wlTazNs+b45hFPsyKvTzxc7p5JMd+QwPkyUa2RgMYwOgkfLjQyYi8pQ47wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0+8lqZCcwSukN3os8Cthb+aiLFMB8GA1UdIwQY
MBaAFHm1E0sR+UCRHw/zFclI2qU/cy7gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYt
Y2VjMjJlYTc5NTEzLzEvX1Q3eVdwa0p6Qks2UTNlaXp3SzJGdjVxSXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS81ZTA5OTQtOTRkMi00NmUxLTgwNjYtY2VjMjJlYTc5NTEz
LzEvZWJVVFN4SDVRSkVmRF9NVnlVamFwVDl6THVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv4wMA0G
CSqGSIb3DQEBCwUAA4IBAQC3Nl/cGXRwcm4scijd2/pDqEH4WX22V2SDYTtePHVp
8rW54OLm6q2h4/5WCYUyXOg4nwrA/rbpGdzEPYdZvSUU03t9FJNEhHYjkfX1sza0
DSYKSX4uDasEmTlqcR3IWNzTEz6sCK6wxd2IDtNq7sWNmA4npC0e0a/J9TEcj/as
HEPMTtFsKicvoOJZotpjtrP+MAQTvYdn6C8PrS7rxzIy04p9K1ybDcgfSw7crU+6
sd1nzQVE4DZ3ApbXLyckNkn49czoARJHxXkRdXilcH/JvkrIWN2p9bxqlA0szktj
IgdLYnNtDpVi7wmWm1K82e1N+9S+Q+r/aNNcLI7gCZ/k
-----END CERTIFICATE-----
Generated at Wed Jul 2 20:01:26 2025 by rpki-client