Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/dAxQblLMTskbiV73n6rfpF9mCXE.roa
File: dAxQblLMTskbiV73n6rfpF9mCXE.roa (raw, json)
Hash identifier: w4rhN/gv9cU9YP2OvBE0kIQ1XppJ8UD1siwlpRvp3Fs=
Subject key identifier: 74:0C:50:6E:52:CC:4E:C9:1B:89:5E:F7:9F:AA:DF:A4:5F:66:09:71
Certificate issuer: /CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Certificate serial: 0199F7A0016318B05D92351CF129DF129620
Authority key identifier: 6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/dAxQblLMTskbiV73n6rfpF9mCXE.roa
Signing time: Sat 18 Oct 2025 14:01:22 +0000
ROA not before: Sat 18 Oct 2025 14:01:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.233.35.0/24 maxlen: 24
46.233.42.0/23 maxlen: 23
46.233.52.0/23 maxlen: 23
46.233.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f7:a0:01:63:18:b0:5d:92:35:1c:f1:29:df:12:96:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fc50d0d42067b76ab1a2e8e533ff849b65d56f5
Validity
Not Before: Oct 18 14:01:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=740c506e52cc4ec91b895ef79faadfa45f660971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2b:35:61:bb:55:b8:90:b3:1d:ef:77:6f:fa:
3b:bc:58:ac:64:6a:d2:f4:ef:db:5f:2e:e2:53:73:
7a:d3:4a:8a:e3:ec:c3:33:fe:09:72:50:28:a2:bc:
2d:7a:ca:f9:7b:48:16:43:e7:4f:19:1c:a5:f7:c3:
49:1a:93:0c:9b:56:5f:f5:04:3f:b8:21:68:b3:69:
1f:c6:f8:2c:16:52:14:4c:7a:d3:4b:c5:75:d7:8f:
a4:56:63:32:ba:e2:ad:c8:ed:60:f0:38:45:5a:8b:
d0:60:dc:33:c9:4e:6d:39:56:49:31:f8:15:20:ec:
40:e4:da:e6:fc:95:98:3e:64:cb:b9:39:91:70:ca:
1e:13:6e:41:0e:cf:df:e5:4e:87:d3:79:9a:6e:31:
04:c9:6e:33:ce:64:ef:50:ee:37:c8:66:87:2a:a4:
67:ef:af:40:2b:91:e1:ca:2a:a1:c2:28:d7:55:99:
ae:a1:57:a8:8e:25:f3:0e:8a:0d:05:5e:5a:f0:ec:
35:1c:8f:62:b3:a6:32:fb:a6:f4:23:79:78:bf:95:
80:d7:16:5e:69:76:64:10:29:e0:fd:f6:0f:63:3e:
07:88:0c:10:eb:50:31:f2:ee:5a:18:dd:17:93:fc:
54:d0:75:94:07:9a:8f:61:5a:10:a4:8e:cd:4c:36:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:0C:50:6E:52:CC:4E:C9:1B:89:5E:F7:9F:AA:DF:A4:5F:66:09:71
X509v3 Authority Key Identifier:
keyid:6F:C5:0D:0D:42:06:7B:76:AB:1A:2E:8E:53:3F:F8:49:B6:5D:56:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8UNDUIGe3arGi6OUz_4SbZdVvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/dAxQblLMTskbiV73n6rfpF9mCXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f2bd6c-4843-4ead-aa09-3c16ff841ab2/1/b8UNDUIGe3arGi6OUz_4SbZdVvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.35.0/24
46.233.42.0/23
46.233.52.0/23
46.233.55.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:31:a0:20:34:57:b3:f0:03:b3:8e:3e:84:a1:c2:6e:77:22:
51:b1:d9:fb:59:5c:2e:9e:f3:30:40:ec:25:f6:68:68:ae:c4:
e8:ad:90:24:b6:cc:7f:b5:c2:19:f0:02:4f:fc:fc:2a:c5:1e:
79:e6:24:69:72:f9:a2:99:04:cf:7f:40:b4:ba:29:b4:c2:21:
17:c3:1a:1e:09:2b:f1:71:41:96:a4:98:77:10:13:e6:fc:a9:
25:4c:b8:29:c5:3c:2e:1c:be:97:59:21:de:52:77:6c:57:d3:
4d:88:b1:33:82:be:7e:e7:40:ae:90:cc:d5:94:12:5c:eb:f2:
18:06:9d:e4:58:80:74:76:80:51:d1:33:03:b4:a6:17:a3:fa:
8c:6d:3f:2e:1c:82:a0:09:07:9a:31:cb:e3:8a:5b:86:b4:e6:
63:95:78:bd:e5:bc:82:a1:0e:4a:2e:c6:f7:ee:65:0c:14:0f:
65:c1:3c:0c:da:e9:e7:3e:f6:82:c2:2b:8c:2a:62:0b:ec:73:
83:67:2d:6f:c8:fd:90:a9:06:21:1f:9d:40:cd:22:ea:14:d4:
cd:b8:10:1d:37:74:50:68:ea:89:76:3d:f9:1b:fc:1d:ea:24:
e5:53:59:1c:fb:0c:f2:05:af:20:88:a6:1d:4f:2c:c3:71:2c:
40:ba:8e:bc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZn3oAFjGLBdkjUc8SnfEpYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmYzUwZDBkNDIwNjdiNzZhYjFhMmU4ZTUzM2ZmODQ5YjY1
ZDU2ZjUwHhcNMjUxMDE4MTQwMTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDBjNTA2ZTUyY2M0ZWM5MWI4OTVlZjc5ZmFhZGZhNDVmNjYwOTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsis1YbtVuJCzHe93b/o7vFisZGrS
9O/bXy7iU3N600qK4+zDM/4JclAoorwtesr5e0gWQ+dPGRyl98NJGpMMm1Zf9QQ/
uCFos2kfxvgsFlIUTHrTS8V114+kVmMyuuKtyO1g8DhFWovQYNwzyU5tOVZJMfgV
IOxA5Nrm/JWYPmTLuTmRcMoeE25BDs/f5U6H03mabjEEyW4zzmTvUO43yGaHKqRn
769AK5HhyiqhwijXVZmuoVeojiXzDooNBV5a8Ow1HI9is6Yy+6b0I3l4v5WA1xZe
aXZkECng/fYPYz4HiAwQ61Ax8u5aGN0Xk/xU0HWUB5qPYVoQpI7NTDZkOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQMUG5SzE7JG4le95+q36RfZglxMB8GA1UdIwQY
MBaAFG/FDQ1CBnt2qxoujlM/+Em2XVb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDkt
M2MxNmZmODQxYWIyLzEvZEF4UWJsTE1Uc2tiaVY3M242cmZwRjltQ1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMmJkNmMtNDg0My00ZWFkLWFhMDktM2MxNmZmODQxYWIy
LzEvYjhVTkRVSUdlM2FyR2k2T1V6XzRTYlpkVnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALukjAwQB
LukqAwQBLuk0AwQALuk3MA0GCSqGSIb3DQEBCwUAA4IBAQChMaAgNFez8AOzjj6E
ocJudyJRsdn7WVwunvMwQOwl9mhorsTorZAktsx/tcIZ8AJP/PwqxR555iRpcvmi
mQTPf0C0uim0wiEXwxoeCSvxcUGWpJh3EBPm/KklTLgpxTwuHL6XWSHeUndsV9NN
iLEzgr5+50CukMzVlBJc6/IYBp3kWIB0doBR0TMDtKYXo/qMbT8uHIKgCQeaMcvj
iluGtOZjlXi95byCoQ5KLsb37mUMFA9lwTwM2unnPvaCwiuMKmIL7HODZy1vyP2Q
qQYhH51AzSLqFNTNuBAdN3RQaOqJdj35G/wd6iTlU1kc+wzyBa8giKYdTyzDcSxA
uo68
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:13 2025 by rpki-client