
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/29FCaAYYGxF38GRIEOTlfCqPXmo.roa
File: 29FCaAYYGxF38GRIEOTlfCqPXmo.roa (raw, json)
Hash identifier: SVoMULes5WkO+U5mku9WD3sjpCzRNbNzXOWPbWS8GpA=
Subject key identifier: DB:D1:42:68:06:18:1B:11:77:F0:64:48:10:E4:E5:7C:2A:8F:5E:6A
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01984809E7B1736015B688645D7E0E169718
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/29FCaAYYGxF38GRIEOTlfCqPXmo.roa
Signing time: Sat 26 Jul 2025 18:41:05 +0000
ROA not before: Sat 26 Jul 2025 18:41:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34837
IP address blocks: 46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.64.0/19 maxlen: 19
212.16.64.0/24 maxlen: 24
212.16.65.0/24 maxlen: 24
212.16.66.0/24 maxlen: 24
212.16.67.0/24 maxlen: 24
212.16.68.0/24 maxlen: 24
212.16.75.0/24 maxlen: 24
212.16.76.0/24 maxlen: 24
212.16.82.0/24 maxlen: 24
212.16.83.0/24 maxlen: 24
212.16.88.0/24 maxlen: 24
212.16.90.0/24 maxlen: 24
212.16.91.0/24 maxlen: 24
212.80.0.0/19 maxlen: 19
212.80.1.0/24 maxlen: 24
212.80.3.0/24 maxlen: 24
212.80.5.0/24 maxlen: 24
212.80.12.0/24 maxlen: 24
212.80.13.0/24 maxlen: 24
212.80.14.0/24 maxlen: 24
212.80.15.0/24 maxlen: 24
212.80.16.0/24 maxlen: 24
212.80.28.0/24 maxlen: 24
212.80.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:48:09:e7:b1:73:60:15:b6:88:64:5d:7e:0e:16:97:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jul 26 18:41:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbd1426806181b1177f0644810e4e57c2a8f5e6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:22:65:0c:57:5f:df:02:bb:2e:e2:31:e6:51:
23:b1:73:f2:18:ad:e3:23:4c:f6:f1:77:e6:7e:91:
11:de:5b:83:35:db:2c:c7:53:f0:14:75:5e:85:0c:
02:fb:41:e0:15:f4:f5:f8:54:fc:4e:77:12:38:6f:
2c:47:c2:7a:10:17:7a:c8:27:03:67:ed:14:55:bd:
ea:c3:e2:fc:fc:a1:85:cc:f0:1a:c1:cd:42:d8:2f:
2d:45:3c:61:73:e5:51:ce:07:bb:5b:f3:c3:20:fc:
b3:2f:61:3a:1b:97:c1:a5:78:62:52:35:93:54:a6:
ac:06:29:2d:ca:61:a3:c0:b4:41:02:33:ae:20:a5:
31:f7:b5:b8:b3:18:9e:49:69:64:30:a6:a2:e4:2b:
4f:b0:55:39:2b:fe:05:cd:bf:bd:08:75:ed:7a:0a:
df:09:97:73:6c:d1:a1:c2:42:28:59:f7:9f:ae:24:
b9:70:1b:72:25:69:51:e0:03:88:6b:8c:45:63:d8:
11:4b:f7:d5:a6:5a:9e:f2:61:f8:82:51:56:c7:67:
18:4d:88:7e:a9:3c:ad:97:26:d1:25:a2:a1:37:45:
b0:67:48:8d:d8:40:02:5b:35:72:55:89:ee:9b:d1:
d0:7d:7f:aa:ba:69:be:15:ef:91:22:89:40:01:33:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D1:42:68:06:18:1B:11:77:F0:64:48:10:E4:E5:7C:2A:8F:5E:6A
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/29FCaAYYGxF38GRIEOTlfCqPXmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
212.16.64.0/19
212.80.0.0/19
Signature Algorithm: sha256WithRSAEncryption
35:90:64:dd:2b:a3:30:13:40:05:12:7a:2c:14:cc:00:bc:57:
e4:bb:9d:79:be:01:3d:8c:d4:0c:2c:57:ad:3d:86:1a:2a:cd:
03:6a:10:b7:3e:18:56:39:e3:2f:a5:fb:3c:77:e4:38:d3:1e:
c8:bc:c8:88:5e:27:94:aa:00:e1:99:ec:1f:41:97:49:89:03:
29:71:8b:fd:e2:d0:6a:3f:ee:7b:b6:6d:a2:87:22:18:7f:7a:
f1:8a:d6:3a:5f:89:18:88:53:df:52:13:c6:2b:c4:50:58:fd:
14:6e:da:f5:8d:84:86:49:54:01:b2:1e:d7:5e:f2:6a:f6:65:
09:6c:c1:ed:eb:4c:46:5b:89:4a:d0:2c:d7:72:e9:d6:b7:af:
eb:09:9e:7d:71:79:17:31:64:ab:39:99:b9:60:d1:fc:32:2a:
2f:97:d4:7a:cc:df:81:88:03:6e:eb:90:99:fe:6e:6f:7a:64:
a9:07:cc:57:42:e1:48:5d:ad:55:49:61:82:33:4a:1c:41:38:
b5:6e:03:c7:8b:89:2c:6a:3b:e6:76:bb:c3:1e:b4:ad:4d:50:
8a:b6:20:d9:6e:f0:ea:cc:46:e8:6d:04:a1:80:f7:6f:89:fc:
b8:26:57:11:20:7a:18:ca:d3:af:0c:bb:c1:67:5d:7a:99:38:
30:5f:ed:b3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhICeexc2AVtohkXX4OFpcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwNzI2MTg0MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQxNDI2ODA2MTgxYjExNzdmMDY0NDgxMGU0ZTU3YzJhOGY1ZTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SJlDFdf3wK7LuIx5lEjsXPyGK3j
I0z28XfmfpER3luDNdssx1PwFHVehQwC+0HgFfT1+FT8TncSOG8sR8J6EBd6yCcD
Z+0UVb3qw+L8/KGFzPAawc1C2C8tRTxhc+VRzge7W/PDIPyzL2E6G5fBpXhiUjWT
VKasBiktymGjwLRBAjOuIKUx97W4sxieSWlkMKai5CtPsFU5K/4Fzb+9CHXtegrf
CZdzbNGhwkIoWfefriS5cBtyJWlR4AOIa4xFY9gRS/fVplqe8mH4glFWx2cYTYh+
qTytlybRJaKhN0WwZ0iN2EACWzVyVYnum9HQfX+qumm+Fe+RIolAATNXIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNvRQmgGGBsRd/BkSBDk5Xwqj15qMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvMjlGQ2FBWVlHeEYzOEdSSUVPVGxmQ3FQWG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALiaBAwQA
LiaDAwQALiaMAwQF1BBAAwQF1FAAMA0GCSqGSIb3DQEBCwUAA4IBAQA1kGTdK6Mw
E0AFEnosFMwAvFfku515vgE9jNQMLFetPYYaKs0DahC3PhhWOeMvpfs8d+Q40x7I
vMiIXieUqgDhmewfQZdJiQMpcYv94tBqP+57tm2ihyIYf3rxitY6X4kYiFPfUhPG
K8RQWP0Ubtr1jYSGSVQBsh7XXvJq9mUJbMHt60xGW4lK0CzXcunWt6/rCZ59cXkX
MWSrOZm5YNH8Miovl9R6zN+BiANu65CZ/m5vemSpB8xXQuFIXa1VSWGCM0ocQTi1
bgPHi4ksajvmdrvDHrStTVCKtiDZbvDqzEbobQShgPdvify4JlcRIHoYytOvDLvB
Z116mTgwX+2z
-----END CERTIFICATE-----
Generated at Wed Aug 6 14:08:06 2025 by rpki-client