Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/1-As5TzqaVCKX6nlGmvPWONdxkTE.roa
File: 1-As5TzqaVCKX6nlGmvPWONdxkTE.roa (raw, json)
Hash identifier: abXLdvdgUPX45Y9H6R61sg77QCGnn9/miGFmpeLLW4o=
Subject key identifier: F8:0B:39:4F:3A:9A:54:22:97:EA:79:46:9A:F3:D6:38:D7:71:91:31
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 019861219BC9D4D60F1D44784A82F6359C29
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/1-As5TzqaVCKX6nlGmvPWONdxkTE.roa
Signing time: Thu 31 Jul 2025 15:37:29 +0000
ROA not before: Thu 31 Jul 2025 15:37:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6461
IP address blocks: 46.232.4.0/23 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:21:9b:c9:d4:d6:0f:1d:44:78:4a:82:f6:35:9c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 31 15:37:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f80b394f3a9a542297ea79469af3d638d7719131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:f9:f5:79:f1:a0:69:0b:2f:f3:57:9b:05:
63:3b:42:ff:6b:1e:30:f5:e0:ed:d1:10:c3:3c:d2:
0f:3d:dc:25:54:7c:66:72:ec:2a:ea:08:95:ca:b9:
f1:01:34:f9:33:28:e3:e7:35:8a:10:a9:5b:70:bf:
30:c3:de:30:36:e7:96:7f:0d:93:c0:d2:c7:32:f1:
ac:a7:10:53:d2:16:72:17:3a:d8:23:c2:54:0a:b2:
17:50:a9:02:0b:f6:18:19:2c:67:a7:e5:b6:cd:5f:
34:4c:48:d8:55:c7:86:58:a5:e9:d2:89:e4:4b:73:
57:25:38:87:d6:95:a9:9d:c8:2f:d5:60:38:27:46:
06:ba:e9:85:b5:a5:8f:4a:0d:ec:c2:5d:ab:3e:22:
a5:58:94:31:88:b2:7e:52:23:f1:0e:33:c1:ee:a7:
3d:c0:39:e5:f4:55:85:44:6d:75:c5:68:30:f2:16:
98:db:1f:27:77:33:a2:43:a0:a1:f8:83:be:7f:c8:
ee:a2:49:d2:e7:52:76:49:b1:b2:e9:ea:97:7a:63:
ee:16:f1:58:1a:2f:9b:90:e3:d0:c3:1a:c5:36:2b:
e6:ae:9a:96:84:8d:02:66:ca:1e:31:93:d4:64:76:
42:5a:e3:b5:ad:bb:f6:38:64:e7:c8:d4:dc:b1:a1:
d8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:0B:39:4F:3A:9A:54:22:97:EA:79:46:9A:F3:D6:38:D7:71:91:31
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/1-As5TzqaVCKX6nlGmvPWONdxkTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.232.4.0/23
149.126.195.0/24
149.126.201.0-149.126.202.255
149.126.205.0/24
149.126.210.0/24
149.126.214.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:ac:aa:fa:1b:68:d9:30:5f:16:e0:8b:64:31:da:73:8c:f3:
de:ab:f7:6f:dd:92:71:57:5c:50:4e:63:06:51:86:ea:49:1a:
22:30:b6:6c:13:72:53:e8:07:f1:80:4e:09:51:1c:6b:19:5f:
c5:b6:e9:92:c7:2b:b7:81:0d:31:60:eb:39:bb:3a:ad:ab:1c:
7c:a5:95:9e:f5:57:64:95:a4:b6:23:d2:98:e3:6d:bd:1d:a3:
ba:7b:e7:0a:a7:43:59:8c:07:21:b2:30:8f:a4:83:5b:2a:e4:
de:39:99:44:15:3a:35:8f:d2:fc:35:ce:f6:b0:0f:55:0f:61:
79:c4:13:19:8f:03:bb:22:4d:1b:47:51:17:e2:bc:5a:da:95:
57:7c:26:8b:b7:ff:04:97:9e:13:de:09:2e:5b:d5:40:c0:7c:
a7:c5:1f:0b:b4:15:66:68:19:ed:66:b9:2f:fc:b8:a1:eb:a0:
0f:4e:07:a3:cd:0f:91:b8:64:97:bc:ea:ec:f8:1a:c0:6b:33:
d2:5c:91:69:d1:9e:a1:ad:16:28:33:c1:8c:63:10:51:73:aa:
e6:24:48:99:39:ca:91:fd:b6:89:1f:78:8f:0f:4f:b1:e9:4c:
71:e2:0c:72:0f:a1:b6:55:cf:88:3e:c7:c0:53:59:2e:6e:e5:
f6:71:89:ef
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZhhIZvJ1NYPHUR4SoL2NZwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNzMxMTUzNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODBiMzk0ZjNhOWE1NDIyOTdlYTc5NDY5YWYzZDYzOGQ3NzE5MTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0X59XnxoGkLL/NXmwVjO0L/ax4w
9eDt0RDDPNIPPdwlVHxmcuwq6giVyrnxATT5Myjj5zWKEKlbcL8ww94wNueWfw2T
wNLHMvGspxBT0hZyFzrYI8JUCrIXUKkCC/YYGSxnp+W2zV80TEjYVceGWKXp0onk
S3NXJTiH1pWpncgv1WA4J0YGuumFtaWPSg3swl2rPiKlWJQxiLJ+UiPxDjPB7qc9
wDnl9FWFRG11xWgw8haY2x8ndzOiQ6Ch+IO+f8juoknS51J2SbGy6eqXemPuFvFY
Gi+bkOPQwxrFNivmrpqWhI0CZsoeMZPUZHZCWuO1rbv2OGTnyNTcsaHYyQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFPgLOU86mlQil+p5Rprz1jjXcZExMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvMS1BczVUenFhVkNLWDZubEdtdlBXT05keGtURS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTYvNjIyOTgxLTk2NTAtNDI3MS05MmNhLTdjZmVmNDI3NmEw
Zi8xL1ZZanhsX2wtaVFCMVZVVG9FTTNlLWRrUHZFRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAS7oBAME
AJV+wzAMAwQAlX7JAwQAlX7KAwQAlX7NAwQAlX7SAwQAlX7WMA0GCSqGSIb3DQEB
CwUAA4IBAQBarKr6G2jZMF8W4ItkMdpzjPPeq/dv3ZJxV1xQTmMGUYbqSRoiMLZs
E3JT6AfxgE4JURxrGV/FtumSxyu3gQ0xYOs5uzqtqxx8pZWe9VdklaS2I9KY4229
HaO6e+cKp0NZjAchsjCPpINbKuTeOZlEFTo1j9L8Nc72sA9VD2F5xBMZjwO7Ik0b
R1EX4rxa2pVXfCaLt/8El54T3gkuW9VAwHynxR8LtBVmaBntZrkv/Lih66APTgej
zQ+RuGSXvOrs+BrAazPSXJFp0Z6hrRYoM8GMYxBRc6rmJEiZOcqR/baJH3iPD0+x
6Uxx4gxyD6G2Vc+IPsfAU1kubuX2cYnv
-----END CERTIFICATE-----
Generated at Sat Aug 9 02:52:00 2025 by rpki-client