Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/fGQmGdoxOtXczy9C5lK6y47L5zg.roa
File: fGQmGdoxOtXczy9C5lK6y47L5zg.roa (raw, json)
Hash identifier: v9b07dW1Ee2BRmV8UsuquecZtxj6uMI2qgRsGmXY+xA=
Subject key identifier: 7C:64:26:19:DA:31:3A:D5:DC:CF:2F:42:E6:52:BA:CB:8E:CB:E7:38
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01974077BCD5A2925CF68C9CEC47E1A4D814
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/fGQmGdoxOtXczy9C5lK6y47L5zg.roa
Signing time: Thu 05 Jun 2025 14:21:18 +0000
ROA not before: Thu 05 Jun 2025 14:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 46.3.8.0/22 maxlen: 22
46.3.12.0/22 maxlen: 24
46.3.48.0/20 maxlen: 24
46.3.77.0/24 maxlen: 24
46.3.84.0/24 maxlen: 24
46.3.89.0/24 maxlen: 24
46.3.90.0/24 maxlen: 24
46.3.91.0/24 maxlen: 24
46.3.118.0/24 maxlen: 24
46.3.119.0/24 maxlen: 24
46.3.120.0/21 maxlen: 24
46.3.128.0/22 maxlen: 24
46.3.134.0/24 maxlen: 24
46.3.135.0/24 maxlen: 24
46.3.156.0/24 maxlen: 24
46.3.157.0/24 maxlen: 24
46.3.160.0/24 maxlen: 24
46.3.161.0/24 maxlen: 24
46.3.162.0/24 maxlen: 24
46.3.163.0/24 maxlen: 24
46.3.164.0/22 maxlen: 24
46.3.168.0/24 maxlen: 24
46.3.169.0/24 maxlen: 24
46.3.170.0/24 maxlen: 24
46.3.171.0/24 maxlen: 24
46.3.172.0/24 maxlen: 24
46.3.174.0/24 maxlen: 24
46.3.184.0/22 maxlen: 24
46.3.188.0/24 maxlen: 24
46.3.189.0/24 maxlen: 24
46.3.190.0/24 maxlen: 24
46.3.205.0/24 maxlen: 24
46.3.206.0/23 maxlen: 24
46.3.208.0/22 maxlen: 24
46.3.212.0/22 maxlen: 24
46.3.220.0/23 maxlen: 24
46.3.223.0/24 maxlen: 24
46.3.228.0/23 maxlen: 24
46.3.230.0/23 maxlen: 24
46.3.236.0/23 maxlen: 24
46.3.243.0/24 maxlen: 24
46.3.244.0/24 maxlen: 24
46.3.246.0/24 maxlen: 24
46.3.248.0/24 maxlen: 24
46.3.251.0/24 maxlen: 24
46.3.252.0/22 maxlen: 24
46.3.253.0/24 maxlen: 24
46.3.254.0/24 maxlen: 24
46.3.255.0/24 maxlen: 24
46.232.0.0/22 maxlen: 24
46.232.4.0/23 maxlen: 24
46.232.16.0/23 maxlen: 24
46.232.18.0/23 maxlen: 24
46.232.64.0/24 maxlen: 24
46.232.65.0/24 maxlen: 24
46.232.66.0/24 maxlen: 24
46.232.68.0/24 maxlen: 24
46.232.116.0/23 maxlen: 24
46.232.118.0/23 maxlen: 24
46.232.124.0/23 maxlen: 24
46.232.126.0/23 maxlen: 24
149.126.193.0/24 maxlen: 24
149.126.195.0/24 maxlen: 24
149.126.196.0/24 maxlen: 24
149.126.198.0/24 maxlen: 24
149.126.201.0/24 maxlen: 24
149.126.202.0/24 maxlen: 24
149.126.204.0/24 maxlen: 24
149.126.205.0/24 maxlen: 24
149.126.208.0/24 maxlen: 24
149.126.210.0/24 maxlen: 24
149.126.214.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.225.0/24 maxlen: 24
149.126.226.0/24 maxlen: 24
149.126.228.0/24 maxlen: 24
149.126.231.0/24 maxlen: 24
149.126.236.0/22 maxlen: 24
149.126.242.0/24 maxlen: 24
149.126.244.0/24 maxlen: 24
149.126.245.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
149.126.253.0/24 maxlen: 24
149.126.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:77:bc:d5:a2:92:5c:f6:8c:9c:ec:47:e1:a4:d8:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 5 14:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c642619da313ad5dccf2f42e652bacb8ecbe738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:56:ef:75:ff:48:40:37:27:0f:49:3d:12:d4:
5b:2b:49:a1:5b:9a:c5:42:69:d5:60:11:b4:29:4d:
37:9f:a5:0e:08:f8:d6:c3:e2:4c:0a:8b:9b:60:94:
ce:49:2f:f1:9f:4c:b2:7f:66:01:d9:4c:32:e2:19:
f9:b7:8f:17:ec:88:13:ec:7c:08:9e:1c:d9:cb:01:
60:1c:eb:16:e7:0e:77:32:d0:71:80:9c:ef:93:f5:
61:3a:a4:2f:8e:fb:b5:ee:81:b1:48:1b:6e:e8:e2:
8e:40:ef:9e:34:fc:3b:e0:d1:8d:87:92:a7:14:23:
eb:d4:b3:04:fb:72:1e:1b:0b:4b:dc:5a:da:54:62:
cd:29:2f:8e:3e:8b:8c:9f:b3:99:1c:22:93:95:e3:
06:cb:08:2e:7c:ca:76:cd:dc:bd:df:e1:a8:f3:64:
cc:57:ab:e9:2b:75:ed:27:0c:79:08:e9:9e:bf:0a:
e8:e6:46:50:29:bd:97:89:8a:30:1b:3b:97:7a:1b:
82:7b:b4:b6:22:94:6d:17:75:21:44:31:26:7c:ac:
54:0b:b5:90:72:2e:ec:0e:13:ee:01:ed:a8:f6:16:
ec:07:47:ea:78:44:bc:ba:b0:07:e8:71:fe:07:0b:
26:51:74:5f:19:a4:dd:c6:6d:be:43:05:07:a9:4a:
f2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:64:26:19:DA:31:3A:D5:DC:CF:2F:42:E6:52:BA:CB:8E:CB:E7:38
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/fGQmGdoxOtXczy9C5lK6y47L5zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.8.0/21
46.3.48.0/20
46.3.77.0/24
46.3.84.0/24
46.3.89.0-46.3.91.255
46.3.118.0-46.3.131.255
46.3.134.0/23
46.3.156.0/23
46.3.160.0-46.3.172.255
46.3.174.0/24
46.3.184.0-46.3.190.255
46.3.205.0-46.3.215.255
46.3.220.0/23
46.3.223.0/24
46.3.228.0/22
46.3.236.0/23
46.3.243.0-46.3.244.255
46.3.246.0/24
46.3.248.0/24
46.3.251.0-46.3.255.255
46.232.0.0-46.232.5.255
46.232.16.0/22
46.232.64.0-46.232.66.255
46.232.68.0/24
46.232.116.0/22
46.232.124.0/22
149.126.193.0/24
149.126.195.0-149.126.196.255
149.126.198.0/24
149.126.201.0-149.126.202.255
149.126.204.0/23
149.126.208.0/24
149.126.210.0/24
149.126.214.0/24
149.126.224.0-149.126.226.255
149.126.228.0/24
149.126.231.0/24
149.126.236.0/22
149.126.242.0/24
149.126.244.0/23
149.126.247.0-149.126.250.255
149.126.253.0-149.126.255.255
Signature Algorithm: sha256WithRSAEncryption
26:ae:94:bd:7d:ed:7a:dc:20:ba:f4:4f:e9:b9:a5:a9:54:e7:
ae:04:db:79:fa:fc:b6:bc:19:af:de:6a:49:e4:d9:53:1f:63:
cd:4e:66:79:3b:f5:2f:bf:cb:6a:eb:be:ad:3e:b6:ab:ac:90:
49:ae:1b:ee:2d:ee:75:cb:45:ae:7e:72:75:a7:90:db:ee:60:
ad:08:11:fd:f2:ce:76:6f:1e:52:81:08:ef:3c:66:79:a8:19:
11:e2:51:b6:ad:53:a0:96:7c:0c:e9:a1:63:24:b4:b2:fb:5f:
9d:ca:c0:7a:b7:80:28:e9:18:6e:0e:21:89:a3:dc:df:0a:2b:
19:ca:3c:d4:19:4b:f6:2c:22:dc:f6:d9:f2:f8:c9:62:dd:cc:
f3:86:4f:47:d7:77:a6:b5:d1:02:a0:b9:0e:e4:db:da:9d:a7:
05:21:75:fc:84:62:61:3b:cb:48:fb:21:5f:be:0d:a9:5c:58:
a0:3d:5c:da:72:8f:8a:30:91:3a:a9:98:35:75:a7:50:41:7e:
cf:73:b1:2f:e3:9c:bb:5c:4d:c8:87:d8:53:a7:4b:26:30:3b:
89:46:bd:21:5b:6d:49:6a:a0:f1:46:4d:d5:a5:26:2a:f5:25:
34:28:57:99:28:44:32:63:39:b0:5b:8e:ab:a8:06:b1:34:0c:
48:9a:ea:6d
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISAZdAd7zVopJc9oyc7EfhpNgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNjA1MTQyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzY0MjYxOWRhMzEzYWQ1ZGNjZjJmNDJlNjUyYmFjYjhlY2JlNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlbvdf9IQDcnD0k9EtRbK0mhW5rF
QmnVYBG0KU03n6UOCPjWw+JMCoubYJTOSS/xn0yyf2YB2Uwy4hn5t48X7IgT7HwI
nhzZywFgHOsW5w53MtBxgJzvk/VhOqQvjvu17oGxSBtu6OKOQO+eNPw74NGNh5Kn
FCPr1LME+3IeGwtL3FraVGLNKS+OPouMn7OZHCKTleMGywgufMp2zdy93+Go82TM
V6vpK3XtJwx5COmevwro5kZQKb2XiYowGzuXehuCe7S2IpRtF3UhRDEmfKxUC7WQ
ci7sDhPuAe2o9hbsB0fqeES8urAH6HH+BwsmUXRfGaTdxm2+QwUHqUry3wIDAQAB
o4IDdjCCA3IwHQYDVR0OBBYEFHxkJhnaMTrV3M8vQuZSusuOy+c4MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvZkdRbUdkb3hPdFhjenk5QzVsSzZ5NDdMNXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBigYIKwYBBQUHAQcBAf8EggF5MIIBdTCCAXEEAgABMIIB
aQMEAy4DCAMEBC4DMAMEAC4DTQMEAC4DVDAMAwQALgNZAwQCLgNYMAwDBAEuA3YD
BAIuA4ADBAEuA4YDBAEuA5wwDAMEBS4DoAMEAC4DrAMEAC4DrjAMAwQDLgO4AwQA
LgO+MAwDBAAuA80DBAMuA9ADBAEuA9wDBAAuA98DBAIuA+QDBAEuA+wwDAMEAC4D
8wMEAC4D9AMEAC4D9gMEAC4D+DALAwQALgP7AwMCLgAwCwMDAy7oAwQBLugEAwQC
LugQMAwDBAYu6EADBAAu6EIDBAAu6EQDBAIu6HQDBAIu6HwDBACVfsEwDAMEAJV+
wwMEAJV+xAMEAJV+xjAMAwQAlX7JAwQAlX7KAwQBlX7MAwQAlX7QAwQAlX7SAwQA
lX7WMAwDBAWVfuADBACVfuIDBACVfuQDBACVfucDBAKVfuwDBACVfvIDBAGVfvQw
DAMEAJV+9wMEAJV++jALAwQAlX79AwMAlX4wDQYJKoZIhvcNAQELBQADggEBACau
lL197XrcILr0T+m5palU564E23n6/La8Ga/eaknk2VMfY81OZnk79S+/y2rrvq0+
tquskEmuG+4t7nXLRa5+cnWnkNvuYK0IEf3yznZvHlKBCO88ZnmoGRHiUbatU6CW
fAzpoWMktLL7X53KwHq3gCjpGG4OIYmj3N8KKxnKPNQZS/YsItz22fL4yWLdzPOG
T0fXd6a10QKguQ7k29qdpwUhdfyEYmE7y0j7IV++DalcWKA9XNpyj4owkTqpmDV1
p1BBfs9zsS/jnLtcTciH2FOnSyYwO4lGvSFbbUlqoPFGTdWlJir1JTQoV5koRDJj
ObBbjquoBrE0DEia6m0=
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:23:48 2025 by rpki-client