Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pPH2axU5RVFKiivhA1uBzVgOa58.roa
File: pPH2axU5RVFKiivhA1uBzVgOa58.roa (raw, json)
Hash identifier: 88Foje3Ijp/vupY8q/t+ah7k/7wUBRu+P7Xr6nkFSy8=
Subject key identifier: A4:F1:F6:6B:15:39:45:51:4A:8A:2B:E1:03:5B:81:CD:58:0E:6B:9F
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01974077BD758D24D4272B0FBA43D351CDB0
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pPH2axU5RVFKiivhA1uBzVgOa58.roa
Signing time: Thu 05 Jun 2025 14:21:18 +0000
ROA not before: Thu 05 Jun 2025 14:21:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 46.3.4.0/22 maxlen: 22
46.3.4.0/24 maxlen: 24
46.3.5.0/24 maxlen: 24
46.3.6.0/24 maxlen: 24
46.3.7.0/24 maxlen: 24
46.3.16.0/22 maxlen: 22
46.3.16.0/24 maxlen: 24
46.3.17.0/24 maxlen: 24
46.3.18.0/24 maxlen: 24
46.3.19.0/24 maxlen: 24
46.3.64.0/22 maxlen: 22
46.3.64.0/24 maxlen: 24
46.3.65.0/24 maxlen: 24
46.3.66.0/24 maxlen: 24
46.3.67.0/24 maxlen: 24
46.3.68.0/22 maxlen: 22
46.3.68.0/24 maxlen: 24
46.3.69.0/24 maxlen: 24
46.3.70.0/24 maxlen: 24
46.3.71.0/24 maxlen: 24
46.3.72.0/22 maxlen: 24
46.3.72.0/24 maxlen: 24
46.3.73.0/24 maxlen: 24
46.3.74.0/24 maxlen: 24
46.3.75.0/24 maxlen: 24
46.3.76.0/24 maxlen: 24
46.3.86.0/23 maxlen: 23
46.3.92.0/22 maxlen: 22
46.3.92.0/24 maxlen: 24
46.3.93.0/24 maxlen: 24
46.3.94.0/24 maxlen: 24
46.3.95.0/24 maxlen: 24
46.3.148.0/22 maxlen: 22
46.3.148.0/24 maxlen: 24
46.3.149.0/24 maxlen: 24
46.3.150.0/24 maxlen: 24
46.3.151.0/24 maxlen: 24
46.3.203.0/24 maxlen: 24
46.3.204.0/24 maxlen: 24
46.3.224.0/22 maxlen: 22
46.3.224.0/24 maxlen: 24
46.3.225.0/24 maxlen: 24
46.3.226.0/24 maxlen: 24
46.3.227.0/24 maxlen: 24
46.232.26.0/23 maxlen: 24
46.232.26.0/24 maxlen: 24
46.232.27.0/24 maxlen: 24
46.232.28.0/22 maxlen: 24
46.232.28.0/24 maxlen: 24
46.232.29.0/24 maxlen: 24
46.232.30.0/24 maxlen: 24
46.232.31.0/24 maxlen: 24
46.232.32.0/20 maxlen: 24
46.232.80.0/20 maxlen: 20
46.232.80.0/24 maxlen: 24
46.232.81.0/24 maxlen: 24
46.232.82.0/24 maxlen: 24
46.232.83.0/24 maxlen: 24
46.232.84.0/24 maxlen: 24
46.232.85.0/24 maxlen: 24
46.232.86.0/24 maxlen: 24
46.232.87.0/24 maxlen: 24
46.232.88.0/24 maxlen: 24
46.232.89.0/24 maxlen: 24
46.232.90.0/24 maxlen: 24
46.232.91.0/24 maxlen: 24
46.232.92.0/24 maxlen: 24
46.232.93.0/24 maxlen: 24
46.232.94.0/24 maxlen: 24
46.232.95.0/24 maxlen: 24
149.126.192.0/24 maxlen: 24
149.126.197.0/24 maxlen: 24
149.126.200.0/24 maxlen: 24
149.126.206.0/24 maxlen: 24
149.126.215.0/24 maxlen: 24
149.126.224.0/24 maxlen: 24
149.126.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:77:bd:75:8d:24:d4:27:2b:0f:ba:43:d3:51:cd:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jun 5 14:21:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4f1f66b153945514a8a2be1035b81cd580e6b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:39:c5:3b:6c:af:4f:c2:5f:25:17:5f:be:86:
58:73:4d:3c:6f:07:98:3d:9d:29:7e:d0:ec:c0:00:
e7:e5:f5:7c:a3:c9:2d:d4:c0:61:db:c7:a6:9c:50:
5b:f6:90:d2:88:f3:44:f7:c5:63:28:76:5c:2d:d6:
f5:d2:27:04:57:ff:1a:77:e6:94:25:40:25:3b:22:
24:35:7d:58:94:62:21:a4:15:87:66:f7:b9:3f:76:
a5:17:57:66:d1:6e:4b:dd:f7:3a:57:d6:4b:20:0e:
20:ef:86:f0:e8:3d:16:f2:00:51:bb:c1:ad:e1:ef:
6d:b5:8f:3f:c5:8a:64:e3:99:81:dc:46:8d:95:c5:
2a:98:05:92:2c:c2:1b:cc:cc:64:96:a4:80:1a:d8:
ea:9e:f4:34:16:b5:e2:92:79:96:2d:e1:f2:ac:f2:
88:00:58:22:d3:b7:d5:b7:b7:6f:85:67:35:6c:75:
57:ac:41:08:5e:3a:4b:17:9b:88:70:9d:80:3d:8d:
4b:40:d0:57:ec:83:dd:09:0d:02:27:87:9b:8d:f5:
fe:ea:90:67:7d:56:f5:a0:5a:29:50:30:f3:3c:85:
c5:dd:0b:7f:bd:ce:bc:05:33:06:f7:ee:d6:fb:59:
61:cf:89:83:d6:b5:c5:fe:34:f8:22:16:23:e5:df:
8b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F1:F6:6B:15:39:45:51:4A:8A:2B:E1:03:5B:81:CD:58:0E:6B:9F
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/pPH2axU5RVFKiivhA1uBzVgOa58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.4.0/22
46.3.16.0/22
46.3.64.0-46.3.76.255
46.3.86.0/23
46.3.92.0/22
46.3.148.0/22
46.3.203.0-46.3.204.255
46.3.224.0/22
46.232.26.0-46.232.47.255
46.232.80.0/20
149.126.192.0/24
149.126.197.0/24
149.126.200.0/24
149.126.206.0/24
149.126.215.0/24
149.126.224.0/24
149.126.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ae:55:58:f4:a3:30:68:d8:59:70:02:9c:c4:5d:08:c1:eb:
d5:7e:64:ef:72:42:9a:9e:82:7d:70:b9:5b:1c:05:a8:9d:e1:
4f:9b:f2:12:5b:34:e8:b8:0c:6b:6b:81:ea:6e:e7:e5:24:87:
f4:b5:4d:20:cf:19:11:e8:17:71:57:3a:b6:74:d6:09:78:cc:
7f:bf:80:d7:d6:64:a0:75:72:54:35:76:e3:d8:b0:67:42:3a:
2f:f3:b9:19:6e:03:53:2d:26:b4:0c:9f:0c:a4:9b:47:01:36:
d7:a9:89:77:a7:5b:db:cd:00:cb:75:bd:73:02:5a:f6:d0:00:
ca:07:60:54:9e:ac:1a:8a:12:97:70:d0:f0:39:37:17:2f:8b:
8c:fa:5c:71:c1:82:48:27:1a:d3:ef:e2:84:74:38:c5:1e:54:
a9:ea:bd:74:2a:dd:02:d9:21:e8:13:f0:06:5c:4d:62:b3:ff:
82:c2:b0:2f:cc:56:4b:a0:36:8c:8c:2b:0e:5f:e3:20:ac:2b:
26:a1:31:b6:bb:59:f2:fc:9a:0e:e0:5d:64:03:46:9d:cd:7d:
0c:b4:c4:a7:cd:75:82:14:cf:ed:80:ed:c0:a2:13:6d:11:5c:
66:2d:52:f7:af:9d:2a:8f:cc:b5:fa:33:1d:2d:30:a1:88:99:
0d:39:3c:a5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZdAd711jSTUJysPukPTUc2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNjA1MTQyMTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGYxZjY2YjE1Mzk0NTUxNGE4YTJiZTEwMzViODFjZDU4MGU2YjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsznFO2yvT8JfJRdfvoZYc008bweY
PZ0pftDswADn5fV8o8kt1MBh28emnFBb9pDSiPNE98VjKHZcLdb10icEV/8ad+aU
JUAlOyIkNX1YlGIhpBWHZve5P3alF1dm0W5L3fc6V9ZLIA4g74bw6D0W8gBRu8Gt
4e9ttY8/xYpk45mB3EaNlcUqmAWSLMIbzMxklqSAGtjqnvQ0FrXiknmWLeHyrPKI
AFgi07fVt7dvhWc1bHVXrEEIXjpLF5uIcJ2APY1LQNBX7IPdCQ0CJ4ebjfX+6pBn
fVb1oFopUDDzPIXF3Qt/vc68BTMG9+7W+1lhz4mD1rXF/jT4IhYj5d+L6QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKTx9msVOUVRSoor4QNbgc1YDmufMB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvcFBIMmF4VTVSVkZLaWl2aEExdUJ6VmdPYTU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAi4D
BAMEAi4DEDAMAwQGLgNAAwQALgNMAwQBLgNWAwQCLgNcAwQCLgOUMAwDBAAuA8sD
BAAuA8wDBAIuA+AwDAMEAS7oGgMEBC7oIAMEBC7oUAMEAJV+wAMEAJV+xQMEAJV+
yAMEAJV+zgMEAJV+1wMEAJV+4AMEAJV+9jANBgkqhkiG9w0BAQsFAAOCAQEADa5V
WPSjMGjYWXACnMRdCMHr1X5k73JCmp6CfXC5WxwFqJ3hT5vyEls06LgMa2uB6m7n
5SSH9LVNIM8ZEegXcVc6tnTWCXjMf7+A19ZkoHVyVDV249iwZ0I6L/O5GW4DUy0m
tAyfDKSbRwE216mJd6db280Ay3W9cwJa9tAAygdgVJ6sGooSl3DQ8Dk3Fy+LjPpc
ccGCSCca0+/ihHQ4xR5Uqeq9dCrdAtkh6BPwBlxNYrP/gsKwL8xWS6A2jIwrDl/j
IKwrJqExtrtZ8vyaDuBdZANGnc19DLTEp811ghTP7YDtwKITbRFcZi1S96+dKo/M
tfozHS0woYiZDTk8pQ==
-----END CERTIFICATE-----
Generated at Mon Jun 16 08:56:13 2025 by rpki-client