Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/zoul4ezNwBmuWsfokTP8nPwRHX8.roa
File: zoul4ezNwBmuWsfokTP8nPwRHX8.roa (raw, json)
Hash identifier: W2Lz9aM7yjWvqMhGoLOhe8ObztEy+13/QzLKQ+rG46g=
Subject key identifier: CE:8B:A5:E1:EC:CD:C0:19:AE:5A:C7:E8:91:33:FC:9C:FC:11:1D:7F
Certificate issuer: /CN=5588f197f97e8900755544e810cddef9d90fbc41
Certificate serial: 01986122868D23D60D21FD9DE3C8CD236A6F
Authority key identifier: 55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/zoul4ezNwBmuWsfokTP8nPwRHX8.roa
Signing time: Thu 31 Jul 2025 15:38:29 +0000
ROA not before: Thu 31 Jul 2025 15:38:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1239
IP address blocks: 46.3.190.0/24 maxlen: 24
46.3.208.0/21 maxlen: 21
46.3.220.0/23 maxlen: 23
46.232.69.0/24 maxlen: 24
46.232.112.0/20 maxlen: 22
149.126.246.0/24 maxlen: 24
149.126.247.0/24 maxlen: 24
149.126.248.0/24 maxlen: 24
149.126.249.0/24 maxlen: 24
149.126.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:61:22:86:8d:23:d6:0d:21:fd:9d:e3:c8:cd:23:6a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5588f197f97e8900755544e810cddef9d90fbc41
Validity
Not Before: Jul 31 15:38:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce8ba5e1eccdc019ae5ac7e89133fc9cfc111d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:de:6d:64:bf:9d:f8:4f:53:4e:69:de:66:
ca:01:a1:80:fe:95:22:bb:e2:54:7d:1d:03:2c:f0:
1b:5d:9a:e6:f3:a9:d2:bd:13:54:5a:b0:25:dd:fb:
f7:48:d2:b0:d8:2c:57:5f:e3:13:76:b9:b6:0f:5f:
43:b7:08:8b:e5:83:68:60:f8:b0:f9:e0:86:67:75:
47:7c:89:bf:12:40:16:86:66:32:f9:92:0e:7b:ed:
34:08:49:94:b1:3f:94:19:78:4b:75:b2:8f:82:eb:
aa:90:a6:13:81:25:b1:4a:79:87:0e:80:be:eb:87:
1e:b2:71:5e:16:28:b0:09:d8:27:a7:8f:fc:48:29:
d0:bb:60:49:42:f6:db:d1:c1:4d:db:2f:85:e7:49:
6c:1a:c7:27:49:d0:9b:7f:57:64:4a:84:57:00:f3:
c7:38:dd:10:78:7e:4f:c4:ad:51:a1:16:a9:d5:5a:
c7:a9:0c:e0:8f:aa:24:88:d4:97:c3:79:c2:6a:a7:
f8:7b:15:03:61:9a:48:d5:83:a5:ca:d8:96:47:0e:
df:d2:08:bb:c0:24:97:ef:1e:34:8c:b2:ca:85:96:
6b:84:6f:79:04:b1:d2:73:bb:b9:1c:60:ef:2b:7c:
5d:69:ec:78:21:09:98:4f:54:9d:09:ff:18:bf:4e:
5f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8B:A5:E1:EC:CD:C0:19:AE:5A:C7:E8:91:33:FC:9C:FC:11:1D:7F
X509v3 Authority Key Identifier:
keyid:55:88:F1:97:F9:7E:89:00:75:55:44:E8:10:CD:DE:F9:D9:0F:BC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VYjxl_l-iQB1VUToEM3e-dkPvEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/zoul4ezNwBmuWsfokTP8nPwRHX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/622981-9650-4271-92ca-7cfef4276a0f/1/VYjxl_l-iQB1VUToEM3e-dkPvEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.3.190.0/24
46.3.208.0/21
46.3.220.0/23
46.232.69.0/24
46.232.112.0/20
149.126.246.0-149.126.250.255
Signature Algorithm: sha256WithRSAEncryption
14:c0:d7:ae:06:02:cc:97:5e:e9:8b:de:63:b6:46:19:c3:6c:
75:2b:09:c3:b9:ef:6c:45:41:1e:a9:cc:97:82:6e:45:9e:17:
93:ce:70:84:be:76:aa:33:a3:f5:02:a1:08:80:95:c1:6d:4a:
a8:0e:0b:00:13:46:62:75:66:e0:b1:37:82:f3:eb:70:be:6c:
96:aa:22:71:ad:48:ed:53:6c:dd:1e:3e:c9:43:91:95:2b:36:
f8:64:a9:2b:b4:2d:45:c6:26:46:bd:9b:74:05:fe:b3:43:33:
91:da:f4:d3:2c:66:68:d7:ef:05:b8:d8:69:f3:38:ee:24:33:
1f:89:d6:f6:65:10:15:12:e1:8a:ba:37:4c:e5:ef:2e:28:ef:
96:4a:06:c3:53:41:0e:f4:d5:cd:79:c0:cd:ea:0c:55:e0:73:
5d:02:de:a2:5f:06:0c:86:6f:be:dd:b6:f5:7b:ec:1a:fd:53:
7c:96:b7:34:97:96:3a:ec:16:d6:be:5b:2b:4f:fb:0e:f7:66:
83:a2:7d:50:24:78:25:26:c9:d7:f3:32:64:2a:cd:85:56:6a:
b3:ea:19:c9:65:ee:24:c0:26:a8:17:7a:36:3c:d7:e3:de:38:
09:de:17:31:4b:91:d9:0d:92:0c:bb:8c:75:01:cc:a1:a8:95:
30:4f:46:5d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZhhIoaNI9YNIf2d48jNI2pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1ODhmMTk3Zjk3ZTg5MDA3NTU1NDRlODEwY2RkZWY5ZDkw
ZmJjNDEwHhcNMjUwNzMxMTUzODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZThiYTVlMWVjY2RjMDE5YWU1YWM3ZTg5MTMzZmM5Y2ZjMTExZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil/ebWS/nfhPU05p3mbKAaGA/pUi
u+JUfR0DLPAbXZrm86nSvRNUWrAl3fv3SNKw2CxXX+MTdrm2D19DtwiL5YNoYPiw
+eCGZ3VHfIm/EkAWhmYy+ZIOe+00CEmUsT+UGXhLdbKPguuqkKYTgSWxSnmHDoC+
64cesnFeFiiwCdgnp4/8SCnQu2BJQvbb0cFN2y+F50lsGscnSdCbf1dkSoRXAPPH
ON0QeH5PxK1RoRap1VrHqQzgj6okiNSXw3nCaqf4exUDYZpI1YOlytiWRw7f0gi7
wCSX7x40jLLKhZZrhG95BLHSc7u5HGDvK3xdaex4IQmYT1SdCf8Yv05fIwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFM6LpeHszcAZrlrH6JEz/Jz8ER1/MB8GA1UdIwQY
MBaAFFWI8Zf5fokAdVVE6BDN3vnZD7xBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2Et
N2NmZWY0Mjc2YTBmLzEvem91bDRlek53Qm11V3Nmb2tUUDhuUHdSSFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi82MjI5ODEtOTY1MC00MjcxLTkyY2EtN2NmZWY0Mjc2YTBm
LzEvVllqeGxfbC1pUUIxVlVUb0VNM2UtZGtQdkVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALgO+AwQD
LgPQAwQBLgPcAwQALuhFAwQELuhwMAwDBAGVfvYDBACVfvowDQYJKoZIhvcNAQEL
BQADggEBABTA164GAsyXXumL3mO2RhnDbHUrCcO572xFQR6pzJeCbkWeF5POcIS+
dqozo/UCoQiAlcFtSqgOCwATRmJ1ZuCxN4Lz63C+bJaqInGtSO1TbN0ePslDkZUr
NvhkqSu0LUXGJka9m3QF/rNDM5Ha9NMsZmjX7wW42GnzOO4kMx+J1vZlEBUS4Yq6
N0zl7y4o75ZKBsNTQQ701c15wM3qDFXgc10C3qJfBgyGb77dtvV77Br9U3yWtzSX
ljrsFta+WytP+w73ZoOifVAkeCUmydfzMmQqzYVWarPqGcll7iTAJqgXejY81+Pe
OAneFzFLkdkNkgy7jHUBzKGolTBPRl0=
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:14:54 2025 by rpki-client