Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b8iKQhqmVIDDA88og8h2FcWCabU.roa
File: b8iKQhqmVIDDA88og8h2FcWCabU.roa (raw, json)
Hash identifier: ReJApz/mnQfteLdn4uSlfMxnimYJfD6EOb/wL10N5ss=
Subject key identifier: 6F:C8:8A:42:1A:A6:54:80:C3:03:CF:28:83:C8:76:15:C5:82:69:B5
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0195FDAF7838B09EA55E1B3217DD75441AAD
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b8iKQhqmVIDDA88og8h2FcWCabU.roa
Signing time: Thu 03 Apr 2025 22:04:50 +0000
ROA not before: Thu 03 Apr 2025 22:04:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2895
IP address blocks: 147.45.0.0/19 maxlen: 19
147.45.32.0/23 maxlen: 23
147.45.194.0/23 maxlen: 23
193.233.0.0/22 maxlen: 22
193.233.4.0/24 maxlen: 24
193.233.10.0/23 maxlen: 23
2001:640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 13:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fd:af:78:38:b0:9e:a5:5e:1b:32:17:dd:75:44:1a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Apr 3 22:04:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fc88a421aa65480c303cf2883c87615c58269b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:12:2c:fa:83:b4:91:a7:3b:7b:e3:1f:72:4e:
48:d5:75:81:c2:f9:c3:1d:f5:77:c7:28:d8:8c:e6:
8f:94:df:70:a1:75:55:93:bc:17:37:bf:cb:fb:5a:
78:01:2e:67:c4:5c:ff:00:e7:7a:af:31:79:d2:07:
63:ec:d9:99:bc:7b:b6:5e:da:df:1b:fc:76:c7:f6:
e1:23:c8:88:a3:b9:c9:3c:79:79:8b:6b:53:0c:47:
f1:3e:68:29:c4:1d:8d:73:7f:46:cb:93:07:4d:9a:
03:63:e7:42:1e:55:d7:5c:88:b7:70:67:0d:79:a6:
2e:17:3f:7f:69:b8:93:62:fa:79:5b:f5:72:51:d8:
fc:24:98:bc:a5:5f:6e:f1:7a:07:39:a8:75:72:fb:
40:16:3a:3f:ae:32:c5:98:73:9a:00:e3:f6:dd:41:
b9:7c:58:01:d9:43:f6:89:66:52:e4:fb:84:2d:c4:
07:ab:20:e0:91:c7:87:34:5e:1d:2d:ba:6b:59:91:
f0:ee:03:6f:e6:3e:f6:1a:32:7f:ab:74:1d:1f:64:
67:73:9c:d4:b2:08:53:c8:38:2b:4a:60:c3:18:60:
dd:ca:86:ef:38:29:8c:5d:9d:80:a7:d3:d4:bc:7d:
35:39:14:a6:f8:82:11:01:4b:73:bb:e2:55:1a:80:
58:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C8:8A:42:1A:A6:54:80:C3:03:CF:28:83:C8:76:15:C5:82:69:B5
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/b8iKQhqmVIDDA88og8h2FcWCabU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0-147.45.33.255
147.45.194.0/23
193.233.0.0-193.233.4.255
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
88:4e:c6:d6:3d:1f:94:5f:f0:5e:d6:a1:ef:78:e0:98:e6:a9:
6c:68:2e:6a:d1:0b:99:94:97:9b:b5:08:47:e1:9e:62:ff:ef:
12:ba:09:01:e9:3b:bf:0a:5d:b7:8d:89:0d:e1:42:4c:32:69:
a7:b8:fc:75:a5:ad:54:a2:c7:21:52:98:68:ff:11:e0:b0:d7:
eb:cb:f7:d4:3a:c4:56:78:1a:b6:b1:ca:4d:79:fb:80:b2:3b:
0d:a0:e9:f6:63:68:26:00:fe:ae:42:8a:d8:78:49:39:f6:ba:
20:dd:10:a6:01:95:1d:7c:d4:e2:4b:fb:4d:70:e9:69:b6:df:
b8:4e:98:e4:4f:05:02:24:72:93:97:03:09:54:69:93:3d:32:
ab:a5:bc:66:a8:08:04:a9:96:62:8b:43:10:2a:90:1a:95:19:
d7:c7:72:5e:27:79:f5:03:21:7e:c1:d6:85:9b:ba:b2:f6:4e:
d5:e4:7b:03:1b:2d:6e:63:01:36:2f:70:59:70:ad:26:6a:4a:
2d:cc:e6:89:c7:e0:40:f3:ba:00:a6:41:b0:8a:6c:c3:b5:99:
b0:f5:73:8f:fa:1a:44:6c:93:1c:89:0b:64:d4:4e:d6:45:b2:
cf:f3:2c:77:cc:b0:8c:f0:fc:a0:e2:d5:6e:6d:0f:b3:17:34:
cd:5d:ec:58
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZX9r3g4sJ6lXhsyF911RBqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNDAzMjIwNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmM4OGE0MjFhYTY1NDgwYzMwM2NmMjg4M2M4NzYxNWM1ODI2OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRIs+oO0kac7e+Mfck5I1XWBwvnD
HfV3xyjYjOaPlN9woXVVk7wXN7/L+1p4AS5nxFz/AOd6rzF50gdj7NmZvHu2Xtrf
G/x2x/bhI8iIo7nJPHl5i2tTDEfxPmgpxB2Nc39Gy5MHTZoDY+dCHlXXXIi3cGcN
eaYuFz9/abiTYvp5W/VyUdj8JJi8pV9u8XoHOah1cvtAFjo/rjLFmHOaAOP23UG5
fFgB2UP2iWZS5PuELcQHqyDgkceHNF4dLbprWZHw7gNv5j72GjJ/q3QdH2Rnc5zU
sghTyDgrSmDDGGDdyobvOCmMXZ2Ap9PUvH01ORSm+IIRAUtzu+JVGoBYXQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFG/IikIaplSAwwPPKIPIdhXFgmm1MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYjhpS1FocW1WSUREQTg4b2c4aDJGY1dDYWJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAsDAwCTLQME
AZMtIAMEAZMtwjALAwMAwekDBADB6QQDBAHB6QowDQQCAAIwBwMFACABBkAwDQYJ
KoZIhvcNAQELBQADggEBAIhOxtY9H5Rf8F7Woe944JjmqWxoLmrRC5mUl5u1CEfh
nmL/7xK6CQHpO78KXbeNiQ3hQkwyaae4/HWlrVSixyFSmGj/EeCw1+vL99Q6xFZ4
Graxyk15+4CyOw2g6fZjaCYA/q5Cith4STn2uiDdEKYBlR181OJL+01w6Wm237hO
mORPBQIkcpOXAwlUaZM9MqulvGaoCASplmKLQxAqkBqVGdfHcl4nefUDIX7B1oWb
urL2TtXkewMbLW5jATYvcFlwrSZqSi3M5onH4EDzugCmQbCKbMO1mbD1c4/6GkRs
kxyJC2TUTtZFss/zLHfMsIzw/KDi1W5tD7MXNM1d7Fg=
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:57:46 2025 by rpki-client