Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/beekZP6BzATj0IMXRAlySwVYiAM.roa
File: beekZP6BzATj0IMXRAlySwVYiAM.roa (raw, json)
Hash identifier: Pe8pgqM61jrsc2mSVATEKrnzDyXQWIqQqmLMuV43X8w=
Subject key identifier: 6D:E7:A4:64:FE:81:CC:04:E3:D0:83:17:44:09:72:4B:05:58:88:03
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019A2FEBF1A45752995CFA838BE84F0206DA
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/beekZP6BzATj0IMXRAlySwVYiAM.roa
Signing time: Wed 29 Oct 2025 12:23:03 +0000
ROA not before: Wed 29 Oct 2025 12:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 147.45.49.0/24 maxlen: 24
147.45.50.0/24 maxlen: 24
147.45.51.0/24 maxlen: 24
147.45.60.0/24 maxlen: 24
147.45.84.0/24 maxlen: 24
147.45.85.0/24 maxlen: 24
147.45.86.0/24 maxlen: 24
147.45.87.0/24 maxlen: 24
147.45.116.0/24 maxlen: 24
147.45.126.0/24 maxlen: 24
147.45.177.0/24 maxlen: 24
147.45.178.0/24 maxlen: 24
147.45.179.0/24 maxlen: 24
147.45.200.0/23 maxlen: 23
147.45.202.0/23 maxlen: 23
147.45.204.0/24 maxlen: 24
147.45.217.0/24 maxlen: 24
147.45.220.0/24 maxlen: 24
147.45.221.0/24 maxlen: 24
193.233.126.0/24 maxlen: 24
193.233.127.0/24 maxlen: 24
193.233.198.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 20:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:eb:f1:a4:57:52:99:5c:fa:83:8b:e8:4f:02:06:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Oct 29 12:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6de7a464fe81cc04e3d083174409724b05588803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:52:94:40:15:0a:2d:52:fc:d1:27:a0:6c:cf:
03:78:13:25:98:4d:b9:54:bb:58:c8:ac:c9:11:c3:
b1:e9:b4:ea:e1:b7:d6:7a:de:73:06:3d:e6:4c:28:
17:62:41:82:9e:a2:1f:f5:91:10:8e:f9:6e:c5:b3:
61:d8:8b:60:a0:d3:fd:5d:03:c3:c8:66:cc:00:8b:
35:37:51:c1:0b:01:ff:2a:b9:64:9a:f4:d6:28:fe:
5a:26:74:38:ba:66:e6:27:97:9f:03:9f:bc:27:25:
25:1c:94:8c:91:78:68:f7:cf:f3:de:fc:6c:67:90:
96:82:fc:e0:b7:5f:2e:6d:00:fe:6e:87:56:85:bd:
04:2c:93:d2:a9:0d:57:f6:35:92:48:fa:0d:0b:4b:
d5:d0:1a:29:6e:2b:b7:be:85:44:6b:b7:17:74:cf:
51:da:e6:35:22:de:b6:33:79:39:b0:73:b3:11:0b:
68:a0:a6:29:7f:2f:bc:70:65:e9:82:eb:90:19:bc:
ba:9e:26:5f:48:70:af:38:0b:bb:73:c1:cd:1d:14:
87:ca:26:8b:64:f5:0e:8e:18:d6:96:da:75:7c:0d:
ca:7a:7b:ba:66:a9:21:6c:d0:59:cc:68:99:8c:5c:
1e:29:c0:0f:da:2f:5e:ce:f3:5b:86:78:00:1b:cf:
3f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E7:A4:64:FE:81:CC:04:E3:D0:83:17:44:09:72:4B:05:58:88:03
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/beekZP6BzATj0IMXRAlySwVYiAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.49.0-147.45.51.255
147.45.60.0/24
147.45.84.0/22
147.45.116.0/24
147.45.126.0/24
147.45.177.0-147.45.179.255
147.45.200.0-147.45.204.255
147.45.217.0/24
147.45.220.0/23
193.233.126.0/23
193.233.198.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:23:b8:07:39:b5:46:95:09:c5:8b:32:37:00:4b:ef:e6:fc:
d0:0b:ea:d9:33:d7:dc:b9:9e:5e:9f:a8:1c:5e:62:d4:d4:3d:
88:5f:d6:73:c6:a3:3a:f7:d4:13:6e:80:fd:89:23:f0:5d:6a:
a2:c1:86:c1:9c:84:d1:cb:b2:33:05:e5:82:fa:58:ab:e3:66:
55:bf:7b:e8:e2:35:48:e4:63:b2:c6:5f:d9:ef:f0:c5:03:4e:
e8:01:96:d6:83:8f:9a:49:42:09:a6:21:51:88:38:0e:6b:ee:
d5:d7:93:b8:3e:d1:41:c9:71:99:d3:dc:2e:40:e5:58:85:a6:
07:dd:2d:f8:5a:09:d8:3c:a9:00:6d:09:5f:ec:4f:bb:9f:ad:
f7:24:89:bf:0e:a9:c0:29:24:75:e4:14:e8:ef:e6:2d:a6:7f:
f4:cd:96:d0:4c:ff:3b:be:64:36:5f:5e:11:a4:2b:27:7e:9f:
ed:31:cf:dd:5c:34:e0:5b:39:93:37:92:dc:ed:69:2e:e9:07:
b2:41:dd:94:47:19:2c:b6:80:52:2e:64:31:ec:45:91:44:46:
02:d9:c8:1a:6a:95:7a:d2:7c:b1:d7:92:f7:cf:40:a6:3f:81:
80:93:05:d7:eb:2f:1f:2b:87:21:9e:3d:a1:c8:3b:2a:18:26:
42:02:72:a6
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZov6/GkV1KZXPqDi+hPAgbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUxMDI5MTIyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGU3YTQ2NGZlODFjYzA0ZTNkMDgzMTc0NDA5NzI0YjA1NTg4ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1KUQBUKLVL80SegbM8DeBMlmE25
VLtYyKzJEcOx6bTq4bfWet5zBj3mTCgXYkGCnqIf9ZEQjvluxbNh2ItgoNP9XQPD
yGbMAIs1N1HBCwH/KrlkmvTWKP5aJnQ4umbmJ5efA5+8JyUlHJSMkXho98/z3vxs
Z5CWgvzgt18ubQD+bodWhb0ELJPSqQ1X9jWSSPoNC0vV0Bopbiu3voVEa7cXdM9R
2uY1It62M3k5sHOzEQtooKYpfy+8cGXpguuQGby6niZfSHCvOAu7c8HNHRSHyiaL
ZPUOjhjWltp1fA3Kenu6ZqkhbNBZzGiZjFweKcAP2i9ezvNbhngAG88/SQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFG3npGT+gcwE49CDF0QJcksFWIgDMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvYmVla1pQNkJ6QVRqMElNWFJBbHlTd1ZZaUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBACTLTED
BAKTLTADBACTLTwDBAKTLVQDBACTLXQDBACTLX4wDAMEAJMtsQMEApMtsDAMAwQD
ky3IAwQAky3MAwQAky3ZAwQBky3cAwQBwel+AwQBwenGMA0GCSqGSIb3DQEBCwUA
A4IBAQBOI7gHObVGlQnFizI3AEvv5vzQC+rZM9fcuZ5en6gcXmLU1D2IX9ZzxqM6
99QTboD9iSPwXWqiwYbBnITRy7IzBeWC+lir42ZVv3vo4jVI5GOyxl/Z7/DFA07o
AZbWg4+aSUIJpiFRiDgOa+7V15O4PtFByXGZ09wuQOVYhaYH3S34WgnYPKkAbQlf
7E+7n633JIm/DqnAKSR15BTo7+Ytpn/0zZbQTP87vmQ2X14RpCsnfp/tMc/dXDTg
WzmTN5Lc7Wku6QeyQd2URxkstoBSLmQx7EWRREYC2cgaapV60nyx15L3z0CmP4GA
kwXX6y8fK4chnj2hyDsqGCZCAnKm
-----END CERTIFICATE-----
Generated at Sun Nov 2 03:21:45 2025 by rpki-client