Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iEQYm9mhXxzRw2QFedVUgBp-YzU.roa
File: iEQYm9mhXxzRw2QFedVUgBp-YzU.roa (raw, json)
Hash identifier: 38P7LQwHlvLuGOKCLQ7D7Y5t3RS012inT3TMFAazYjI=
Subject key identifier: 88:44:18:9B:D9:A1:5F:1C:D1:C3:64:05:79:D5:54:80:1A:7E:63:35
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685B74F7C9E05D0E01949A260B9AEC
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iEQYm9mhXxzRw2QFedVUgBp-YzU.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.65.0/24 maxlen: 24
147.45.66.0/24 maxlen: 24
147.45.67.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
185.103.100.0/24 maxlen: 24
185.103.101.0/24 maxlen: 24
185.103.102.0/24 maxlen: 24
185.103.103.0/24 maxlen: 24
193.233.74.0/24 maxlen: 24
193.233.75.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.165.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.252.0/24 maxlen: 24
193.233.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:74:f7:c9:e0:5d:0e:01:94:9a:26:0b:9a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8844189bd9a15f1cd1c3640579d554801a7e6335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:60:ae:b0:c1:86:f0:3b:ce:26:86:52:fe:69:
9e:a7:13:91:a8:73:d4:a7:eb:dc:04:3b:b7:97:2c:
f8:2f:9b:42:a8:73:ab:1e:47:54:b7:16:fc:01:0f:
00:0d:08:3c:a8:a0:d3:c0:66:9c:1a:9d:d0:8e:84:
a1:83:8b:e5:ca:8e:ef:d3:df:67:75:8c:78:a7:b5:
42:7c:f5:04:60:f3:d2:e0:73:6f:14:ca:fa:69:ad:
95:71:55:fe:b4:3a:bd:55:79:66:d4:3b:8a:4b:fa:
90:da:f7:7c:51:fc:cb:41:17:e0:aa:d4:73:e7:be:
a9:d8:5b:a8:df:63:e6:51:d5:a1:be:b0:f6:a0:15:
4b:fd:75:fa:ca:b7:b9:79:5a:f2:0f:fb:6d:9f:7a:
65:43:2b:6e:44:31:fa:99:cd:9c:6c:c1:24:8b:2a:
1d:a7:c7:f1:bf:94:ac:7d:79:d6:9a:dc:3b:89:d3:
ad:0c:14:90:a9:9e:45:48:81:76:dd:5a:7d:5b:b7:
92:af:d7:b9:88:9c:44:de:4a:96:3a:64:d8:d1:30:
9c:b6:1b:51:b1:93:8c:1f:b4:d9:32:5b:2c:16:d6:
a2:99:94:0e:ca:50:86:13:cb:b4:3e:0a:d5:32:ec:
0f:76:69:f1:14:d3:9b:d2:2f:dd:c4:88:ed:63:8f:
b9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:44:18:9B:D9:A1:5F:1C:D1:C3:64:05:79:D5:54:80:1A:7E:63:35
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/iEQYm9mhXxzRw2QFedVUgBp-YzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.65.0-147.45.67.255
147.45.193.0/24
185.103.100.0/22
193.233.74.0/23
193.233.80.0/24
193.233.85.0/24
193.233.164.0/23
193.233.171.0/24
193.233.175.0/24
193.233.252.0/23
Signature Algorithm: sha256WithRSAEncryption
23:d4:17:42:05:1c:1b:fc:0a:82:0c:fc:a9:52:b4:3c:9c:08:
fd:15:33:0d:c9:a6:78:b2:d7:0a:cb:e9:90:df:85:67:23:d8:
10:b6:8c:c2:b1:0e:8d:3b:d9:4d:bd:6d:03:84:b1:9c:33:9d:
c0:de:f4:59:c9:57:e3:a8:ee:20:64:01:d6:33:10:37:fe:96:
d9:4a:af:49:65:a6:de:27:62:80:11:47:ef:31:aa:c4:cc:17:
ab:ab:6f:cd:4a:17:75:27:f1:ac:46:fe:89:35:de:03:5c:d8:
13:a4:c7:ff:26:3c:c1:4f:ce:fe:15:ac:4a:54:3f:31:05:0b:
55:a0:f2:7d:f9:9a:d9:f3:d4:08:7f:fd:34:20:dc:c2:95:2c:
c3:17:d9:32:07:f4:a2:72:2c:c6:83:eb:c2:8b:36:1e:5e:dd:
a2:76:43:0a:2c:40:5a:a3:85:1f:2d:e4:20:a1:44:ab:0e:8f:
e2:d1:e8:69:81:fc:4d:00:8c:ea:f3:4a:d8:c1:49:b3:94:ea:
1f:0d:33:b4:35:8d:9e:a9:a2:b0:db:8c:80:0e:ca:b9:3d:f9:
28:ce:a0:32:c2:fa:d1:c1:86:8c:b9:ff:8d:93:cd:ad:dd:f3:
e8:82:98:3e:1a:f3:b0:fe:9c:d4:08:17:52:59:97:3b:8d:a2:
f3:03:39:22
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQgaFt098ngXQ4BlJomC5rsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODQ0MTg5YmQ5YTE1ZjFjZDFjMzY0MDU3OWQ1NTQ4MDFhN2U2MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2CusMGG8DvOJoZS/mmepxORqHPU
p+vcBDu3lyz4L5tCqHOrHkdUtxb8AQ8ADQg8qKDTwGacGp3QjoShg4vlyo7v099n
dYx4p7VCfPUEYPPS4HNvFMr6aa2VcVX+tDq9VXlm1DuKS/qQ2vd8UfzLQRfgqtRz
576p2Fuo32PmUdWhvrD2oBVL/XX6yre5eVryD/ttn3plQytuRDH6mc2cbMEkiyod
p8fxv5SsfXnWmtw7idOtDBSQqZ5FSIF23Vp9W7eSr9e5iJxE3kqWOmTY0TCcthtR
sZOMH7TZMlssFtaimZQOylCGE8u0PgrVMuwPdmnxFNOb0i/dxIjtY4+5mwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFIhEGJvZoV8c0cNkBXnVVIAafmM1MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaUVRWW05bWhYeHpSdzJRRmVkVlVnQnAtWXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACTLUED
BAKTLUADBACTLcEDBAK5Z2QDBAHB6UoDBADB6VADBADB6VUDBAHB6aQDBADB6asD
BADB6a8DBAHB6fwwDQYJKoZIhvcNAQELBQADggEBACPUF0IFHBv8CoIM/KlStDyc
CP0VMw3Jpniy1wrL6ZDfhWcj2BC2jMKxDo072U29bQOEsZwzncDe9FnJV+Oo7iBk
AdYzEDf+ltlKr0llpt4nYoARR+8xqsTMF6urb81KF3Un8axG/ok13gNc2BOkx/8m
PMFPzv4VrEpUPzEFC1Wg8n35mtnz1Ah//TQg3MKVLMMX2TIH9KJyLMaD68KLNh5e
3aJ2QwosQFqjhR8t5CChRKsOj+LR6GmB/E0AjOrzStjBSbOU6h8NM7Q1jZ6porDb
jIAOyrk9+SjOoDLC+tHBhoy5/42Tza3d8+iCmD4a87D+nNQIF1JZlzuNovMDOSI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:45:14 2025 by rpki-client