Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nC1fOob-WCkfNG2kPqiZRNDsorc.roa
File: nC1fOob-WCkfNG2kPqiZRNDsorc.roa (raw, json)
Hash identifier: RFnSoCuRnFdJLnYRXznfCctD0gHTpf7Yvqt7F58tG/0=
Subject key identifier: 9C:2D:5F:3A:86:FE:58:29:1F:34:6D:A4:3E:A8:99:44:D0:EC:A2:B7
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194206848171D814CB34022351B676764DB
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nC1fOob-WCkfNG2kPqiZRNDsorc.roa
Signing time: Wed 01 Jan 2025 05:48:12 +0000
ROA not before: Wed 01 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57494
IP address blocks: 147.45.102.0/24 maxlen: 24
147.45.147.0/24 maxlen: 24
147.45.158.0/24 maxlen: 24
147.45.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:48:17:1d:81:4c:b3:40:22:35:1b:67:67:64:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c2d5f3a86fe58291f346da43ea89944d0eca2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:50:fe:16:e3:e2:1c:40:60:09:79:f7:7f:31:
bd:cd:2f:98:8e:5c:9e:70:e2:9d:b3:a4:93:65:18:
74:a7:8d:00:b5:c3:7d:d7:74:b9:79:9c:9e:b0:63:
34:1a:b4:86:0a:8a:64:0a:cf:1d:96:e5:1f:5e:cf:
5f:8b:90:35:9a:6c:53:2b:44:f0:cc:59:6c:7c:dd:
2d:e4:1e:bf:ec:4c:7a:5c:90:e5:a0:3b:59:71:f3:
d2:54:b4:0d:18:87:d9:97:fd:71:42:71:0d:90:12:
b2:0f:55:6e:d6:ea:a3:eb:eb:a2:21:71:8c:f8:9e:
67:09:30:d2:f3:38:78:c3:5b:69:0c:83:77:1f:1c:
a8:17:30:db:1b:0f:3d:02:6b:ed:a3:2f:05:34:53:
7a:f4:6a:97:a2:61:08:dc:2b:2c:c9:c7:8c:e0:19:
9a:6e:82:cb:8b:ab:56:55:77:af:99:ef:02:4f:5d:
8c:2b:c6:f3:44:88:5e:40:2b:e6:92:60:49:89:16:
ac:69:76:93:93:79:d2:6d:9c:cc:ff:ec:78:eb:4c:
e3:31:5a:40:29:53:bc:bd:88:36:8b:e1:86:d6:03:
5e:7d:60:e9:5d:86:dc:49:05:88:61:b1:8e:ec:ee:
3d:9b:d7:e2:c5:18:bc:de:5a:52:e2:4a:c2:62:2e:
73:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2D:5F:3A:86:FE:58:29:1F:34:6D:A4:3E:A8:99:44:D0:EC:A2:B7
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/nC1fOob-WCkfNG2kPqiZRNDsorc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.102.0/24
147.45.147.0/24
147.45.158.0/24
147.45.161.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ec:91:6d:f9:b1:f7:9a:46:48:d2:c0:0c:31:39:b1:8c:bb:
87:32:42:62:66:49:5d:99:fc:20:fc:37:8a:a4:14:06:db:cc:
05:67:8f:2a:e5:ae:fe:bf:d4:58:49:33:1b:1f:29:1c:3c:24:
aa:1d:54:f9:e6:f3:f0:72:f2:18:7d:a9:4d:6a:4c:f6:d6:2c:
79:79:6d:4a:9d:61:8c:c7:7a:67:74:c4:25:4f:2f:25:b8:2f:
b8:c3:00:6b:df:e0:ae:2f:5b:58:a1:3c:f5:33:47:12:52:88:
5e:15:d8:64:25:7e:e3:26:3b:e6:31:e1:46:38:68:90:68:bc:
8d:ec:bc:5f:cb:d1:24:32:25:4a:df:9a:ba:c5:7a:3c:c4:19:
54:01:03:2e:ea:e6:7b:f1:ca:6b:18:e2:3a:44:45:1f:7e:c1:
d4:d4:55:34:b1:5d:03:c4:8f:d0:30:5c:e6:94:dc:2b:34:7b:
cb:8b:eb:60:9f:59:36:20:ac:7f:44:e4:13:fa:57:03:b7:22:
5b:ed:e1:e1:c7:28:43:2d:e3:fc:04:25:1b:83:2c:3d:e7:3e:
d3:39:f8:4c:21:d9:26:33:13:7d:22:1e:6f:e2:ce:ec:40:90:
60:f5:a8:38:26:6b:cc:10:01:68:0c:13:ce:f3:70:93:e5:22:
33:7a:a8:42
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaEgXHYFMs0AiNRtnZ2TbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJkNWYzYTg2ZmU1ODI5MWYzNDZkYTQzZWE4OTk0NGQwZWNhMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lD+FuPiHEBgCXn3fzG9zS+Yjlye
cOKds6STZRh0p40AtcN913S5eZyesGM0GrSGCopkCs8dluUfXs9fi5A1mmxTK0Tw
zFlsfN0t5B6/7Ex6XJDloDtZcfPSVLQNGIfZl/1xQnENkBKyD1Vu1uqj6+uiIXGM
+J5nCTDS8zh4w1tpDIN3HxyoFzDbGw89Amvtoy8FNFN69GqXomEI3CssyceM4Bma
boLLi6tWVXevme8CT12MK8bzRIheQCvmkmBJiRasaXaTk3nSbZzM/+x460zjMVpA
KVO8vYg2i+GG1gNefWDpXYbcSQWIYbGO7O49m9fixRi83lpS4krCYi5zswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJwtXzqG/lgpHzRtpD6omUTQ7KK3MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvbkMxZk9vYi1XQ2tmTkcya1BxaVpSTkRzb3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAky1mAwQA
ky2TAwQAky2eAwQAky2hMA0GCSqGSIb3DQEBCwUAA4IBAQAi7JFt+bH3mkZI0sAM
MTmxjLuHMkJiZkldmfwg/DeKpBQG28wFZ48q5a7+v9RYSTMbHykcPCSqHVT55vPw
cvIYfalNakz21ix5eW1KnWGMx3pndMQlTy8luC+4wwBr3+CuL1tYoTz1M0cSUohe
FdhkJX7jJjvmMeFGOGiQaLyN7Lxfy9EkMiVK35q6xXo8xBlUAQMu6uZ78cprGOI6
REUffsHU1FU0sV0DxI/QMFzmlNwrNHvLi+tgn1k2IKx/ROQT+lcDtyJb7eHhxyhD
LeP8BCUbgyw95z7TOfhMIdkmMxN9Ih5v4s7sQJBg9ag4JmvMEAFoDBPO83CT5SIz
eqhC
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:38:45 2025 by rpki-client