Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLcbeR3QNRKf4StPS9ZxO5vGweI.roa
File: wLcbeR3QNRKf4StPS9ZxO5vGweI.roa (raw, json)
Hash identifier: g/di3+TzLTvPIbwxyaQSKv5y98sZaxBqaEjlM2g8rpc=
Subject key identifier: C0:B7:1B:79:1D:D0:35:12:9F:E1:2B:4F:4B:D6:71:3B:9B:C6:C1:E2
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420685674A4331DA1CC49FD00F5F3BE47
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLcbeR3QNRKf4StPS9ZxO5vGweI.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 147.45.40.0/22 maxlen: 32
147.45.68.0/22 maxlen: 32
147.45.72.0/21 maxlen: 24
193.233.114.0/23 maxlen: 24
193.233.133.0/24 maxlen: 24
193.233.232.0/24 maxlen: 24
193.233.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:56:74:a4:33:1d:a1:cc:49:fd:00:f5:f3:be:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0b71b791dd035129fe12b4f4bd6713b9bc6c1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ad:d9:e1:29:77:52:96:7f:36:af:84:cf:86:
b1:81:db:3f:9f:3a:f9:f5:4d:a9:2e:79:f6:8d:bd:
c4:a8:15:91:0a:93:72:4f:65:ca:f4:ad:45:74:fc:
0c:28:72:12:8b:2a:62:86:68:ab:6a:65:6d:90:67:
e9:ba:01:c6:ce:43:77:a6:42:2c:02:7f:0b:35:ae:
27:21:e6:05:73:0b:47:c8:a2:ea:52:23:79:ba:d4:
7f:02:d5:f9:4f:2e:7d:42:5e:78:31:ba:d3:5a:a4:
b3:59:27:53:ab:19:51:18:67:27:52:d5:74:74:d9:
7f:04:f2:6b:19:b3:77:ab:f5:17:16:4a:68:04:b7:
bc:65:e5:98:e6:89:6c:a2:fe:4f:08:16:b7:93:d4:
08:12:91:d6:8d:53:7a:bb:6f:6d:a5:ab:d7:64:72:
50:49:7e:02:3a:d7:3e:c1:69:cf:aa:ac:7f:79:f0:
b1:82:41:51:e3:0f:6e:76:05:11:e4:c0:b4:c0:27:
25:f2:2d:ef:c8:b1:b1:52:07:83:c1:82:fb:39:6b:
ad:af:cb:b3:01:1a:85:40:e3:f6:19:f7:53:97:7e:
6f:06:a7:57:24:fa:d2:2f:1e:a3:3f:5f:b5:2a:92:
85:8a:af:fe:88:27:b3:58:c1:46:69:f4:57:b9:a4:
cf:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:B7:1B:79:1D:D0:35:12:9F:E1:2B:4F:4B:D6:71:3B:9B:C6:C1:E2
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/wLcbeR3QNRKf4StPS9ZxO5vGweI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.40.0/22
147.45.68.0-147.45.79.255
193.233.114.0/23
193.233.133.0/24
193.233.232.0/23
Signature Algorithm: sha256WithRSAEncryption
37:bb:8d:d4:5e:ab:50:86:01:e0:bd:93:00:c4:4e:16:1d:05:
24:2d:c6:95:62:51:d9:08:86:76:a6:ec:d8:48:2e:d6:71:0a:
92:3b:39:1e:fe:f4:3c:f7:07:15:8b:4b:6d:64:98:08:b9:b6:
0f:b2:64:12:9b:19:67:22:78:0b:ec:dc:ca:64:ab:1a:ba:8f:
5c:18:ca:21:17:8d:03:c8:b8:9a:44:05:b8:5f:52:c4:af:b6:
fa:24:e5:75:c1:65:0b:68:fa:8b:4c:88:79:f6:8f:ba:3b:c2:
a2:8e:c2:77:90:8f:28:db:46:a1:88:a3:20:4f:23:13:c6:d1:
c6:00:f0:1e:f1:f9:bc:f2:e7:05:20:97:51:93:a4:01:76:3b:
2c:26:e1:25:5a:71:82:8e:8f:82:47:aa:0e:3f:29:25:4b:b3:
84:16:50:e3:c4:67:10:44:ad:4a:b9:90:c1:8f:da:88:d9:15:
08:25:46:8c:6d:f0:e9:6b:77:d8:e0:4f:c8:50:e5:70:4e:5b:
a0:cf:aa:d0:ec:7e:f8:df:01:1d:70:06:05:20:8e:71:76:a9:
29:75:f0:ed:a6:90:29:b6:77:73:8d:e1:2f:ad:ec:d8:3e:bd:
56:e4:c9:00:36:b7:17:6c:17:e6:52:7f:76:09:c8:4e:09:ba:
97:b5:ed:36
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQgaFZ0pDMdocxJ/QD1875HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGI3MWI3OTFkZDAzNTEyOWZlMTJiNGY0YmQ2NzEzYjliYzZjMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzK3Z4Sl3UpZ/Nq+Ez4axgds/nzr5
9U2pLnn2jb3EqBWRCpNyT2XK9K1FdPwMKHISiypihmiramVtkGfpugHGzkN3pkIs
An8LNa4nIeYFcwtHyKLqUiN5utR/AtX5Ty59Ql54MbrTWqSzWSdTqxlRGGcnUtV0
dNl/BPJrGbN3q/UXFkpoBLe8ZeWY5olsov5PCBa3k9QIEpHWjVN6u29tpavXZHJQ
SX4COtc+wWnPqqx/efCxgkFR4w9udgUR5MC0wCcl8i3vyLGxUgeDwYL7OWutr8uz
ARqFQOP2GfdTl35vBqdXJPrSLx6jP1+1KpKFiq/+iCezWMFGafRXuaTP1wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMC3G3kd0DUSn+ErT0vWcTubxsHiMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvd0xjYmVSM1FOUktmNFN0UFM5WnhPNXZHd2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCky0oMAwD
BAKTLUQDBASTLUADBAHB6XIDBADB6YUDBAHB6egwDQYJKoZIhvcNAQELBQADggEB
ADe7jdReq1CGAeC9kwDEThYdBSQtxpViUdkIhnam7NhILtZxCpI7OR7+9Dz3BxWL
S21kmAi5tg+yZBKbGWcieAvs3Mpkqxq6j1wYyiEXjQPIuJpEBbhfUsSvtvok5XXB
ZQto+otMiHn2j7o7wqKOwneQjyjbRqGIoyBPIxPG0cYA8B7x+bzy5wUgl1GTpAF2
Oywm4SVacYKOj4JHqg4/KSVLs4QWUOPEZxBErUq5kMGP2ojZFQglRoxt8Olrd9jg
T8hQ5XBOW6DPqtDsfvjfAR1wBgUgjnF2qSl18O2mkCm2d3ON4S+t7Ng+vVbkyQA2
txdsF+ZSf3YJyE4Jupe17TY=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:47:47 2025 by rpki-client