Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zQGoVhw7b1tP2Gl1PhODJsZGt0w.roa
File: zQGoVhw7b1tP2Gl1PhODJsZGt0w.roa (raw, json)
Hash identifier: 6rxYo+3b7Zd3XjRgl2aOmHKsgS37BtF89jo6+M3KAzA=
Subject key identifier: CD:01:A8:56:1C:3B:6F:5B:4F:D8:69:75:3E:13:83:26:C6:46:B7:4C
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0194B6C84B040BBC906EEB24CA45A2C9E597
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zQGoVhw7b1tP2Gl1PhODJsZGt0w.roa
Signing time: Thu 30 Jan 2025 10:36:07 +0000
ROA not before: Thu 30 Jan 2025 10:36:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 147.45.65.0/24 maxlen: 24
147.45.196.0/24 maxlen: 24
147.45.197.0/24 maxlen: 24
147.45.222.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b6:c8:4b:04:0b:bc:90:6e:eb:24:ca:45:a2:c9:e5:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 30 10:36:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd01a8561c3b6f5b4fd869753e138326c646b74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:28:f7:d2:13:b5:2e:b7:be:62:8e:c6:d8:6c:
99:04:ad:4d:ec:2b:83:dd:0e:f7:7a:11:ab:1d:5a:
54:db:3c:28:58:8a:eb:d1:8b:30:aa:cb:14:81:ac:
46:f8:a7:cb:14:36:45:e3:4e:93:30:ef:99:aa:9d:
36:63:b8:7c:d2:b7:02:6c:c7:55:66:45:ce:e4:ea:
8c:e6:85:e6:54:fa:51:46:22:6d:16:c3:33:f5:bf:
1d:43:6c:14:b7:8b:be:d8:30:26:27:c0:7a:16:34:
03:49:44:4b:03:0c:ea:dc:2e:b1:02:2a:4c:e0:ba:
32:3f:f5:e4:20:b4:db:f9:ec:de:b9:22:f3:4c:84:
04:73:60:b8:0e:68:bc:85:04:d4:2f:64:05:04:32:
1f:e7:fe:54:f3:50:9e:d6:11:a6:64:d4:7f:80:26:
2f:a2:6e:6c:d8:22:45:07:9b:f8:0e:ca:e6:78:9a:
70:6e:8f:2c:ba:a0:c2:59:b2:24:8e:63:a0:59:5d:
ff:04:e4:05:d0:fa:44:7e:2c:90:02:fd:0c:02:59:
56:a6:fe:f6:83:8c:d6:b1:9c:9f:6e:72:ff:d1:6a:
58:29:04:81:cb:38:b2:60:56:e1:dd:f7:4f:8e:d2:
a1:c4:20:31:27:6e:5e:94:ed:86:fb:d1:91:ab:c8:
89:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:01:A8:56:1C:3B:6F:5B:4F:D8:69:75:3E:13:83:26:C6:46:B7:4C
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zQGoVhw7b1tP2Gl1PhODJsZGt0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.65.0/24
147.45.196.0/23
147.45.222.0/24
193.233.16.0/24
193.233.85.0/24
193.233.171.0/24
193.233.175.0/24
Signature Algorithm: sha256WithRSAEncryption
93:a9:69:bf:b5:1a:ea:da:3d:ac:35:bd:f6:83:f1:aa:09:d9:
5e:c6:ca:20:21:40:90:91:bf:f2:ee:4b:8a:d9:c4:44:b9:9e:
ef:be:e1:2e:59:d4:38:1c:b5:ea:bd:d0:b3:54:02:76:e4:60:
24:b1:8a:6d:eb:e8:94:6e:92:32:1b:cb:39:2c:e8:24:a1:82:
ef:29:a3:34:ec:18:3a:e3:40:17:57:2a:8d:78:e8:f9:b7:6f:
5c:8e:bc:4c:e2:b1:c8:d7:61:e8:5a:9a:23:d0:5c:f2:02:b0:
c8:8e:02:29:0c:d5:b8:43:6e:8c:b2:8d:be:f2:07:7f:7a:65:
60:5b:1e:ed:b9:4a:07:e3:9c:25:d2:df:ad:9c:ed:56:aa:79:
ff:dc:7f:b7:39:55:af:bd:05:cc:66:52:b2:03:5f:4e:1b:00:
25:32:a3:c8:9b:c9:de:a0:43:03:f1:14:06:83:e7:eb:16:4e:
37:28:4d:4c:82:ee:a4:c0:bd:49:2a:25:34:da:a7:2c:14:c4:
78:f4:b3:2c:8a:a4:c6:d9:e2:99:33:3a:02:be:02:66:32:11:
24:0e:37:78:09:d1:54:9b:ca:61:29:5b:b2:e1:bf:b2:7a:60:
5f:de:a7:6c:59:6b:5f:d0:e8:73:b2:44:71:47:4d:c3:9d:c6:
86:0c:92:30
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZS2yEsEC7yQbuskykWiyeWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTMwMTAzNjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDAxYTg1NjFjM2I2ZjViNGZkODY5NzUzZTEzODMyNmM2NDZiNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzij30hO1Lre+Yo7G2GyZBK1N7CuD
3Q73ehGrHVpU2zwoWIrr0YswqssUgaxG+KfLFDZF406TMO+Zqp02Y7h80rcCbMdV
ZkXO5OqM5oXmVPpRRiJtFsMz9b8dQ2wUt4u+2DAmJ8B6FjQDSURLAwzq3C6xAipM
4LoyP/XkILTb+ezeuSLzTIQEc2C4Dmi8hQTUL2QFBDIf5/5U81Ce1hGmZNR/gCYv
om5s2CJFB5v4DsrmeJpwbo8suqDCWbIkjmOgWV3/BOQF0PpEfiyQAv0MAllWpv72
g4zWsZyfbnL/0WpYKQSByziyYFbh3fdPjtKhxCAxJ25elO2G+9GRq8iJfQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM0BqFYcO29bT9hpdT4TgybGRrdMMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvelFHb1ZodzdiMXRQMkdsMVBoT0RKc1pHdDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAky1BAwQB
ky3EAwQAky3eAwQAwekQAwQAwelVAwQAwemrAwQAwemvMA0GCSqGSIb3DQEBCwUA
A4IBAQCTqWm/tRrq2j2sNb32g/GqCdlexsogIUCQkb/y7kuK2cREuZ7vvuEuWdQ4
HLXqvdCzVAJ25GAksYpt6+iUbpIyG8s5LOgkoYLvKaM07Bg640AXVyqNeOj5t29c
jrxM4rHI12HoWpoj0FzyArDIjgIpDNW4Q26Mso2+8gd/emVgWx7tuUoH45wl0t+t
nO1Wqnn/3H+3OVWvvQXMZlKyA19OGwAlMqPIm8neoEMD8RQGg+frFk43KE1Mgu6k
wL1JKiU02qcsFMR49LMsiqTG2eKZMzoCvgJmMhEkDjd4CdFUm8phKVuy4b+yemBf
3qdsWWtf0OhzskRxR03DncaGDJIw
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:41:51 2025 by rpki-client