Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/rYxYWfIeTnNn8qSle7ESzJLS15E.roa
File: rYxYWfIeTnNn8qSle7ESzJLS15E.roa (raw, json)
Hash identifier: mVnt14dCBjHww2nq8hUnznrYmqu/XqzKI3p4snXhfg8=
Subject key identifier: AD:8C:58:59:F2:1E:4E:73:67:F2:A4:A5:7B:B1:12:CC:92:D2:D7:91
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019963988526A1FB4069726201B69BED6CD8
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/rYxYWfIeTnNn8qSle7ESzJLS15E.roa
Signing time: Fri 19 Sep 2025 20:09:23 +0000
ROA not before: Fri 19 Sep 2025 20:09:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 147.45.65.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.164.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:63:98:85:26:a1:fb:40:69:72:62:01:b6:9b:ed:6c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 19 20:09:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad8c5859f21e4e7367f2a4a57bb112cc92d2d791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b2:2e:9e:0b:00:ca:91:da:6c:97:de:43:b4:
86:c0:f8:4f:3a:f5:f3:5b:0b:58:7a:c0:d0:ca:91:
ab:4d:d9:46:ee:58:08:44:ef:7e:88:56:27:5c:d2:
63:97:b9:ce:8a:93:da:e8:c1:29:99:7a:f6:0a:ae:
9d:a0:73:55:f7:a1:a0:4d:b5:95:a4:1f:1b:45:28:
17:ae:a2:ea:f0:f2:26:d5:8b:3b:a2:71:de:5d:5a:
25:fb:59:60:04:c4:45:79:c1:30:34:eb:26:2d:2f:
73:a3:9b:5e:fd:4a:a6:5e:ba:6b:df:ed:ab:88:41:
46:5f:b3:c7:dd:3b:44:39:1e:39:3a:8b:0d:b5:b4:
6b:6b:c8:5f:4c:3c:a3:69:24:b4:28:c0:7e:46:5a:
d7:7f:a7:02:8c:a7:3c:e3:70:e0:b3:24:04:f5:6f:
44:a7:a6:e1:f3:ef:56:f8:fa:08:0a:13:a0:1c:d2:
61:31:9e:09:a3:7e:9a:76:67:e6:0d:77:24:0c:8c:
4b:98:9e:f7:92:63:6e:68:c3:7e:31:0f:4d:7f:be:
c2:76:17:b3:cc:6f:ff:4d:e7:a9:b2:10:a1:6c:57:
d1:67:c7:bd:f6:73:fb:34:d3:71:4b:cc:4c:a5:74:
c4:cb:4d:7c:fe:bb:c0:03:1b:fa:5c:95:52:8c:26:
03:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:8C:58:59:F2:1E:4E:73:67:F2:A4:A5:7B:B1:12:CC:92:D2:D7:91
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/rYxYWfIeTnNn8qSle7ESzJLS15E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.65.0/24
147.45.193.0/24
193.233.85.0/24
193.233.164.0/24
193.233.171.0/24
193.233.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a7:04:5b:5e:a8:f0:d0:78:23:b6:d5:f4:ed:91:89:e4:1b:
6d:0a:0d:ff:d7:48:24:db:4f:23:c3:95:05:78:5e:7d:c0:4a:
fe:25:fb:10:d5:df:98:ae:f1:82:b1:ce:1f:60:89:cd:83:3d:
ca:90:ee:9b:6d:e2:94:70:4f:22:08:e5:59:8b:5c:49:ad:db:
f3:a7:f0:ca:6f:44:bd:b7:e7:f2:92:02:94:30:82:95:44:8e:
ef:20:46:e7:25:3a:db:fb:43:3c:4d:cd:cc:b6:e2:50:95:8c:
62:0a:a1:5d:e6:8d:52:11:af:5c:57:f4:d8:06:34:f3:54:57:
58:d2:1b:ed:8d:d9:6e:35:17:54:09:a4:13:da:7a:18:7e:b3:
c8:4a:39:8b:41:32:46:6e:e2:84:c0:7b:70:1b:41:84:48:43:
d9:3d:eb:fa:89:c6:9e:e5:95:2e:de:21:29:07:2a:b0:2a:bf:
4b:34:96:cb:82:66:36:e1:7f:24:95:7c:78:ed:57:7d:1f:34:
74:a6:c9:2c:03:a8:5a:c7:c6:53:66:af:2c:db:bb:7b:c1:11:
91:25:1a:c4:78:70:3f:0a:d5:43:a5:75:52:11:04:ba:2e:31:
7e:86:21:4c:e9:a7:08:7a:66:8f:41:3c:76:64:3b:28:3d:6d:
60:f9:c9:f9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZljmIUmoftAaXJiAbab7WzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwOTE5MjAwOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDhjNTg1OWYyMWU0ZTczNjdmMmE0YTU3YmIxMTJjYzkyZDJkNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurIungsAypHabJfeQ7SGwPhPOvXz
WwtYesDQypGrTdlG7lgIRO9+iFYnXNJjl7nOipPa6MEpmXr2Cq6doHNV96GgTbWV
pB8bRSgXrqLq8PIm1Ys7onHeXVol+1lgBMRFecEwNOsmLS9zo5te/UqmXrpr3+2r
iEFGX7PH3TtEOR45OosNtbRra8hfTDyjaSS0KMB+RlrXf6cCjKc843DgsyQE9W9E
p6bh8+9W+PoIChOgHNJhMZ4Jo36admfmDXckDIxLmJ73kmNuaMN+MQ9Nf77Cdhez
zG//TeepshChbFfRZ8e99nP7NNNxS8xMpXTEy018/rvAAxv6XJVSjCYDQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK2MWFnyHk5zZ/KkpXuxEsyS0teRMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvcll4WVdmSWVUbk5uOHFTbGU3RVN6SkxTMTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAky1BAwQA
ky3BAwQAwelVAwQAwemkAwQAwemrAwQAwemvMA0GCSqGSIb3DQEBCwUAA4IBAQBO
pwRbXqjw0HgjttX07ZGJ5BttCg3/10gk208jw5UFeF59wEr+JfsQ1d+YrvGCsc4f
YInNgz3KkO6bbeKUcE8iCOVZi1xJrdvzp/DKb0S9t+fykgKUMIKVRI7vIEbnJTrb
+0M8Tc3MtuJQlYxiCqFd5o1SEa9cV/TYBjTzVFdY0hvtjdluNRdUCaQT2noYfrPI
SjmLQTJGbuKEwHtwG0GESEPZPev6icae5ZUu3iEpByqwKr9LNJbLgmY24X8klXx4
7Vd9HzR0psksA6hax8ZTZq8s27t7wRGRJRrEeHA/CtVDpXVSEQS6LjF+hiFM6acI
emaPQTx2ZDsoPW1g+cn5
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:55:28 2025 by rpki-client