Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Pdd0veo-C2taQbQBogXAWDR2o5E.roa
File: Pdd0veo-C2taQbQBogXAWDR2o5E.roa (raw, json)
Hash identifier: PxE2lyTjBuNB4YvI9C6lExQaQhdAaVbue0HqnTThBk4=
Subject key identifier: 3D:D7:74:BD:EA:3E:0B:6B:5A:41:B4:01:A2:05:C0:58:34:76:A3:91
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019A3F179D1AB08327AF1AAEBED10ED6392D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Pdd0veo-C2taQbQBogXAWDR2o5E.roa
Signing time: Sat 01 Nov 2025 11:05:03 +0000
ROA not before: Sat 01 Nov 2025 11:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216068
IP address blocks: 147.45.176.0/24 maxlen: 24
147.45.188.0/24 maxlen: 24
193.233.80.0/24 maxlen: 24
193.233.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:17:9d:1a:b0:83:27:af:1a:ae:be:d1:0e:d6:39:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Nov 1 11:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dd774bdea3e0b6b5a41b401a205c0583476a391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:36:f3:a0:7d:b2:a7:84:50:27:0b:2c:c2:0c:
c6:9e:db:b0:a2:85:cf:8a:69:62:89:7c:af:a6:64:
27:81:7c:8b:f1:d8:8b:cb:76:da:36:4c:65:10:66:
5b:04:8f:df:c6:21:fa:7c:74:be:a9:cf:ea:96:a7:
7e:f6:1e:e9:63:23:45:20:dc:6d:84:06:be:03:b6:
98:19:9b:af:55:b7:8a:10:83:36:17:ef:e4:8e:0c:
f3:38:8e:ee:f1:85:e5:ed:ae:45:a3:e6:6a:84:33:
a7:f9:0e:52:38:61:44:62:1f:ca:a9:c2:b9:28:8a:
53:02:26:75:52:fa:1d:f3:bf:c4:bd:21:de:0f:d2:
c6:1a:a8:81:23:ad:02:e5:a1:9e:06:ca:77:6d:ae:
1f:57:d6:5d:3a:f3:0e:83:fe:e4:31:bb:c6:0b:e0:
b3:32:51:bc:a6:e3:24:25:42:1e:8f:7c:03:4b:ca:
60:bb:69:17:00:58:f5:75:ac:d1:1d:71:1e:bf:f4:
bd:a8:2e:72:1f:5f:0a:8b:19:a5:f3:21:a3:3a:35:
33:60:5e:62:41:f9:5c:d0:c1:e9:3e:fd:e6:37:36:
50:d1:c3:3a:1c:f2:4e:75:b7:74:78:16:36:b2:e5:
6b:70:8e:60:4d:34:a4:aa:92:e0:ed:7c:c5:98:ba:
58:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D7:74:BD:EA:3E:0B:6B:5A:41:B4:01:A2:05:C0:58:34:76:A3:91
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/Pdd0veo-C2taQbQBogXAWDR2o5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.176.0/24
147.45.188.0/24
193.233.80.0/24
193.233.165.0/24
Signature Algorithm: sha256WithRSAEncryption
41:36:97:96:59:14:f6:85:61:b1:01:db:6b:34:9c:3b:a8:43:
66:6b:99:f7:65:c8:e5:89:62:73:a8:94:00:ea:43:c6:f9:2e:
72:15:41:6b:b6:e9:21:31:e4:b9:be:61:27:88:50:11:b8:4f:
c3:ac:b7:a7:77:76:82:70:9e:33:ce:27:b9:3e:ce:0b:d2:1f:
e0:2f:39:b5:00:5a:5f:5d:b7:07:0c:26:ad:16:d5:3e:df:51:
89:9c:46:90:6a:dd:59:a8:f4:52:f1:f6:9e:f3:d4:da:84:d1:
3c:fe:88:5a:f6:1d:3d:af:01:c1:74:9b:38:9a:06:33:42:75:
ce:5a:d3:bb:6c:43:ac:f3:17:a2:0f:68:9a:ea:40:0b:d8:b1:
5f:35:7c:f5:f4:b7:6b:d2:70:de:9a:48:24:15:10:9d:26:d6:
76:dd:26:6c:38:62:30:4d:d4:17:4e:4c:be:c2:6a:0d:62:44:
03:a4:39:44:a9:98:1b:5e:78:68:50:ca:92:ef:b8:d8:fc:60:
14:68:a7:3d:95:4e:b6:83:f4:fb:26:64:9a:d2:f7:ae:cd:16:
19:5e:81:12:af:7f:2f:6b:5d:83:2e:5e:1b:83:23:97:0f:4c:
25:19:57:9e:9a:61:88:ab:94:01:b1:b0:03:7a:e5:a7:c1:73:
69:fc:a9:64
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZo/F50asIMnrxquvtEO1jktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUxMTAxMTEwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGQ3NzRiZGVhM2UwYjZiNWE0MWI0MDFhMjA1YzA1ODM0NzZhMzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTbzoH2yp4RQJwsswgzGntuwooXP
imliiXyvpmQngXyL8diLy3baNkxlEGZbBI/fxiH6fHS+qc/qlqd+9h7pYyNFINxt
hAa+A7aYGZuvVbeKEIM2F+/kjgzzOI7u8YXl7a5Fo+ZqhDOn+Q5SOGFEYh/KqcK5
KIpTAiZ1Uvod87/EvSHeD9LGGqiBI60C5aGeBsp3ba4fV9ZdOvMOg/7kMbvGC+Cz
MlG8puMkJUIej3wDS8pgu2kXAFj1dazRHXEev/S9qC5yH18Kixml8yGjOjUzYF5i
Qflc0MHpPv3mNzZQ0cM6HPJOdbd0eBY2suVrcI5gTTSkqpLg7XzFmLpY1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD3XdL3qPgtrWkG0AaIFwFg0dqORMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvUGRkMHZlby1DMnRhUWJRQm9nWEFXRFIybzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAky2wAwQA
ky28AwQAwelQAwQAwemlMA0GCSqGSIb3DQEBCwUAA4IBAQBBNpeWWRT2hWGxAdtr
NJw7qENma5n3ZcjliWJzqJQA6kPG+S5yFUFrtukhMeS5vmEniFARuE/DrLend3aC
cJ4zzie5Ps4L0h/gLzm1AFpfXbcHDCatFtU+31GJnEaQat1ZqPRS8fae89TahNE8
/oha9h09rwHBdJs4mgYzQnXOWtO7bEOs8xeiD2ia6kAL2LFfNXz19Ldr0nDemkgk
FRCdJtZ23SZsOGIwTdQXTky+wmoNYkQDpDlEqZgbXnhoUMqS77jY/GAUaKc9lU62
g/T7JmSa0veuzRYZXoESr38va12DLl4bgyOXD0wlGVeemmGIq5QBsbADeuWnwXNp
/Klk
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:30:53 2025 by rpki-client