
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YxdhHvGVv6_Tp_nBkSUFRwXKeso.roa
File: YxdhHvGVv6_Tp_nBkSUFRwXKeso.roa (raw, json)
Hash identifier: ofnWLQ86xxH/KgAJsNpRg5fuWwmJ+0MoQvMpD0yrzw4=
Subject key identifier: 63:17:61:1E:F1:95:BF:AF:D3:A7:F9:C1:91:25:05:47:05:CA:7A:CA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0198627370178EC3971FE024556B1C5D5FC2
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YxdhHvGVv6_Tp_nBkSUFRwXKeso.roa
Signing time: Thu 31 Jul 2025 21:46:29 +0000
ROA not before: Thu 31 Jul 2025 21:46:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 147.45.102.0/24 maxlen: 24
147.45.103.0/24 maxlen: 24
147.45.104.0/24 maxlen: 24
147.45.105.0/24 maxlen: 24
147.45.106.0/24 maxlen: 24
147.45.107.0/24 maxlen: 24
147.45.108.0/24 maxlen: 24
147.45.109.0/24 maxlen: 24
147.45.110.0/24 maxlen: 24
147.45.138.0/24 maxlen: 24
147.45.140.0/24 maxlen: 24
147.45.141.0/24 maxlen: 24
147.45.143.0/24 maxlen: 24
147.45.144.0/24 maxlen: 24
147.45.146.0/24 maxlen: 24
147.45.148.0/24 maxlen: 24
147.45.150.0/24 maxlen: 24
147.45.151.0/24 maxlen: 24
147.45.153.0/24 maxlen: 24
147.45.154.0/24 maxlen: 24
147.45.155.0/24 maxlen: 24
147.45.157.0/24 maxlen: 24
147.45.159.0/24 maxlen: 24
147.45.160.0/24 maxlen: 24
147.45.163.0/24 maxlen: 24
147.45.164.0/24 maxlen: 24
147.45.168.0/24 maxlen: 24
147.45.172.0/24 maxlen: 24
147.45.175.0/24 maxlen: 24
147.45.182.0/24 maxlen: 24
147.45.183.0/24 maxlen: 24
147.45.184.0/24 maxlen: 24
147.45.185.0/24 maxlen: 24
147.45.189.0/24 maxlen: 24
147.45.190.0/24 maxlen: 24
147.45.191.0/24 maxlen: 24
147.45.212.0/24 maxlen: 24
147.45.213.0/24 maxlen: 24
147.45.214.0/24 maxlen: 24
147.45.215.0/24 maxlen: 24
147.45.235.0/24 maxlen: 24
147.45.236.0/24 maxlen: 24
147.45.237.0/24 maxlen: 24
147.45.239.0/24 maxlen: 24
147.45.245.0/24 maxlen: 24
147.45.246.0/24 maxlen: 24
147.45.247.0/24 maxlen: 24
147.45.249.0/24 maxlen: 24
147.45.250.0/24 maxlen: 24
147.45.251.0/24 maxlen: 24
147.45.253.0/24 maxlen: 24
147.45.254.0/24 maxlen: 24
193.233.102.0/24 maxlen: 24
193.233.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:62:73:70:17:8e:c3:97:1f:e0:24:55:6b:1c:5d:5f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 31 21:46:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6317611ef195bfafd3a7f9c19125054705ca7aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d9:13:79:22:58:f2:4c:9f:2d:c4:66:e4:80:
d6:cd:34:05:fb:79:5f:00:36:b1:71:8b:8d:84:58:
5c:6a:ec:6d:93:6a:ca:85:3d:f0:ce:36:10:65:70:
1a:21:07:6b:96:c4:27:0b:33:99:ba:81:33:88:71:
7f:48:a1:5c:bc:f1:80:a2:ae:7e:e4:dc:06:ed:f1:
84:0c:d5:34:42:9d:ed:9f:2a:c4:48:2b:f8:9f:60:
02:d6:25:24:88:23:bf:93:03:48:31:e9:2c:72:67:
df:f4:d3:2d:de:f5:86:9e:d6:4f:46:5b:9a:84:12:
bc:d3:3b:0c:a2:b3:d2:4d:87:be:91:5b:d9:19:ad:
14:a1:4a:fa:4e:b1:83:d4:7c:57:28:a1:49:e0:79:
fd:ec:4f:4e:53:75:36:61:2e:77:04:54:ae:fb:68:
e7:9c:ab:fa:55:6a:5e:18:89:15:72:ea:8d:f6:07:
cd:dd:85:4e:22:12:4b:4b:70:8d:e7:07:5f:18:31:
24:32:d6:56:d1:c7:ac:8d:46:f5:1a:6c:32:c6:81:
d4:e3:16:df:c6:a0:60:e6:40:69:3b:6a:67:c8:6e:
2b:9d:00:d7:07:3b:3b:ec:30:45:8e:6e:d7:d5:99:
25:c4:9e:15:c5:a2:7a:e1:36:f1:fa:46:7f:22:c3:
32:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:17:61:1E:F1:95:BF:AF:D3:A7:F9:C1:91:25:05:47:05:CA:7A:CA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YxdhHvGVv6_Tp_nBkSUFRwXKeso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.102.0-147.45.110.255
147.45.138.0/24
147.45.140.0/23
147.45.143.0-147.45.144.255
147.45.146.0/24
147.45.148.0/24
147.45.150.0/23
147.45.153.0-147.45.155.255
147.45.157.0/24
147.45.159.0-147.45.160.255
147.45.163.0-147.45.164.255
147.45.168.0/24
147.45.172.0/24
147.45.175.0/24
147.45.182.0-147.45.185.255
147.45.189.0-147.45.191.255
147.45.212.0/22
147.45.235.0-147.45.237.255
147.45.239.0/24
147.45.245.0-147.45.247.255
147.45.249.0-147.45.251.255
147.45.253.0-147.45.254.255
193.233.102.0/23
Signature Algorithm: sha256WithRSAEncryption
01:01:41:42:4b:d6:48:fa:3c:1a:50:79:f8:52:87:f0:05:6b:
03:98:47:07:82:ed:8c:bc:62:16:4c:26:3b:68:fa:4e:5c:3f:
b4:63:da:ae:ec:0c:12:ff:f5:bd:5d:8a:b0:5d:ff:07:d0:eb:
a4:02:e9:cc:29:c2:59:da:04:99:f1:34:02:f6:bb:74:11:72:
c6:79:9d:1b:96:0a:8b:75:ee:29:33:1b:26:09:58:64:e0:91:
ff:5a:bd:a8:e5:d0:41:90:84:8b:24:f9:f6:b3:c7:5f:33:04:
97:e2:ac:22:ed:dd:42:06:9f:8c:75:01:e6:a1:50:d4:98:7c:
6d:fb:58:86:b9:20:ee:a1:99:8f:92:2d:55:cd:f8:27:8b:35:
b7:ac:ec:45:a3:77:8e:c5:4f:fa:a8:2c:78:93:0a:32:39:dd:
b0:11:5d:d3:7e:e0:13:d2:20:20:da:84:a5:13:12:e4:b7:06:
70:b8:13:86:1b:0e:42:25:41:71:87:1f:4c:3c:d8:42:0a:73:
14:c8:e9:12:69:84:0d:3e:d3:41:dc:0a:f8:8d:8b:3c:a8:40:
c2:c3:9f:c3:51:44:d8:f1:21:22:9e:2f:0a:9b:97:3a:e2:48:
ec:39:39:54:8e:29:d1:c1:cd:3b:0e:6e:d1:57:fd:82:ee:aa:
69:8d:46:9d
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZhic3AXjsOXH+AkVWscXV/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNzMxMjE0NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzE3NjExZWYxOTViZmFmZDNhN2Y5YzE5MTI1MDU0NzA1Y2E3YWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndkTeSJY8kyfLcRm5IDWzTQF+3lf
ADaxcYuNhFhcauxtk2rKhT3wzjYQZXAaIQdrlsQnCzOZuoEziHF/SKFcvPGAoq5+
5NwG7fGEDNU0Qp3tnyrESCv4n2AC1iUkiCO/kwNIMekscmff9NMt3vWGntZPRlua
hBK80zsMorPSTYe+kVvZGa0UoUr6TrGD1HxXKKFJ4Hn97E9OU3U2YS53BFSu+2jn
nKv6VWpeGIkVcuqN9gfN3YVOIhJLS3CN5wdfGDEkMtZW0cesjUb1GmwyxoHU4xbf
xqBg5kBpO2pnyG4rnQDXBzs77DBFjm7X1ZklxJ4VxaJ64Tbx+kZ/IsMy5wIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFGMXYR7xlb+v06f5wZElBUcFynrKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWXhkaEh2R1Z2Nl9UcF9uQmtTVUZSd1hLZXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIwDAME
AZMtZgMEAJMtbgMEAJMtigMEAZMtjDAMAwQAky2PAwQAky2QAwQAky2SAwQAky2U
AwQBky2WMAwDBACTLZkDBAKTLZgDBACTLZ0wDAMEAJMtnwMEAJMtoDAMAwQAky2j
AwQAky2kAwQAky2oAwQAky2sAwQAky2vMAwDBAGTLbYDBAGTLbgwDAMEAJMtvQME
BpMtgAMEApMt1DAMAwQAky3rAwQBky3sAwQAky3vMAwDBACTLfUDBAOTLfAwDAME
AJMt+QMEApMt+DAMAwQAky39AwQAky3+AwQBwelmMA0GCSqGSIb3DQEBCwUAA4IB
AQABAUFCS9ZI+jwaUHn4UofwBWsDmEcHgu2MvGIWTCY7aPpOXD+0Y9qu7AwS//W9
XYqwXf8H0OukAunMKcJZ2gSZ8TQC9rt0EXLGeZ0blgqLde4pMxsmCVhk4JH/Wr2o
5dBBkISLJPn2s8dfMwSX4qwi7d1CBp+MdQHmoVDUmHxt+1iGuSDuoZmPki1Vzfgn
izW3rOxFo3eOxU/6qCx4kwoyOd2wEV3TfuAT0iAg2oSlExLktwZwuBOGGw5CJUFx
hx9MPNhCCnMUyOkSaYQNPtNB3Ar4jYs8qEDCw5/DUUTY8SEini8Km5c64kjsOTlU
jinRwc07Dm7RV/2C7qppjUad
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:16:00 2025 by rpki-client