Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jKeyx-kJ15yoWw0hBC1ASOT94Gs.roa
File: jKeyx-kJ15yoWw0hBC1ASOT94Gs.roa (raw, json)
Hash identifier: u9Rkooh28b+wXbljOJuevE+YxUpqgZmlH/2IDQIG+rM=
Subject key identifier: 8C:A7:B2:C7:E9:09:D7:9C:A8:5B:0D:21:04:2D:40:48:E4:FD:E0:6B
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0196D02ECE61EC95350E3583C3383C324535
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jKeyx-kJ15yoWw0hBC1ASOT94Gs.roa
Signing time: Wed 14 May 2025 19:04:10 +0000
ROA not before: Wed 14 May 2025 19:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 147.45.48.0/24 maxlen: 24
147.45.118.0/24 maxlen: 24
147.45.119.0/24 maxlen: 24
147.45.211.0/24 maxlen: 24
193.233.18.0/24 maxlen: 24
193.233.48.0/24 maxlen: 24
193.233.49.0/24 maxlen: 24
193.233.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:2e:ce:61:ec:95:35:0e:35:83:c3:38:3c:32:45:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 14 19:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ca7b2c7e909d79ca85b0d21042d4048e4fde06b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fd:59:45:b5:f0:35:35:06:b8:b8:1c:e9:51:
c0:42:1f:a7:be:9a:af:34:7c:7b:57:89:6f:ab:e4:
6a:07:63:1a:a4:f5:34:2f:0e:cb:e2:f0:a3:5e:1b:
30:f1:dc:0a:0e:9e:0e:58:5e:d6:13:4b:ae:c3:0b:
18:50:96:b3:cd:5e:3b:25:24:ec:fd:aa:10:41:dd:
69:bf:86:52:11:2c:fb:a6:f3:21:f5:12:b7:7f:c9:
95:04:dc:bf:79:3d:b3:6e:bd:42:c3:57:02:0b:a6:
e6:80:72:54:ca:56:fe:9e:42:56:51:8f:06:fa:c5:
42:6d:3e:04:d2:a4:6c:fd:28:17:df:ef:e7:d9:95:
d6:9c:bc:f2:00:91:47:bd:d4:27:ee:16:85:47:19:
56:cd:25:5a:60:47:25:48:6b:89:b9:42:e9:0a:33:
29:c5:af:ff:14:9f:5a:96:0f:de:99:ab:13:35:48:
a7:68:62:a3:df:13:5d:7b:09:ca:a6:72:e1:be:d1:
75:0b:78:9d:6b:44:3a:b9:78:83:d7:e9:7c:24:0e:
63:58:9c:c8:31:a3:bc:5a:32:ab:c8:a1:4c:e4:ed:
1e:84:83:84:bc:da:cc:b1:cd:6e:a1:9a:2f:36:a9:
4f:e1:ba:69:a1:90:72:a7:28:a8:ea:d1:18:61:f5:
26:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:A7:B2:C7:E9:09:D7:9C:A8:5B:0D:21:04:2D:40:48:E4:FD:E0:6B
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/jKeyx-kJ15yoWw0hBC1ASOT94Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.48.0/24
147.45.118.0/23
147.45.211.0/24
193.233.18.0/24
193.233.48.0/23
193.233.84.0/24
Signature Algorithm: sha256WithRSAEncryption
94:4c:3c:2a:60:4c:4e:be:74:d7:aa:6d:6e:8d:0e:0e:e4:f3:
60:b5:05:39:c2:c0:16:d2:b3:f3:78:31:70:97:40:ed:f0:bc:
26:11:97:6c:0c:92:db:24:9c:cd:11:76:91:82:1d:27:08:ea:
df:9e:29:3a:26:77:2e:fc:89:73:e3:02:03:b4:61:d8:a9:c8:
b4:38:e5:6e:fd:ae:1d:d4:8f:92:7b:29:c7:71:fa:7c:f1:e9:
b7:de:98:df:b3:38:0c:bd:bf:82:9f:1a:04:b7:19:9d:ec:d0:
cf:71:ea:52:0c:2f:41:61:44:24:dd:e2:4c:7e:dd:d5:d1:d4:
21:b2:b3:4e:c2:74:05:e9:2f:b8:6a:a8:d5:e7:0a:66:fb:8b:
41:15:bc:18:0c:38:70:95:ce:40:dd:e8:a7:4a:71:4c:30:90:
5c:cf:e8:88:fb:e4:30:35:94:e1:fe:a2:c3:c4:ac:80:8f:61:
f4:25:29:93:90:25:dc:e5:bf:b6:64:f4:db:f6:89:7b:3e:5e:
7a:df:79:18:d1:5c:d2:03:85:7c:f2:4e:7f:74:59:08:38:63:
10:5d:fe:e2:87:27:b9:ef:b8:7b:19:52:27:5c:af:b7:ac:4d:
17:4a:b7:63:56:4b:34:e0:6e:2f:a2:7a:e3:61:3b:8e:03:8f:
37:d9:dc:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbQLs5h7JU1DjWDwzg8MkU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNTE0MTkwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2E3YjJjN2U5MDlkNzljYTg1YjBkMjEwNDJkNDA0OGU0ZmRlMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvv1ZRbXwNTUGuLgc6VHAQh+nvpqv
NHx7V4lvq+RqB2MapPU0Lw7L4vCjXhsw8dwKDp4OWF7WE0uuwwsYUJazzV47JSTs
/aoQQd1pv4ZSESz7pvMh9RK3f8mVBNy/eT2zbr1Cw1cCC6bmgHJUylb+nkJWUY8G
+sVCbT4E0qRs/SgX3+/n2ZXWnLzyAJFHvdQn7haFRxlWzSVaYEclSGuJuULpCjMp
xa//FJ9alg/emasTNUinaGKj3xNdewnKpnLhvtF1C3ida0Q6uXiD1+l8JA5jWJzI
MaO8WjKryKFM5O0ehIOEvNrMsc1uoZovNqlP4bppoZBypyio6tEYYfUmvQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIynssfpCdecqFsNIQQtQEjk/eBrMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaktleXgta0oxNXlvV3cwaEJDMUFTT1Q5NEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAky0wAwQB
ky12AwQAky3TAwQAwekSAwQBwekwAwQAwelUMA0GCSqGSIb3DQEBCwUAA4IBAQCU
TDwqYExOvnTXqm1ujQ4O5PNgtQU5wsAW0rPzeDFwl0Dt8LwmEZdsDJLbJJzNEXaR
gh0nCOrfnik6Jncu/Ilz4wIDtGHYqci0OOVu/a4d1I+SeynHcfp88em33pjfszgM
vb+CnxoEtxmd7NDPcepSDC9BYUQk3eJMft3V0dQhsrNOwnQF6S+4aqjV5wpm+4tB
FbwYDDhwlc5A3einSnFMMJBcz+iI++QwNZTh/qLDxKyAj2H0JSmTkCXc5b+2ZPTb
9ol7Pl5633kY0VzSA4V88k5/dFkIOGMQXf7ihye577h7GVInXK+3rE0XSrdjVks0
4G4vonrjYTuOA4832dw0
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:59:07 2025 by rpki-client