Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHqFe21-Rt5YYsBlA51TIR0yrgU.roa
File: FHqFe21-Rt5YYsBlA51TIR0yrgU.roa (raw, json)
Hash identifier: VyJLaa46NhY/YWR5Nty5adbrB12tIIKFYBJsesRA6+w=
Subject key identifier: 14:7A:85:7B:6D:7E:46:DE:58:62:C0:65:03:9D:53:21:1D:32:AE:05
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01984D08E653A5719AC96FAB867A38C52D87
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHqFe21-Rt5YYsBlA51TIR0yrgU.roa
Signing time: Sun 27 Jul 2025 17:58:05 +0000
ROA not before: Sun 27 Jul 2025 17:58:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399486
IP address blocks: 163.5.32.0/24 maxlen: 24
163.5.64.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.169.0/24 maxlen: 24
163.5.210.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:08:e6:53:a5:71:9a:c9:6f:ab:86:7a:38:c5:2d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 27 17:58:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=147a857b6d7e46de5862c065039d53211d32ae05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b5:a0:41:52:20:e2:af:dc:cb:6a:ac:7b:3c:
8f:5a:9b:de:cf:d9:b5:ed:51:53:e3:44:2f:58:6c:
ed:af:fe:00:aa:08:32:3b:70:12:2e:c7:88:1f:02:
ef:58:6c:a4:99:3b:d2:58:a1:db:e9:54:13:c4:1b:
2a:95:78:22:23:de:db:6c:2a:60:27:9f:ea:a6:b9:
f1:ff:b5:41:49:2f:bf:75:57:eb:22:f2:49:0f:d7:
b5:c8:82:64:c9:e1:f3:db:96:5e:1d:e5:e2:58:b9:
09:89:9e:43:25:11:b3:70:a5:67:e7:58:4d:2e:7f:
19:89:36:02:6a:23:78:3f:f4:5d:59:a4:64:82:67:
7e:a8:9d:b7:a2:ac:f9:e5:76:ba:ae:a7:97:cc:ee:
0d:af:1f:01:dd:05:15:53:18:91:4e:2c:43:a7:c8:
ba:44:8d:03:77:14:92:f1:0c:c8:54:0a:0d:2d:e0:
98:d3:7b:42:40:3c:21:54:bd:f7:71:df:c7:59:2d:
64:32:0d:00:d5:0a:e2:5a:e2:dc:72:9b:82:7f:be:
b8:85:53:9b:28:59:1d:81:f8:1e:05:7a:52:ce:5f:
da:d9:74:17:30:73:9e:3a:44:26:86:06:96:d4:19:
4f:a6:31:4a:49:94:67:cf:24:7a:ab:90:7b:91:1e:
7d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7A:85:7B:6D:7E:46:DE:58:62:C0:65:03:9D:53:21:1D:32:AE:05
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/FHqFe21-Rt5YYsBlA51TIR0yrgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.32.0/24
163.5.64.0/24
163.5.112.0/24
163.5.160.0/24
163.5.169.0/24
163.5.210.0/24
163.5.221.0/24
Signature Algorithm: sha256WithRSAEncryption
92:8c:7c:8f:0d:85:70:59:22:ec:59:6a:bd:bf:35:93:3a:86:
e7:94:2f:ab:fa:14:cf:78:a7:07:09:0c:39:fd:ea:ae:11:d1:
59:0a:f7:eb:ee:2e:85:00:4f:c1:80:35:ef:35:8c:31:27:58:
89:59:bc:ba:a2:af:df:5d:12:bc:e4:dc:71:cc:f9:60:50:01:
b0:c1:68:f1:11:e9:96:34:71:75:35:45:58:4e:88:ab:95:1d:
20:59:40:85:b2:e1:b9:4e:ff:7c:a5:15:b7:17:d1:0d:e5:05:
c6:74:4f:67:83:34:6e:70:66:85:92:37:8b:05:2d:ba:dd:77:
bf:ac:84:96:1d:8c:ab:9e:38:3e:2f:aa:3f:1f:8b:b8:bd:4b:
28:41:04:ff:da:42:cf:23:c3:94:15:f1:4c:10:00:85:d7:ed:
63:69:3a:71:ee:f6:e1:b7:dc:2b:57:82:fd:bb:7f:20:04:51:
0f:5b:cd:b6:ac:11:f9:70:32:9c:61:19:aa:08:9f:f3:44:c4:
06:d8:8c:b6:fd:b8:45:67:16:02:6d:79:31:e8:36:d7:31:c8:
c1:ff:a3:ea:cc:c6:21:8a:e8:48:76:2f:19:67:3b:eb:66:9d:
15:4c:ad:51:12:c8:ca:a6:ac:d2:1a:ef:6c:d9:d2:a6:6d:b7:
db:66:9a:90
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZhNCOZTpXGayW+rhno4xS2HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNzI3MTc1ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdhODU3YjZkN2U0NmRlNTg2MmMwNjUwMzlkNTMyMTFkMzJhZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7WgQVIg4q/cy2qsezyPWpvez9m1
7VFT40QvWGztr/4AqggyO3ASLseIHwLvWGykmTvSWKHb6VQTxBsqlXgiI97bbCpg
J5/qprnx/7VBSS+/dVfrIvJJD9e1yIJkyeHz25ZeHeXiWLkJiZ5DJRGzcKVn51hN
Ln8ZiTYCaiN4P/RdWaRkgmd+qJ23oqz55Xa6rqeXzO4Nrx8B3QUVUxiRTixDp8i6
RI0DdxSS8QzIVAoNLeCY03tCQDwhVL33cd/HWS1kMg0A1QriWuLccpuCf764hVOb
KFkdgfgeBXpSzl/a2XQXMHOeOkQmhgaW1BlPpjFKSZRnzyR6q5B7kR59EwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBR6hXttfkbeWGLAZQOdUyEdMq4FMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRkhxRmUyMS1SdDVZWXNCbEE1MVRJUjB5cmdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAowUgAwQA
owVAAwQAowVwAwQAowWgAwQAowWpAwQAowXSAwQAowXdMA0GCSqGSIb3DQEBCwUA
A4IBAQCSjHyPDYVwWSLsWWq9vzWTOobnlC+r+hTPeKcHCQw5/equEdFZCvfr7i6F
AE/BgDXvNYwxJ1iJWby6oq/fXRK85NxxzPlgUAGwwWjxEemWNHF1NUVYToirlR0g
WUCFsuG5Tv98pRW3F9EN5QXGdE9ngzRucGaFkjeLBS263Xe/rISWHYyrnjg+L6o/
H4u4vUsoQQT/2kLPI8OUFfFMEACF1+1jaTpx7vbht9wrV4L9u38gBFEPW822rBH5
cDKcYRmqCJ/zRMQG2Iy2/bhFZxYCbXkx6DbXMcjB/6PqzMYhiuhIdi8ZZzvrZp0V
TK1REsjKpqzSGu9s2dKmbbfbZpqQ
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:21:43 2025 by rpki-client