
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GZf_h_n7LcJ9WlDRs4kABJYYboo.roa
File: GZf_h_n7LcJ9WlDRs4kABJYYboo.roa (raw, json)
Hash identifier: KZxSnyJzNrAWugOKKxsZAY0Uo/W9U3APH5TrvC2HiB4=
Subject key identifier: 19:97:FF:87:F9:FB:2D:C2:7D:5A:50:D1:B3:89:00:04:96:18:6E:8A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01985BED8659C136D732F04F1A9BAB24FA00
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GZf_h_n7LcJ9WlDRs4kABJYYboo.roa
Signing time: Wed 30 Jul 2025 15:22:29 +0000
ROA not before: Wed 30 Jul 2025 15:22:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:ed:86:59:c1:36:d7:32:f0:4f:1a:9b:ab:24:fa:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 30 15:22:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1997ff87f9fb2dc27d5a50d1b389000496186e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d3:9e:f4:f6:20:9a:17:b9:7f:7e:5e:c7:4b:
1b:fd:2a:1b:de:a5:9a:a6:89:a3:05:a7:cc:b4:cb:
09:d4:fe:cc:3b:3c:4f:13:ab:86:b5:91:73:1c:1e:
85:d3:e8:24:be:74:94:66:a4:0b:7f:03:91:5d:09:
6d:de:ef:14:c1:2c:cb:93:f0:30:42:53:b0:58:bb:
5e:41:8d:d0:95:5d:55:48:f8:f3:fb:66:de:c2:b7:
07:bd:ad:e0:fe:c1:2d:bc:62:1d:58:5b:aa:12:af:
38:f4:b6:0e:aa:0f:50:5f:36:79:54:fe:d2:93:6f:
3f:0e:dd:32:02:03:5f:90:44:29:f8:2e:51:d9:42:
78:7f:e8:84:4f:28:b5:10:ec:80:37:54:1a:28:db:
48:74:2f:03:2f:62:b3:32:de:fe:b4:f7:83:9c:d9:
e2:2f:df:f2:23:24:b9:9b:35:c6:01:e4:1d:b7:66:
92:17:ee:08:92:91:86:a1:d7:a9:e2:6b:b3:cf:58:
58:55:b3:ef:f1:fc:29:5c:a9:2a:47:45:05:df:02:
59:fe:c0:dc:8f:68:e2:7a:86:15:4a:e9:d2:0e:5d:
40:81:66:bf:db:2a:b9:64:8a:ae:dd:a1:27:8e:b6:
5a:7a:1b:55:f3:d7:e2:55:eb:69:e5:fe:30:cc:8b:
1e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:97:FF:87:F9:FB:2D:C2:7D:5A:50:D1:B3:89:00:04:96:18:6E:8A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/GZf_h_n7LcJ9WlDRs4kABJYYboo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.134.0/24
163.5.173.0/24
163.5.231.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:e8:3f:ee:8b:d7:ce:6f:10:ae:e0:52:6e:8f:bc:47:c0:b9:
11:ac:7c:51:18:01:c4:e7:cf:09:f7:e4:a6:39:c7:4d:9a:08:
d6:fd:77:44:27:ce:4d:4f:0d:c4:e2:79:ad:cb:bb:65:23:3c:
70:8f:ca:af:51:31:5c:57:40:d8:9f:0d:82:19:14:3c:bd:72:
e3:ef:17:ff:6d:8c:a1:99:ac:e0:c6:46:8b:c8:e0:b2:ad:a3:
8e:a9:4d:59:54:2b:28:b1:57:cc:fc:42:2d:1a:27:0d:41:2d:
68:f3:d3:b8:eb:ae:ad:ea:4d:c2:88:0e:b4:a7:43:51:59:f5:
bd:24:3d:92:07:2a:79:f7:fb:15:e8:f4:85:db:fd:e6:e2:c4:
d5:81:70:ef:2b:6f:20:01:ab:e4:19:4f:7a:f1:99:87:00:b9:
cc:35:12:aa:b0:dd:b5:65:ef:a4:05:4c:64:87:64:8d:df:9b:
ef:45:3e:8f:12:39:b1:c9:8b:d1:16:92:15:ca:15:e5:12:91:
0e:61:e4:5a:b6:0c:34:a0:d3:84:89:c8:72:25:21:19:40:6c:
ab:9b:60:73:43:3d:3e:c4:03:9f:bb:49:97:c7:87:c0:9b:c2:
b8:51:8e:0b:cc:0a:6b:fc:65:6a:0a:86:79:28:6a:00:89:3a:
70:99:80:be
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhb7YZZwTbXMvBPGpurJPoAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNzMwMTUyMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTk3ZmY4N2Y5ZmIyZGMyN2Q1YTUwZDFiMzg5MDAwNDk2MTg2ZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9Oe9PYgmhe5f35ex0sb/Sob3qWa
pomjBafMtMsJ1P7MOzxPE6uGtZFzHB6F0+gkvnSUZqQLfwORXQlt3u8UwSzLk/Aw
QlOwWLteQY3QlV1VSPjz+2bewrcHva3g/sEtvGIdWFuqEq849LYOqg9QXzZ5VP7S
k28/Dt0yAgNfkEQp+C5R2UJ4f+iETyi1EOyAN1QaKNtIdC8DL2KzMt7+tPeDnNni
L9/yIyS5mzXGAeQdt2aSF+4IkpGGodep4muzz1hYVbPv8fwpXKkqR0UF3wJZ/sDc
j2jieoYVSunSDl1AgWa/2yq5ZIqu3aEnjrZaehtV89fiVetp5f4wzIsevwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBmX/4f5+y3CfVpQ0bOJAASWGG6KMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvR1pmX2hfbjdMY0o5V2xEUnM0a0FCSllZYm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUzAwQA
owWGAwQAowWtAwQAowXnAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQCf6D/ui9fO
bxCu4FJuj7xHwLkRrHxRGAHE588J9+SmOcdNmgjW/XdEJ85NTw3E4nmty7tlIzxw
j8qvUTFcV0DYnw2CGRQ8vXLj7xf/bYyhmazgxkaLyOCyraOOqU1ZVCsosVfM/EIt
GicNQS1o89O4666t6k3CiA60p0NRWfW9JD2SByp59/sV6PSF2/3m4sTVgXDvK28g
AavkGU968ZmHALnMNRKqsN21Ze+kBUxkh2SN35vvRT6PEjmxyYvRFpIVyhXlEpEO
YeRatgw0oNOEichyJSEZQGyrm2BzQz0+xAOfu0mXx4fAm8K4UY4LzApr/GVqCoZ5
KGoAiTpwmYC+
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:16:56 2025 by rpki-client