Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I7rXJ8sGYpr3IfQdkDliqAcufFI.roa
File: I7rXJ8sGYpr3IfQdkDliqAcufFI.roa (raw, json)
Hash identifier: iU7aTdsL/WLHvOR/UzmzjzBXJzuV/lSV4ezbcXRI8vo=
Subject key identifier: 23:BA:D7:27:CB:06:62:9A:F7:21:F4:1D:90:39:62:A8:07:2E:7C:52
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019671727E2211DC7F74F17CE27062433FD1
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I7rXJ8sGYpr3IfQdkDliqAcufFI.roa
Signing time: Sat 26 Apr 2025 09:34:10 +0000
ROA not before: Sat 26 Apr 2025 09:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.38.0/23 maxlen: 23
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:71:72:7e:22:11:dc:7f:74:f1:7c:e2:70:62:43:3f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 26 09:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23bad727cb06629af721f41d903962a8072e7c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:37:4c:fc:03:f0:ce:1d:41:13:ed:87:87:
b8:87:ca:77:8a:a0:c8:8d:52:e6:f0:cf:78:ae:b0:
dc:ca:ee:74:c1:0f:72:8a:ba:c7:80:59:b6:b0:8c:
b4:23:b8:23:dc:6c:ea:7f:43:02:c3:38:55:d4:c7:
36:20:4e:f6:cc:7c:d6:fc:05:c6:a4:8f:09:e8:8e:
33:17:05:d6:b3:41:7d:1c:9e:85:a1:6d:f6:21:ce:
33:dc:00:c5:cb:ba:3f:4a:51:7e:9f:6e:72:2a:63:
84:d0:2e:59:f2:e6:30:59:5b:75:1d:1b:66:eb:58:
1f:9b:68:4e:76:53:a1:88:35:25:36:4e:2a:40:2a:
18:cc:6a:97:02:67:bc:74:e5:5f:8d:32:86:60:33:
f6:68:c7:61:ed:ff:fd:64:8a:a4:b7:78:9a:59:69:
06:2c:6a:22:a2:70:7d:69:6a:83:19:2f:f0:b1:40:
1e:e6:de:c4:65:5f:a5:50:11:eb:a4:48:e9:b9:24:
6e:4d:79:f1:f6:91:b1:a3:ae:40:c9:0c:b7:b9:cc:
7c:b6:f9:42:aa:7e:d8:b9:05:0f:b2:5b:87:7d:2f:
00:95:a0:9f:75:9f:34:20:08:70:48:7f:35:24:c5:
f4:a7:ca:0e:da:88:ce:bc:8c:ac:4e:d9:00:53:a1:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:BA:D7:27:CB:06:62:9A:F7:21:F4:1D:90:39:62:A8:07:2E:7C:52
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/I7rXJ8sGYpr3IfQdkDliqAcufFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.38.0/23
163.5.60.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0-163.5.102.255
163.5.108.0/23
163.5.114.0/24
163.5.116.0/23
163.5.130.0/24
163.5.147.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.226.0-163.5.228.255
163.5.238.0/24
163.5.240.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:1b:0a:ba:36:9f:4b:bf:9d:a0:fd:f5:cc:ef:cd:46:03:19:
93:8f:5b:d6:77:b5:68:7e:21:e5:7e:11:9e:e6:fd:10:44:81:
14:13:85:e8:a0:96:4d:c1:5f:35:f1:62:72:ab:b7:ca:61:c7:
3a:dc:1a:d9:01:b2:5d:fc:77:96:6e:11:48:4a:64:dd:31:42:
c6:52:bb:79:87:7c:c9:ab:e8:60:77:7e:e1:23:9d:9a:38:a9:
ae:8f:96:a7:63:db:5d:62:b8:a0:0e:6e:e1:85:bb:d8:82:30:
c9:3d:5d:83:5f:d1:c3:dc:a5:ed:bf:5d:84:6a:5f:76:b4:b0:
84:0b:ca:4a:f8:87:71:5c:72:0a:02:a7:bf:58:09:bf:42:75:
ca:c5:9a:25:52:03:83:dd:b8:4a:ae:ef:7b:67:da:35:2c:3f:
30:3e:b7:e7:d2:52:e6:f6:47:a9:bc:fb:cd:34:f9:d4:b5:0a:
24:51:27:6c:a7:93:5a:26:18:fb:6d:9a:79:02:e5:e9:d5:20:
7b:1b:f9:b0:49:f4:9c:e1:1d:33:88:63:d2:b6:cb:dc:81:10:
1d:13:32:de:09:c6:fd:5b:06:f0:7f:ff:db:27:f9:be:ec:3e:
75:ec:4a:1d:76:75:ba:d1:6a:70:81:84:61:f1:95:e9:7a:05:
ad:31:3b:b9
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZZxcn4iEdx/dPF84nBiQz/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNDI2MDkzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2JhZDcyN2NiMDY2MjlhZjcyMWY0MWQ5MDM5NjJhODA3MmU3YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTY3TPwD8M4dQRPth4e4h8p3iqDI
jVLm8M94rrDcyu50wQ9yirrHgFm2sIy0I7gj3Gzqf0MCwzhV1Mc2IE72zHzW/AXG
pI8J6I4zFwXWs0F9HJ6FoW32Ic4z3ADFy7o/SlF+n25yKmOE0C5Z8uYwWVt1HRtm
61gfm2hOdlOhiDUlNk4qQCoYzGqXAme8dOVfjTKGYDP2aMdh7f/9ZIqkt3iaWWkG
LGoionB9aWqDGS/wsUAe5t7EZV+lUBHrpEjpuSRuTXnx9pGxo65AyQy3ucx8tvlC
qn7YuQUPsluHfS8AlaCfdZ80IAhwSH81JMX0p8oO2ojOvIysTtkAU6ET1wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFCO61yfLBmKa9yH0HZA5YqgHLnxSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSTdyWEo4c0dZcHIzSWZRZGtEbGlxQWN1ZkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBACj
BSIDBAGjBSYDBACjBTwDBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAMEAKMFZgME
AaMFbAMEAKMFcgMEAaMFdAMEAKMFggMEAKMFkwMEAKMFrgMEAKMFvQMEAKMFwDAM
AwQBowXiAwQAowXkAwQAowXuAwQAowXwAwQAowXzMA0GCSqGSIb3DQEBCwUAA4IB
AQB6Gwq6Np9Lv52g/fXM781GAxmTj1vWd7VofiHlfhGe5v0QRIEUE4XooJZNwV81
8WJyq7fKYcc63BrZAbJd/HeWbhFISmTdMULGUrt5h3zJq+hgd37hI52aOKmuj5an
Y9tdYrigDm7hhbvYgjDJPV2DX9HD3KXtv12Eal92tLCEC8pK+IdxXHIKAqe/WAm/
QnXKxZolUgOD3bhKru97Z9o1LD8wPrfn0lLm9kepvPvNNPnUtQokUSdsp5NaJhj7
bZp5AuXp1SB7G/mwSfSc4R0ziGPStsvcgRAdEzLeCcb9Wwbwf//bJ/m+7D517Eod
dnW60WpwgYRh8ZXpegWtMTu5
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:08:05 2025 by rpki-client