Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KEjWVLGlSpDJb8rsjRGsS-Yqy-o.roa
File: KEjWVLGlSpDJb8rsjRGsS-Yqy-o.roa (raw, json)
Hash identifier: OMSZ8r61xv7sUia17MynaZHDHtgtNFQnVlOXs5D4pk8=
Subject key identifier: 28:48:D6:54:B1:A5:4A:90:C9:6F:CA:EC:8D:11:AC:4B:E6:2A:CB:EA
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01974F0D4148371D14DB7BF958990B521286
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KEjWVLGlSpDJb8rsjRGsS-Yqy-o.roa
Signing time: Sun 08 Jun 2025 10:19:18 +0000
ROA not before: Sun 08 Jun 2025 10:19:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.66.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:0d:41:48:37:1d:14:db:7b:f9:58:99:0b:52:12:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 8 10:19:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2848d654b1a54a90c96fcaec8d11ac4be62acbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7c:f4:1b:f6:d6:cc:be:96:aa:08:fb:4f:06:
08:46:86:58:fe:8e:10:88:a4:52:90:cc:a9:18:13:
c7:b0:4a:8c:5e:a6:df:2a:29:95:94:59:14:2c:e6:
65:bc:d4:1e:e6:69:51:09:75:05:7f:9b:23:fe:cf:
ed:99:6a:20:42:ed:49:e9:7e:ab:3a:e6:1a:65:bf:
72:3a:3d:0c:bf:84:20:43:79:34:62:2f:9a:85:7f:
c7:dc:1b:d4:26:42:dc:39:3a:3e:c4:9a:ff:f9:41:
a0:01:3b:be:92:27:8f:d4:9f:89:0b:b4:a9:6a:5b:
7e:0f:59:5b:52:f3:dc:d8:dc:0c:e2:84:49:32:5b:
40:e8:fd:c0:82:77:73:d4:b2:3d:d1:f1:f2:7e:a1:
0c:6e:f2:5c:6e:0e:24:7a:6c:b5:0a:e5:9a:bd:e8:
3c:71:68:30:e7:f4:ca:d7:20:03:b4:eb:a9:76:76:
5f:96:74:1b:c6:fa:e9:a2:35:1c:4d:37:99:44:98:
6e:e6:fb:34:e1:1c:09:79:e0:b9:3f:c7:2e:7b:f2:
7e:60:35:af:ad:89:67:04:20:d1:4e:f7:6c:22:83:
ac:af:5c:6d:bb:25:4f:9d:8d:67:7d:38:6e:3b:eb:
fe:ce:65:75:82:de:90:b9:b2:c0:b2:09:3d:bd:5f:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:48:D6:54:B1:A5:4A:90:C9:6F:CA:EC:8D:11:AC:4B:E6:2A:CB:EA
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KEjWVLGlSpDJb8rsjRGsS-Yqy-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.66.0/24
163.5.118.0/23
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:68:69:27:b1:cc:fe:c5:33:44:17:a6:e2:07:af:dc:f6:b7:
fd:91:cb:af:0d:40:e6:b6:14:b4:b2:b4:37:7d:69:05:7d:6a:
c3:cc:57:3a:a7:2b:96:00:60:17:bd:fd:af:0d:11:98:88:f8:
0b:8a:54:5a:5a:5a:8d:28:ac:56:cc:6e:5e:72:d2:d5:50:5c:
80:81:3a:a5:aa:13:41:4e:d7:04:fd:04:97:47:48:d9:67:8b:
65:b7:6b:7b:b1:a4:24:c6:3a:17:ed:74:de:0d:c9:64:80:9a:
39:0f:6a:2e:bb:8e:21:58:f7:81:a4:5c:3d:50:f8:30:29:d7:
a0:05:1b:c3:2d:c1:93:8c:7f:c2:cc:24:16:6a:68:8b:75:bc:
88:ab:52:d7:18:1e:90:03:c1:d1:27:ec:7c:4e:53:3d:b8:09:
d1:5b:9a:c8:13:f4:46:d0:c4:38:67:0c:a9:ad:97:a7:fa:fb:
f6:c3:a5:40:a3:4a:b3:fa:63:08:6f:84:55:a6:ff:04:ed:a1:
2e:be:fb:cf:01:f8:8e:b3:c0:1a:26:02:6e:90:c8:18:b3:70:
0e:db:65:74:64:9b:77:ce:7c:c3:f0:bc:bd:d1:f1:a2:7e:3f:
5e:ba:91:c1:81:4e:40:e2:d9:a1:22:02:6e:95:2e:9a:dc:41:
d7:84:f8:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZdPDUFINx0U23v5WJkLUhKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjA4MTAxOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ4ZDY1NGIxYTU0YTkwYzk2ZmNhZWM4ZDExYWM0YmU2MmFjYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp3z0G/bWzL6Wqgj7TwYIRoZY/o4Q
iKRSkMypGBPHsEqMXqbfKimVlFkULOZlvNQe5mlRCXUFf5sj/s/tmWogQu1J6X6r
OuYaZb9yOj0Mv4QgQ3k0Yi+ahX/H3BvUJkLcOTo+xJr/+UGgATu+kieP1J+JC7Sp
alt+D1lbUvPc2NwM4oRJMltA6P3Agndz1LI90fHyfqEMbvJcbg4kemy1CuWaveg8
cWgw5/TK1yADtOupdnZflnQbxvrpojUcTTeZRJhu5vs04RwJeeC5P8cue/J+YDWv
rYlnBCDRTvdsIoOsr1xtuyVPnY1nfThuO+v+zmV1gt6QubLAsgk9vV+zfQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFChI1lSxpUqQyW/K7I0RrEvmKsvqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS0VqV1ZMR2xTcERKYjhyc2pSR3NTLVlxeS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowVCAwQB
owV2MAwDBACjBZkDBACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEB
AH1oaSexzP7FM0QXpuIHr9z2t/2Ry68NQOa2FLSytDd9aQV9asPMVzqnK5YAYBe9
/a8NEZiI+AuKVFpaWo0orFbMbl5y0tVQXICBOqWqE0FO1wT9BJdHSNlni2W3a3ux
pCTGOhftdN4NyWSAmjkPai67jiFY94GkXD1Q+DAp16AFG8MtwZOMf8LMJBZqaIt1
vIirUtcYHpADwdEn7HxOUz24CdFbmsgT9EbQxDhnDKmtl6f6+/bDpUCjSrP6Ywhv
hFWm/wTtoS6++88B+I6zwBomAm6QyBizcA7bZXRkm3fOfMPwvL3R8aJ+P166kcGB
TkDi2aEiAm6VLprcQdeE+Ac=
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:46:50 2025 by rpki-client