Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tj_1aSQ5TB-A-cC0foWuLPB52rY.roa
File: Tj_1aSQ5TB-A-cC0foWuLPB52rY.roa (raw, json)
Hash identifier: xNtPhEYSukHvT+aWKq4buhQ97K2S0WkI6FAPvKSeRJA=
Subject key identifier: 4E:3F:F5:69:24:39:4C:1F:80:F9:C0:B4:7E:85:AE:2C:F0:79:DA:B6
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019755FC75EBE40C827318005285B4F63EA0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tj_1aSQ5TB-A-cC0foWuLPB52rY.roa
Signing time: Mon 09 Jun 2025 18:38:17 +0000
ROA not before: Mon 09 Jun 2025 18:38:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 163.5.26.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.180.0/24 maxlen: 24
163.5.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:fc:75:eb:e4:0c:82:73:18:00:52:85:b4:f6:3e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 9 18:38:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e3ff56924394c1f80f9c0b47e85ae2cf079dab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:63:6a:f1:fe:7f:06:e4:97:46:8d:4e:64:5e:
36:38:77:0c:4b:a2:2f:d0:ae:40:d3:5b:bc:c2:4a:
02:9a:09:2e:e5:b8:aa:a3:de:b8:21:2b:f0:4a:7a:
05:bb:59:cf:45:93:44:b0:e8:54:9b:11:53:e3:23:
b4:58:86:be:67:06:78:94:08:31:9a:9c:a2:54:79:
e2:33:28:a8:7b:df:e5:94:fd:6a:84:87:c1:9f:37:
e6:fd:2b:15:13:7b:78:57:e5:c0:64:d7:94:3a:fc:
53:9f:46:54:d0:66:22:b5:81:1d:0c:ad:e3:74:ce:
b5:bd:98:67:21:19:d3:91:11:2a:7a:15:5b:1b:1c:
d0:7a:96:11:0f:df:b3:d2:50:ea:b3:a0:aa:2c:4e:
89:42:6e:e3:90:d0:e0:f1:e2:e7:54:a1:e8:bd:9f:
d5:2c:c9:86:8c:9b:6a:e0:06:f6:1c:7c:cc:ee:a1:
36:67:5a:97:b3:8c:7f:55:ef:fe:6c:22:a3:d4:0d:
e4:e2:9e:cc:b6:d1:2a:ff:98:11:95:44:50:83:6c:
f3:db:4c:4d:ad:c1:14:37:bf:ce:91:19:1f:60:c3:
05:12:a2:11:60:72:d8:45:9f:ee:dd:1b:e5:14:6e:
a5:75:d8:b7:59:cc:30:71:71:95:f3:25:c5:18:32:
ff:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:3F:F5:69:24:39:4C:1F:80:F9:C0:B4:7E:85:AE:2C:F0:79:DA:B6
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Tj_1aSQ5TB-A-cC0foWuLPB52rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.26.0/24
163.5.150.0/24
163.5.180.0/24
163.5.183.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c4:02:2b:e9:06:94:8b:62:b7:a8:c7:59:4e:10:b4:7b:d3:
d1:a8:a1:30:55:84:02:c6:25:1c:d5:c3:51:b9:10:a3:b2:74:
ad:fb:04:4f:9a:3a:aa:c6:00:3f:62:ae:94:a2:c8:61:89:71:
54:cd:4c:e6:a3:b0:94:45:5f:ff:a3:0f:6a:f8:2a:07:4a:d6:
d2:4e:e8:3e:7d:9e:70:ed:63:5e:20:da:e2:80:46:d4:36:95:
6b:b5:ae:d7:69:d3:44:16:c7:1f:fd:a7:ac:56:45:73:28:ab:
eb:88:a7:c6:03:83:d8:4f:ea:d3:e4:ee:eb:e3:19:42:e7:09:
94:8f:61:15:fb:15:d0:62:54:be:f5:a1:b3:45:a1:09:c9:6e:
52:f6:c4:96:60:db:e5:34:f9:77:6e:8e:f8:5f:48:ba:f6:e6:
b3:a7:ec:e7:cf:17:0a:ce:8b:5f:ad:8d:1d:96:a0:4b:0d:fe:
b7:95:37:ef:e2:6c:8f:6d:44:a1:78:96:87:c7:53:81:aa:f2:
ff:47:ef:2b:a8:a5:f8:3d:c2:ee:88:9a:e2:a0:29:21:0d:77:
7c:00:34:b8:92:06:7d:54:54:3d:30:29:00:b7:ff:7c:86:71:
41:60:2f:e5:43:60:d9:1d:8b:f5:c8:4b:f4:ee:db:d4:50:74:
41:71:ef:39
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdV/HXr5AyCcxgAUoW09j6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjA5MTgzODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTNmZjU2OTI0Mzk0YzFmODBmOWMwYjQ3ZTg1YWUyY2YwNzlkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGNq8f5/BuSXRo1OZF42OHcMS6Iv
0K5A01u8wkoCmgku5biqo964ISvwSnoFu1nPRZNEsOhUmxFT4yO0WIa+ZwZ4lAgx
mpyiVHniMyioe9/llP1qhIfBnzfm/SsVE3t4V+XAZNeUOvxTn0ZU0GYitYEdDK3j
dM61vZhnIRnTkREqehVbGxzQepYRD9+z0lDqs6CqLE6JQm7jkNDg8eLnVKHovZ/V
LMmGjJtq4Ab2HHzM7qE2Z1qXs4x/Ve/+bCKj1A3k4p7MttEq/5gRlURQg2zz20xN
rcEUN7/OkRkfYMMFEqIRYHLYRZ/u3RvlFG6lddi3WcwwcXGV8yXFGDL/OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE4/9WkkOUwfgPnAtH6Frizwedq2MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVGpfMWFTUTVUQi1BLWNDMGZvV3VMUEI1MnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUaAwQA
owWWAwQAowW0AwQAowW3MA0GCSqGSIb3DQEBCwUAA4IBAQCOxAIr6QaUi2K3qMdZ
ThC0e9PRqKEwVYQCxiUc1cNRuRCjsnSt+wRPmjqqxgA/Yq6UoshhiXFUzUzmo7CU
RV//ow9q+CoHStbSTug+fZ5w7WNeINrigEbUNpVrta7XadNEFscf/aesVkVzKKvr
iKfGA4PYT+rT5O7r4xlC5wmUj2EV+xXQYlS+9aGzRaEJyW5S9sSWYNvlNPl3bo74
X0i69uazp+znzxcKzotfrY0dlqBLDf63lTfv4myPbUSheJaHx1OBqvL/R+8rqKX4
PcLuiJrioCkhDXd8ADS4kgZ9VFQ9MCkAt/98hnFBYC/lQ2DZHYv1yEv07tvUUHRB
ce85
-----END CERTIFICATE-----
Generated at Sun Jun 15 23:06:39 2025 by rpki-client