Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WmXcSqM1SZkD_JCEwuQlwHkUm1A.roa
File: WmXcSqM1SZkD_JCEwuQlwHkUm1A.roa (raw, json)
Hash identifier: g8s52YjB8kQWdLpoWRWvmJw1XmFHSBApRB24YdZ/bvM=
Subject key identifier: 5A:65:DC:4A:A3:35:49:99:03:FC:90:84:C2:E4:25:C0:79:14:9B:50
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01972533670439B0F0EF38AC88B0206E8B31
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WmXcSqM1SZkD_JCEwuQlwHkUm1A.roa
Signing time: Sat 31 May 2025 07:16:55 +0000
ROA not before: Sat 31 May 2025 07:16:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.38.0/23 maxlen: 23
163.5.38.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 10:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:25:33:67:04:39:b0:f0:ef:38:ac:88:b0:20:6e:8b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 31 07:16:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a65dc4aa335499903fc9084c2e425c079149b50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:96:41:3f:56:a3:4a:ab:17:d1:38:9b:e1:
11:05:16:b1:eb:79:70:26:74:72:32:98:7b:8a:5d:
94:1e:85:9c:6a:d5:5a:9b:8c:28:33:6d:fc:16:a6:
28:2b:4a:43:c6:04:b6:60:33:54:67:6f:12:61:3d:
fa:e8:23:8e:5e:e8:22:ae:a0:8e:5f:ca:48:06:b5:
c0:f5:7d:26:45:3e:eb:27:68:97:36:9a:9a:03:cb:
68:28:ac:07:8a:94:5b:fe:77:5d:d5:2e:aa:b8:4e:
86:05:2a:3a:6e:ed:37:52:3c:cf:2c:48:53:03:07:
56:f0:04:4c:5f:93:58:c9:6a:db:2d:98:ff:d2:e3:
e2:01:e4:c6:ff:bc:2b:c4:d9:54:6e:13:ad:83:31:
76:db:d4:1e:8d:72:f0:9f:a8:fd:f5:d7:f5:46:de:
ea:45:0e:40:ee:4d:3b:2c:f6:b3:4d:d6:71:c2:f6:
0f:ae:3d:98:36:1a:c8:3e:22:80:d0:e7:6a:66:63:
d0:db:10:e6:de:e2:82:2e:ea:92:d5:76:72:6e:96:
cc:bd:ac:fb:04:e6:fd:5e:c0:fc:87:b1:46:bd:f4:
6d:3d:2c:b0:a6:5b:bc:50:2f:2a:71:95:07:2a:2b:
c1:bd:e6:c2:e0:8c:84:09:96:fe:b4:a0:84:42:f5:
dc:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:65:DC:4A:A3:35:49:99:03:FC:90:84:C2:E4:25:C0:79:14:9B:50
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/WmXcSqM1SZkD_JCEwuQlwHkUm1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.38.0/23
163.5.60.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0-163.5.102.255
163.5.108.0/24
163.5.114.0/24
163.5.116.0/23
163.5.130.0/24
163.5.147.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0-163.5.228.255
163.5.238.0/24
163.5.240.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
14:3e:a7:32:72:bf:fd:d4:88:43:6c:49:68:36:f4:fb:c3:42:
ac:88:62:03:d6:81:00:44:15:1f:3e:fb:3f:0e:5a:b4:d9:3d:
9b:3f:e3:bb:75:5f:cb:cb:49:89:05:1d:7b:f2:eb:6a:26:42:
b7:11:61:53:32:eb:bb:d4:7e:54:bc:bd:30:30:7d:04:7f:49:
f2:70:6d:f0:f7:ff:91:c0:70:fe:1a:88:00:3a:45:cd:9b:e7:
1f:3c:15:01:5a:f3:a0:c4:1d:12:4b:05:2a:ed:13:b3:db:be:
95:b3:0e:68:af:c5:6b:77:ea:09:d0:e8:9e:cf:b7:82:c4:97:
9a:20:55:30:61:57:d7:40:a5:b1:af:16:96:27:62:b5:5b:a1:
9a:23:f8:ce:c2:46:ed:a7:ea:43:36:fa:12:21:9f:2a:c5:bb:
9e:91:47:1f:b2:74:9e:db:81:36:ce:a3:73:b7:06:fe:10:17:
00:df:61:d2:4d:ed:22:d8:e2:23:89:b8:19:37:e2:d3:e2:20:
7a:6b:50:01:21:cb:d4:67:71:30:70:77:4e:48:4c:d6:fb:e8:
03:fc:e7:e0:b2:be:a7:fe:44:17:1f:05:b6:c1:8c:bc:9c:57:
4d:72:05:a9:d7:29:ee:a2:b0:81:d7:5c:df:19:b7:cb:05:13:
9f:20:14:2e
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZclM2cEObDw7zisiLAgbosxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTMxMDcxNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTY1ZGM0YWEzMzU0OTk5MDNmYzkwODRjMmU0MjVjMDc5MTQ5YjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWiWQT9Wo0qrF9E4m+ERBRax63lw
JnRyMph7il2UHoWcatVam4woM238FqYoK0pDxgS2YDNUZ28SYT366COOXugirqCO
X8pIBrXA9X0mRT7rJ2iXNpqaA8toKKwHipRb/ndd1S6quE6GBSo6bu03UjzPLEhT
AwdW8ARMX5NYyWrbLZj/0uPiAeTG/7wrxNlUbhOtgzF229QejXLwn6j99df1Rt7q
RQ5A7k07LPazTdZxwvYPrj2YNhrIPiKA0OdqZmPQ2xDm3uKCLuqS1XZybpbMvaz7
BOb9XsD8h7FGvfRtPSywplu8UC8qcZUHKivBvebC4IyECZb+tKCEQvXcFwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFFpl3EqjNUmZA/yQhMLkJcB5FJtQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvV21YY1NxTTFTWmtEX0pDRXd1UWx3SGtVbTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBACj
BSIDBAGjBSYDBACjBTwDBACjBVgDBACjBVoDBACjBV0wDAMEAqMFZAMEAKMFZgME
AKMFbAMEAKMFcgMEAaMFdAMEAKMFggMEAKMFkwMEAKMFrgMEAKMFvQMEAKMFwDAM
AwQAowXhAwQAowXkAwQAowXuAwQAowXwAwQAowXzMA0GCSqGSIb3DQEBCwUAA4IB
AQAUPqcycr/91IhDbEloNvT7w0KsiGID1oEARBUfPvs/Dlq02T2bP+O7dV/Ly0mJ
BR178utqJkK3EWFTMuu71H5UvL0wMH0Ef0nycG3w9/+RwHD+GogAOkXNm+cfPBUB
WvOgxB0SSwUq7ROz276Vsw5or8Vrd+oJ0Oiez7eCxJeaIFUwYVfXQKWxrxaWJ2K1
W6GaI/jOwkbtp+pDNvoSIZ8qxbuekUcfsnSe24E2zqNztwb+EBcA32HSTe0i2OIj
ibgZN+LT4iB6a1ABIcvUZ3EwcHdOSEzW++gD/Ofgsr6n/kQXHwW2wYy8nFdNcgWp
1ynuorCB11zfGbfLBROfIBQu
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:02:35 2025 by rpki-client