Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mOCOtgTjfZzzYCig3Q_m--reVRg.roa
File: mOCOtgTjfZzzYCig3Q_m--reVRg.roa (raw, json)
Hash identifier: c+D18a1XYOPBUbTLvVcEFL3TAd1zjNsHr2PzZXUKVH0=
Subject key identifier: 98:E0:8E:B6:04:E3:7D:9C:F3:60:28:A0:DD:0F:E6:FB:EA:DE:55:18
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01971C0D7B2C1ACF951361861520819628E7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mOCOtgTjfZzzYCig3Q_m--reVRg.roa
Signing time: Thu 29 May 2025 12:38:54 +0000
ROA not before: Thu 29 May 2025 12:38:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.2.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1c:0d:7b:2c:1a:cf:95:13:61:86:15:20:81:96:28:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 29 12:38:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98e08eb604e37d9cf36028a0dd0fe6fbeade5518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3e:7c:ac:ae:74:7c:d8:a6:29:24:39:c7:b7:
da:35:f4:64:b7:bf:ef:f1:32:fb:3a:76:41:a2:e8:
ae:a3:30:4e:e6:17:e3:8b:87:e5:a4:96:d5:0c:05:
eb:e2:aa:45:3b:15:e3:e4:4d:ac:99:72:00:f6:11:
90:c7:00:48:6e:c0:68:60:eb:a4:bf:98:79:84:c1:
da:e2:8a:a5:7a:20:f0:5c:fd:01:51:e7:dd:37:5e:
5c:d4:13:e0:01:9f:42:d6:a9:64:74:b0:b6:22:c5:
4b:a6:71:22:1e:24:a2:52:a8:a1:eb:38:85:60:33:
7c:35:36:41:4e:da:f3:d1:45:93:d6:d8:09:10:7a:
dd:06:25:f8:10:b0:73:85:c5:c9:11:64:ba:2f:c6:
a2:c1:52:36:a3:02:51:cc:12:1b:8b:11:e4:36:8d:
56:79:83:0f:81:e9:ae:0f:13:ce:d0:3a:ea:cf:36:
aa:4c:6b:92:fe:27:7a:24:7a:b0:15:7b:5c:cc:6c:
a9:09:e9:a7:19:d5:df:41:22:92:00:51:58:b8:71:
6f:ac:d4:33:b7:94:bd:58:99:5c:36:90:46:27:1a:
9b:1f:e9:e0:ee:5d:40:a0:52:69:6f:58:8a:f7:a2:
b2:e2:ab:a9:36:a1:5e:e6:31:b6:00:f5:11:51:30:
d9:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E0:8E:B6:04:E3:7D:9C:F3:60:28:A0:DD:0F:E6:FB:EA:DE:55:18
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mOCOtgTjfZzzYCig3Q_m--reVRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/24
163.5.2.0-163.5.4.255
163.5.10.0/23
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/24
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
15:20:0a:ba:2e:38:c0:bb:22:aa:56:31:86:58:3d:2a:ef:fe:
c3:16:43:dc:5d:ed:2e:42:ef:02:11:49:c3:69:37:1b:28:89:
76:2c:35:11:ab:0c:68:01:99:64:d8:b2:d8:9e:d5:22:d8:62:
36:61:3b:25:26:ba:07:b3:56:45:92:50:47:82:32:82:d8:50:
2c:43:eb:a8:88:49:94:5d:7c:35:02:ce:84:46:f2:66:eb:d0:
85:c9:80:04:d3:95:e0:6e:bc:94:88:6c:a6:5e:66:27:d6:1c:
a3:5c:cc:e6:99:08:b1:55:68:6b:86:d8:af:f8:19:a5:b9:aa:
9e:08:a4:a9:cb:50:eb:46:67:e4:6a:8b:4c:0a:f6:bd:da:b6:
2c:f7:37:23:4a:01:e2:61:d9:46:b8:9b:89:64:bb:24:9e:89:
30:57:aa:6e:22:8f:a8:c2:fa:58:e4:f7:d7:5f:46:95:97:d0:
96:66:1d:6f:81:f9:73:89:64:41:3b:7a:88:69:e2:e7:6b:fb:
07:90:2f:c9:9f:1c:f1:ba:2a:46:af:e9:a4:bf:61:9f:eb:41:
7f:46:4c:b0:97:21:dd:da:b6:9c:c9:59:b0:27:d5:0c:43:a4:
9c:02:2c:2a:f4:c9:1d:8c:a6:d3:be:97:b9:9b:4c:85:82:d0:
ad:62:51:db
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZccDXssGs+VE2GGFSCBlijnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTI5MTIzODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGUwOGViNjA0ZTM3ZDljZjM2MDI4YTBkZDBmZTZmYmVhZGU1NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT58rK50fNimKSQ5x7faNfRkt7/v
8TL7OnZBouiuozBO5hfji4flpJbVDAXr4qpFOxXj5E2smXIA9hGQxwBIbsBoYOuk
v5h5hMHa4oqleiDwXP0BUefdN15c1BPgAZ9C1qlkdLC2IsVLpnEiHiSiUqih6ziF
YDN8NTZBTtrz0UWT1tgJEHrdBiX4ELBzhcXJEWS6L8aiwVI2owJRzBIbixHkNo1W
eYMPgemuDxPO0DrqzzaqTGuS/id6JHqwFXtczGypCemnGdXfQSKSAFFYuHFvrNQz
t5S9WJlcNpBGJxqbH+ng7l1AoFJpb1iK96Ky4qupNqFe5jG2APURUTDZdQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJjgjrYE432c82AooN0P5vvq3lUYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbU9DT3RnVGpmWnp6WUNpZzNRX20tLXJlVlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAKMFADAM
AwQBowUCAwQAowUEAwQBowUKAwQBowUUMAwDBACjBRcDBACjBRgDBACjBSoDBACj
BS0DBACjBTADBACjBTIDBACjBTQDBACjBTcDBACjBTkDBAGjBUQDBAGjBVADBACj
BVUwDQYJKoZIhvcNAQELBQADggEBABUgCrouOMC7IqpWMYZYPSrv/sMWQ9xd7S5C
7wIRScNpNxsoiXYsNRGrDGgBmWTYstie1SLYYjZhOyUmugezVkWSUEeCMoLYUCxD
66iISZRdfDUCzoRG8mbr0IXJgATTleBuvJSIbKZeZifWHKNczOaZCLFVaGuG2K/4
GaW5qp4IpKnLUOtGZ+Rqi0wK9r3atiz3NyNKAeJh2Ua4m4lkuySeiTBXqm4ij6jC
+ljk99dfRpWX0JZmHW+B+XOJZEE7eohp4udr+weQL8mfHPG6Kkav6aS/YZ/rQX9G
TLCXId3atpzJWbAn1QxDpJwCLCr0yR2MptO+l7mbTIWC0K1iUds=
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:17:54 2025 by rpki-client