Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/msyrt-zQOGBMf_hF4xGVoXVArXM.roa
File: msyrt-zQOGBMf_hF4xGVoXVArXM.roa (raw, json)
Hash identifier: dxegl/PygbKlWZXivDSzzYtAaH+dVuiG50UgRve/eoM=
Subject key identifier: 9A:CC:AB:B7:EC:D0:38:60:4C:7F:F8:45:E3:11:95:A1:75:40:AD:73
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01984D0AE6502E63A3BA031C81CA11AF2C05
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/msyrt-zQOGBMf_hF4xGVoXVArXM.roa
Signing time: Sun 27 Jul 2025 18:00:16 +0000
ROA not before: Sun 27 Jul 2025 18:00:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:0a:e6:50:2e:63:a3:ba:03:1c:81:ca:11:af:2c:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 27 18:00:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9accabb7ecd038604c7ff845e31195a17540ad73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8d:53:87:ad:63:50:9a:e7:d9:5d:e1:5b:b2:
49:51:ab:90:fc:1c:5f:5a:c4:d7:f4:23:8a:2f:90:
92:09:9e:f9:5c:3d:2f:0f:a5:0a:9e:8a:a3:d7:31:
02:15:eb:bf:d8:b4:d9:e3:c7:9d:e1:5c:80:80:dd:
07:39:a1:9c:2a:bd:18:6b:fe:88:af:66:7c:bc:01:
b9:b9:48:a5:0d:9c:14:1a:f5:05:bf:b7:99:62:d4:
9f:09:a2:d6:ad:55:1f:17:73:64:4b:30:b8:b3:c3:
40:8e:0c:08:37:e5:1a:5c:d2:7c:97:98:c1:5e:f2:
a2:ec:45:81:31:00:b5:73:ba:1e:8b:c0:70:b0:19:
1c:96:14:f9:a2:a4:99:b0:70:2d:97:43:6c:11:9c:
48:54:90:d4:80:06:6f:e4:16:87:c9:e9:1c:34:e4:
dd:31:7d:af:c5:60:28:79:7f:60:29:32:3b:ef:ca:
ee:e4:25:0a:9a:54:63:45:e5:20:f4:ac:d8:be:7b:
71:d3:a9:86:90:98:bf:6d:b7:0e:7e:8c:f5:0b:67:
c8:c1:c9:d2:7f:50:7c:c6:fa:65:c4:30:a5:aa:b9:
c9:e1:f8:ba:2f:f2:6e:0a:61:73:14:1a:f1:09:22:
5c:0d:aa:8b:bd:63:6a:fa:f3:78:2c:02:31:b4:fd:
14:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:CC:AB:B7:EC:D0:38:60:4C:7F:F8:45:E3:11:95:A1:75:40:AD:73
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/msyrt-zQOGBMf_hF4xGVoXVArXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.192.0/23
163.5.195.0/24
163.5.213.0-163.5.214.255
Signature Algorithm: sha256WithRSAEncryption
a2:65:d4:98:0f:b0:bc:85:1c:99:7f:02:74:a9:2a:fd:6f:60:
ec:9f:bc:6f:6a:02:93:f6:ae:3a:27:45:53:c9:90:24:12:fa:
73:dd:cc:b1:86:3c:30:c0:7b:2d:c9:a2:c9:8d:49:45:7b:b1:
ed:c2:8b:4d:fe:fa:3b:1e:b8:e9:0f:50:04:89:bc:9b:06:af:
ba:04:db:b7:60:b6:2d:19:b3:2b:8d:c3:de:21:31:08:c5:a7:
e8:8d:a4:0e:2c:22:d1:96:82:cc:8d:23:ba:4d:82:e0:64:42:
26:86:c8:50:6c:83:6c:8c:64:04:01:7b:c9:13:67:a5:01:cf:
1c:58:8b:7f:b8:e9:4d:2c:4a:0c:67:a0:90:43:ce:c9:af:8b:
fb:95:da:8d:af:24:f9:3e:2e:a3:3c:a9:9a:b4:b5:73:6e:a6:
af:e1:df:03:d0:f4:40:4e:7a:fb:a3:cd:12:bc:73:94:80:5d:
02:1a:4c:5b:ab:72:01:d6:8e:7e:ac:0e:88:59:29:9f:94:b6:
86:09:c9:68:af:f7:4d:3f:3d:3b:f5:d9:e3:f1:7d:85:3a:45:
e1:c3:6c:ce:e2:de:fd:1b:5a:60:af:8b:95:f7:80:06:8c:f4:
af:b1:02:af:03:96:4b:df:e7:27:a1:21:8d:b0:57:9e:aa:49:
94:dd:d9:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZhNCuZQLmOjugMcgcoRrywFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNzI3MTgwMDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWNjYWJiN2VjZDAzODYwNGM3ZmY4NDVlMzExOTVhMTc1NDBhZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzI1Th61jUJrn2V3hW7JJUauQ/Bxf
WsTX9COKL5CSCZ75XD0vD6UKnoqj1zECFeu/2LTZ48ed4VyAgN0HOaGcKr0Ya/6I
r2Z8vAG5uUilDZwUGvUFv7eZYtSfCaLWrVUfF3NkSzC4s8NAjgwIN+UaXNJ8l5jB
XvKi7EWBMQC1c7oei8BwsBkclhT5oqSZsHAtl0NsEZxIVJDUgAZv5BaHyekcNOTd
MX2vxWAoeX9gKTI778ru5CUKmlRjReUg9KzYvntx06mGkJi/bbcOfoz1C2fIwcnS
f1B8xvplxDClqrnJ4fi6L/JuCmFzFBrxCSJcDaqLvWNq+vN4LAIxtP0UcwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJrMq7fs0DhgTH/4ReMRlaF1QK1zMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbXN5cnQtelFPR0JNZl9oRjR4R1ZvWFZBclhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBowXAAwQA
owXDMAwDBACjBdUDBACjBdYwDQYJKoZIhvcNAQELBQADggEBAKJl1JgPsLyFHJl/
AnSpKv1vYOyfvG9qApP2rjonRVPJkCQS+nPdzLGGPDDAey3JosmNSUV7se3Ci03+
+jseuOkPUASJvJsGr7oE27dgti0ZsyuNw94hMQjFp+iNpA4sItGWgsyNI7pNguBk
QiaGyFBsg2yMZAQBe8kTZ6UBzxxYi3+46U0sSgxnoJBDzsmvi/uV2o2vJPk+LqM8
qZq0tXNupq/h3wPQ9EBOevujzRK8c5SAXQIaTFurcgHWjn6sDohZKZ+UtoYJyWiv
900/PTv12ePxfYU6ReHDbM7i3v0bWmCvi5X3gAaM9K+xAq8Dlkvf5yehIY2wV56q
SZTd2Rg=
-----END CERTIFICATE-----
Generated at Wed Aug 6 06:04:26 2025 by rpki-client