Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2dqnhsJqa9gZ9YVtDXFKRutqqrg.roa
File: 2dqnhsJqa9gZ9YVtDXFKRutqqrg.roa (raw, json)
Hash identifier: YtQuzr6nnNRsqqUjY9JcMV239maefXC6dcdypsBYuGA=
Subject key identifier: D9:DA:A7:86:C2:6A:6B:D8:19:F5:85:6D:0D:71:4A:46:EB:6A:AA:B8
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198B997B809B3D2FC560B4212561158A88A
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2dqnhsJqa9gZ9YVtDXFKRutqqrg.roa
Signing time: Sun 17 Aug 2025 19:53:04 +0000
ROA not before: Sun 17 Aug 2025 19:53:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 163.5.28.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b9:97:b8:09:b3:d2:fc:56:0b:42:12:56:11:58:a8:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 17 19:53:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9daa786c26a6bd819f5856d0d714a46eb6aaab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:dc:ba:c0:10:8f:bf:b2:e0:c2:f5:03:45:cf:
81:f4:ae:37:36:7e:54:82:83:75:d2:ee:33:d9:b4:
0b:09:54:94:8a:b7:fd:55:5d:44:de:d4:b8:fc:39:
e5:46:53:ed:13:38:50:fa:01:93:4c:b8:be:a5:e0:
ac:81:be:ec:34:ea:af:05:0f:b2:fb:f1:fa:d7:b4:
04:36:08:15:36:d7:77:2a:74:ef:24:90:23:b5:c2:
5d:13:26:4d:c1:35:05:84:2e:f5:11:59:e4:fb:89:
8d:57:16:12:22:56:cd:69:7c:4e:e3:23:f1:51:21:
76:14:d1:68:38:79:ff:c1:45:11:5d:ac:18:83:b5:
6f:16:c8:cf:43:40:00:49:3b:a5:1f:43:90:0f:55:
f4:76:97:ef:06:63:df:ab:36:10:35:21:9c:6f:b3:
2c:9d:ec:3b:b0:36:47:b0:dd:36:a3:ae:f3:52:c8:
38:4e:d1:71:d7:c0:8d:d1:b1:aa:1f:57:20:12:36:
cd:cb:4b:bc:47:df:aa:48:89:97:9c:56:f4:47:02:
c0:d6:40:a1:ab:fc:64:0c:4f:b5:fa:30:aa:7d:d4:
80:ed:34:dc:12:6d:9a:21:40:fe:e6:e2:19:2c:4e:
84:b3:d5:6c:33:52:4e:cc:e7:c4:a4:da:5f:e5:a2:
5a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DA:A7:86:C2:6A:6B:D8:19:F5:85:6D:0D:71:4A:46:EB:6A:AA:B8
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/2dqnhsJqa9gZ9YVtDXFKRutqqrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.28.0/24
163.5.106.0/24
163.5.136.0/24
163.5.186.0/24
163.5.223.0/24
Signature Algorithm: sha256WithRSAEncryption
25:84:e0:c6:33:c5:7a:f9:0e:1d:91:24:d9:3b:6c:5a:65:3a:
6f:8b:18:0c:53:c7:63:61:78:6e:9a:e8:6a:bc:a4:11:d5:3a:
57:1b:eb:54:39:97:72:4c:d8:f5:b4:d0:1f:63:64:f9:42:92:
c1:2d:30:ce:59:79:a3:1c:6a:81:ea:57:fd:fd:a9:fa:06:0d:
e7:e3:7f:9e:35:db:9c:39:14:82:61:6b:6c:1c:1a:ea:c4:86:
03:cf:2b:30:1d:ad:7f:79:41:65:58:1c:5b:d8:04:04:c5:53:
2c:89:91:05:d9:21:5e:20:06:1a:df:a1:08:d4:26:92:7d:31:
4a:c2:55:ea:f2:a8:41:c3:ba:a0:48:b2:1b:4e:9d:f8:e3:bf:
5c:db:57:63:85:bd:90:7f:ed:ca:54:e3:2b:3c:69:18:2f:bf:
4e:b2:51:9e:0a:be:66:f8:43:de:db:f7:3e:d0:d4:34:d4:7d:
6e:d8:05:a9:0b:2c:9a:f4:3a:43:68:88:53:8a:39:bf:8d:ec:
3b:34:bf:98:11:ae:ed:a7:5e:b4:b4:88:ae:fe:74:6a:71:e5:
d7:67:85:fb:15:7b:72:e5:28:e5:b3:02:72:b6:fc:28:60:27:
d0:66:b7:bb:a5:be:79:7f:69:80:27:ea:64:8a:1e:bc:76:01:
c0:90:4e:50
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZi5l7gJs9L8VgtCElYRWKiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODE3MTk1MzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRhYTc4NmMyNmE2YmQ4MTlmNTg1NmQwZDcxNGE0NmViNmFhYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNy6wBCPv7LgwvUDRc+B9K43Nn5U
goN10u4z2bQLCVSUirf9VV1E3tS4/DnlRlPtEzhQ+gGTTLi+peCsgb7sNOqvBQ+y
+/H617QENggVNtd3KnTvJJAjtcJdEyZNwTUFhC71EVnk+4mNVxYSIlbNaXxO4yPx
USF2FNFoOHn/wUURXawYg7VvFsjPQ0AASTulH0OQD1X0dpfvBmPfqzYQNSGcb7Ms
new7sDZHsN02o67zUsg4TtFx18CN0bGqH1cgEjbNy0u8R9+qSImXnFb0RwLA1kCh
q/xkDE+1+jCqfdSA7TTcEm2aIUD+5uIZLE6Es9VsM1JOzOfEpNpf5aJarwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNnap4bCamvYGfWFbQ1xSkbraqq4MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMmRxbmhzSnFhOWdaOVlWdERYRktSdXRxcXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUcAwQA
owVqAwQAowWIAwQAowW6AwQAowXfMA0GCSqGSIb3DQEBCwUAA4IBAQAlhODGM8V6
+Q4dkSTZO2xaZTpvixgMU8djYXhumuhqvKQR1TpXG+tUOZdyTNj1tNAfY2T5QpLB
LTDOWXmjHGqB6lf9/an6Bg3n43+eNducORSCYWtsHBrqxIYDzyswHa1/eUFlWBxb
2AQExVMsiZEF2SFeIAYa36EI1CaSfTFKwlXq8qhBw7qgSLIbTp34479c21djhb2Q
f+3KVOMrPGkYL79OslGeCr5m+EPe2/c+0NQ01H1u2AWpCyya9DpDaIhTijm/jew7
NL+YEa7tp160tIiu/nRqceXXZ4X7FXty5SjlswJytvwoYCfQZre7pb55f2mAJ+pk
ih68dgHAkE5Q
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:09:39 2025 by rpki-client