Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIzgoZK8-BObsBvcbdmVKD9F8Ws.roa
File: cIzgoZK8-BObsBvcbdmVKD9F8Ws.roa (raw, json)
Hash identifier: oySA+AJ0J+CHSR0P2nI8I5or/8+EGo8rXD4OfU/PJkY=
Subject key identifier: 70:8C:E0:A1:92:BC:F8:13:9B:B0:1B:DC:6D:D9:95:28:3F:45:F1:6B
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198CB9966BA3DFD0D1C3945C1B9B8C47BE3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIzgoZK8-BObsBvcbdmVKD9F8Ws.roa
Signing time: Thu 21 Aug 2025 07:48:04 +0000
ROA not before: Thu 21 Aug 2025 07:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.190.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:99:66:ba:3d:fd:0d:1c:39:45:c1:b9:b8:c4:7b:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 21 07:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=708ce0a192bcf8139bb01bdc6dd995283f45f16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:39:5b:5a:3f:ec:c6:26:c9:3e:eb:49:4b:57:
e7:62:23:eb:02:04:a4:83:01:1f:03:6a:7a:b1:9b:
27:bc:d9:34:cc:51:b6:08:f2:d5:7d:f7:66:8c:b5:
21:74:cd:55:95:9b:fe:89:19:4e:2f:82:14:16:55:
69:bc:6e:8b:27:17:d9:58:07:f6:e0:8d:7c:e2:5f:
e0:81:24:ed:6f:f4:97:26:aa:ce:6e:3e:ac:41:9e:
b7:cd:ae:cb:47:fd:fc:35:5c:41:00:d1:f5:7f:a7:
ce:c0:77:4b:8b:b2:3e:96:d7:dd:df:c3:1b:30:5c:
32:1a:a2:0d:3a:27:24:8b:56:99:33:01:d0:38:f2:
fa:9d:9a:19:fb:5d:9f:36:0e:25:82:f9:64:db:f8:
b3:46:12:71:ec:84:5d:29:23:c3:e0:bd:c1:ef:27:
f9:91:12:c9:77:16:71:4f:95:b1:93:c8:de:ca:72:
ce:24:90:bf:bb:d6:3f:ee:ef:53:b9:11:ad:53:d1:
44:db:61:21:c8:e6:54:6b:64:26:54:2a:bc:cb:8c:
b4:6a:23:7a:75:5a:c5:88:eb:68:fe:56:6e:75:9d:
6f:ab:c4:76:4a:83:71:ec:f0:35:14:a0:f1:a2:34:
c4:ba:55:f9:83:29:4e:10:11:21:97:5f:5b:24:5f:
34:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:E0:A1:92:BC:F8:13:9B:B0:1B:DC:6D:D9:95:28:3F:45:F1:6B
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cIzgoZK8-BObsBvcbdmVKD9F8Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.46.0/24
163.5.190.0/24
163.5.247.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
41:d6:fb:c1:07:8f:89:6e:a6:c0:43:7e:d1:ea:5c:12:8a:7c:
42:bf:59:07:84:5d:1b:35:d9:83:60:1b:cd:1e:f8:ed:80:6e:
eb:53:5a:73:97:da:d1:26:94:e0:f5:ac:c0:f1:11:5e:b3:bd:
a4:4a:c1:1a:a7:38:b1:de:e6:4c:27:ea:6d:ba:06:94:af:ca:
fb:fe:57:b3:a1:27:5e:ed:a2:e4:18:6c:7b:c8:27:b8:60:9a:
10:e4:ac:53:4e:26:02:c5:fb:05:df:cf:e5:2b:e7:26:1e:f6:
08:c1:b4:26:63:8c:bb:f8:a8:b8:9a:b5:38:30:49:0c:1e:83:
9a:f8:52:0b:8f:eb:b9:1f:99:e8:23:18:69:c1:0e:b6:dd:64:
8d:da:f1:c9:ce:17:6a:93:25:a7:8d:0a:e8:b3:b5:61:b4:92:
f2:9b:33:55:70:aa:15:cd:fd:77:dc:70:57:18:9d:90:1f:79:
4c:88:98:b1:1a:41:94:63:b3:04:92:df:d7:8e:94:d2:30:3d:
85:59:57:a8:46:0d:14:32:a5:12:9b:fa:20:be:d9:9d:f3:44:
a8:36:42:69:e8:22:44:e7:0c:a4:f7:60:f1:d7:48:06:12:3b:
81:84:c1:7f:eb:6d:7d:ba:85:27:41:89:a5:eb:95:3e:17:b4:
b1:08:0d:71
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZjLmWa6Pf0NHDlFwbm4xHvjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODIxMDc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDhjZTBhMTkyYmNmODEzOWJiMDFiZGM2ZGQ5OTUyODNmNDVmMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6DlbWj/sxibJPutJS1fnYiPrAgSk
gwEfA2p6sZsnvNk0zFG2CPLVffdmjLUhdM1VlZv+iRlOL4IUFlVpvG6LJxfZWAf2
4I184l/ggSTtb/SXJqrObj6sQZ63za7LR/38NVxBANH1f6fOwHdLi7I+ltfd38Mb
MFwyGqINOicki1aZMwHQOPL6nZoZ+12fNg4lgvlk2/izRhJx7IRdKSPD4L3B7yf5
kRLJdxZxT5Wxk8jeynLOJJC/u9Y/7u9TuRGtU9FE22EhyOZUa2QmVCq8y4y0aiN6
dVrFiOto/lZudZ1vq8R2SoNx7PA1FKDxojTEulX5gylOEBEhl19bJF808wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHCM4KGSvPgTm7Ab3G3ZlSg/RfFrMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY0l6Z29aSzgtQk9ic0J2Y2JkbVZLRDlGOFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUpAwQA
owUuAwQAowW+MAwDBACjBfcDBACjBfgwDQYJKoZIhvcNAQELBQADggEBAEHW+8EH
j4lupsBDftHqXBKKfEK/WQeEXRs12YNgG80e+O2AbutTWnOX2tEmlOD1rMDxEV6z
vaRKwRqnOLHe5kwn6m26BpSvyvv+V7OhJ17touQYbHvIJ7hgmhDkrFNOJgLF+wXf
z+Ur5yYe9gjBtCZjjLv4qLiatTgwSQweg5r4UguP67kfmegjGGnBDrbdZI3a8cnO
F2qTJaeNCuiztWG0kvKbM1VwqhXN/XfccFcYnZAfeUyImLEaQZRjswSS39eOlNIw
PYVZV6hGDRQypRKb+iC+2Z3zRKg2QmnoIkTnDKT3YPHXSAYSO4GEwX/rbX26hSdB
iaXrlT4XtLEIDXE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:36:48 2025 by rpki-client