Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hqGuWLbDxYefvg3TeGTBmtCNUEU.roa
File: hqGuWLbDxYefvg3TeGTBmtCNUEU.roa (raw, json)
Hash identifier: tXxvsQYAK3w1ifjp6JI1QWaiPmRRQ13rkV4OF32IDiM=
Subject key identifier: 86:A1:AE:58:B6:C3:C5:87:9F:BE:0D:D3:78:64:C1:9A:D0:8D:50:45
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198A2B4A73BF85BAEA6DC400B8B0C37E9F8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hqGuWLbDxYefvg3TeGTBmtCNUEU.roa
Signing time: Wed 13 Aug 2025 09:13:25 +0000
ROA not before: Wed 13 Aug 2025 09:13:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:b4:a7:3b:f8:5b:ae:a6:dc:40:0b:8b:0c:37:e9:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 13 09:13:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86a1ae58b6c3c5879fbe0dd37864c19ad08d5045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:e3:f9:94:b5:e0:28:ea:6e:f4:d9:32:8a:86:
94:c9:25:44:f8:c8:f0:f8:67:d3:8c:55:98:81:ce:
01:21:c0:6f:77:f1:7f:a7:f8:2f:34:98:b7:7c:24:
bb:59:b9:92:79:e3:67:29:3d:e5:e1:73:21:0b:62:
0d:5d:bd:c5:20:fc:8f:43:d8:a4:bd:97:b6:f7:00:
98:4f:22:65:67:66:cc:92:db:06:bc:b2:4c:07:d0:
cf:82:2b:1a:64:6b:7c:73:31:1d:d4:af:4b:51:d5:
e2:ca:87:19:b1:06:2a:76:f3:82:14:67:08:14:b9:
f3:2b:a3:e9:d6:34:97:e5:d6:ad:b3:70:1f:a8:57:
c4:6a:76:66:47:1e:5f:16:2e:ab:9b:34:70:b6:10:
21:8a:e0:63:b7:f2:73:5e:ae:b1:22:e4:7d:33:44:
0a:05:d6:43:1c:3c:99:97:c9:d3:b9:ec:bb:2f:ab:
6e:eb:03:4f:4b:f2:9a:15:32:45:ea:d8:a6:5f:08:
cb:9a:db:08:52:af:1b:f4:b5:de:75:43:c6:7d:be:
f0:7a:77:61:71:55:71:06:c2:55:b7:20:99:46:02:
80:f8:d5:41:a0:06:0e:67:7f:f1:fc:1f:8f:9f:c7:
85:a0:82:b0:08:a1:19:2c:e4:f4:35:e6:92:c1:7f:
f8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A1:AE:58:B6:C3:C5:87:9F:BE:0D:D3:78:64:C1:9A:D0:8D:50:45
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hqGuWLbDxYefvg3TeGTBmtCNUEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/24
163.5.153.0-163.5.154.255
163.5.177.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:f6:8d:bb:de:4d:d7:73:97:29:de:24:22:03:70:6c:dd:e3:
4e:46:d2:6a:97:ed:80:a3:2c:55:cd:3f:87:5d:03:4a:7e:61:
0d:81:b3:11:b0:d0:45:2a:1b:5c:a9:7a:6c:1a:45:2c:ad:e3:
56:c9:99:a8:c7:a4:3c:24:94:e0:61:01:3f:ac:97:35:5e:fc:
8e:e7:45:42:3b:9e:c8:5b:a0:42:b4:b0:bb:4c:71:57:a9:91:
32:67:be:ee:61:52:7b:3d:d0:e8:43:d9:65:4b:2a:ab:9e:d6:
54:10:0a:f8:37:ee:7b:d2:62:7e:3a:cc:81:90:a4:f8:b7:02:
31:f0:31:66:8e:a4:33:9f:91:7f:4e:73:71:27:20:03:c5:19:
55:64:52:e9:34:86:66:58:c9:a5:c2:04:26:25:df:b9:f9:bf:
e8:08:3f:e9:79:31:51:14:06:a8:a7:aa:4a:f9:e7:b3:4f:66:
b8:ed:ba:6e:bf:35:44:b6:d9:17:4e:41:76:18:2f:2d:08:e2:
bd:58:43:1d:11:69:3b:76:d1:a7:02:64:12:86:a3:fa:ea:8f:
67:5e:6a:eb:fb:79:a2:87:c4:ef:d5:ad:37:95:2f:0e:2a:15:
fd:f3:54:a9:44:89:e9:f0:ed:d6:33:97:39:53:0d:cb:4e:67:
70:e7:40:db
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZiitKc7+FuuptxAC4sMN+n4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODEzMDkxMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmExYWU1OGI2YzNjNTg3OWZiZTBkZDM3ODY0YzE5YWQwOGQ1MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OP5lLXgKOpu9NkyioaUySVE+Mjw
+GfTjFWYgc4BIcBvd/F/p/gvNJi3fCS7WbmSeeNnKT3l4XMhC2INXb3FIPyPQ9ik
vZe29wCYTyJlZ2bMktsGvLJMB9DPgisaZGt8czEd1K9LUdXiyocZsQYqdvOCFGcI
FLnzK6Pp1jSX5dats3AfqFfEanZmRx5fFi6rmzRwthAhiuBjt/JzXq6xIuR9M0QK
BdZDHDyZl8nTuey7L6tu6wNPS/KaFTJF6timXwjLmtsIUq8b9LXedUPGfb7wendh
cVVxBsJVtyCZRgKA+NVBoAYOZ3/x/B+Pn8eFoIKwCKEZLOT0NeaSwX/4iwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIahrli2w8WHn74N03hkwZrQjVBFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaHFHdVdMYkR4WWVmdmczVGVHVEJtdENOVUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowV2MAwD
BACjBZkDBACjBZoDBACjBbEDBACjBfwwDQYJKoZIhvcNAQELBQADggEBABv2jbve
TddzlyneJCIDcGzd405G0mqX7YCjLFXNP4ddA0p+YQ2BsxGw0EUqG1ypemwaRSyt
41bJmajHpDwklOBhAT+slzVe/I7nRUI7nshboEK0sLtMcVepkTJnvu5hUns90OhD
2WVLKque1lQQCvg37nvSYn46zIGQpPi3AjHwMWaOpDOfkX9Oc3EnIAPFGVVkUuk0
hmZYyaXCBCYl37n5v+gIP+l5MVEUBqinqkr557NPZrjtum6/NUS22RdOQXYYLy0I
4r1YQx0RaTt20acCZBKGo/rqj2deauv7eaKHxO/VrTeVLw4qFf3zVKlEienw7dYz
lzlTDctOZ3DnQNs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:04:14 2025 by rpki-client