Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j9o6CVHElzlKc5XkHwhX69JKBk8.roa
File: j9o6CVHElzlKc5XkHwhX69JKBk8.roa (raw, json)
Hash identifier: FJzmMzdzuuCc5ZNTN7xJc1azokXlaZTD3SZKU2DIQCA=
Subject key identifier: 8F:DA:3A:09:51:C4:97:39:4A:73:95:E4:1F:08:57:EB:D2:4A:06:4F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0197B770F5258F6CE3B6BD3124572F400C39
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j9o6CVHElzlKc5XkHwhX69JKBk8.roa
Signing time: Sat 28 Jun 2025 16:48:42 +0000
ROA not before: Sat 28 Jun 2025 16:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:70:f5:25:8f:6c:e3:b6:bd:31:24:57:2f:40:0c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 28 16:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fda3a0951c497394a7395e41f0857ebd24a064f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:58:f2:0a:29:69:08:21:0e:2a:98:8d:4d:c9:
3e:0a:00:31:37:10:d2:50:cd:88:28:09:d5:d5:63:
c2:37:b6:1b:85:81:4a:44:15:9c:30:59:0e:20:a5:
ac:16:bc:39:68:7a:0b:02:50:83:fc:46:5b:79:b0:
81:ce:15:42:29:97:3c:01:ab:00:95:03:67:c1:a6:
8e:20:5d:15:3b:ee:84:ef:06:9c:ac:28:1a:72:f5:
e3:3e:63:db:8c:36:87:e7:77:5b:74:4a:b0:aa:8c:
15:59:27:a7:f8:20:87:df:a8:23:33:17:03:9e:3d:
b8:9a:ea:0b:20:5f:cc:9e:ef:32:1b:58:c3:91:86:
58:b4:ca:7f:74:5f:82:c3:2e:1e:e6:2c:ca:67:0d:
c8:fc:22:aa:27:fb:d6:f6:34:c3:32:eb:c2:76:30:
f8:7a:5f:46:7b:76:3d:7e:81:19:b0:b2:97:19:16:
a7:06:16:88:71:8a:7d:ab:2d:94:5a:56:f8:cf:dc:
48:7d:a3:f3:d7:05:6b:74:ff:b2:78:fa:11:f6:7c:
75:ab:8a:88:13:fc:f5:df:55:03:ab:1a:d7:2d:af:
dc:c3:10:cd:6e:50:6b:dd:71:b4:95:70:a4:b8:85:
17:3e:7e:95:e5:13:4c:e4:68:d8:3d:fb:55:18:67:
7c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DA:3A:09:51:C4:97:39:4A:73:95:E4:1F:08:57:EB:D2:4A:06:4F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j9o6CVHElzlKc5XkHwhX69JKBk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.59.0/24
163.5.89.0/24
163.5.112.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.201.0/24
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
86:7d:63:9a:7f:1c:32:71:db:67:5c:4f:f5:b2:84:64:5e:80:
0b:4a:b2:d8:de:c8:db:7e:08:fa:f4:c0:96:e8:c2:fe:24:dd:
a7:da:4c:b1:f3:2b:c4:8a:72:c4:3d:90:73:d2:59:ba:58:be:
de:27:70:49:78:e0:66:77:6e:a0:31:31:cb:53:e4:bc:b1:28:
89:b4:49:35:36:9d:d7:5c:c6:5f:f0:78:d7:f1:82:84:fc:24:
51:ba:09:31:25:a3:6e:90:08:ff:83:e0:07:8e:a1:e8:2b:16:
18:06:44:f4:e4:83:00:41:c8:4c:a0:fc:de:6a:4a:a4:cc:c4:
94:36:b5:a3:65:9b:14:7e:d4:11:28:1f:a3:96:34:a4:e7:cc:
02:37:10:59:06:e0:02:3d:03:5b:ea:5b:91:a1:29:8c:99:99:
68:32:ae:f4:fd:5b:31:e9:72:ac:4a:43:41:7b:87:59:f4:7d:
fe:78:b1:bd:00:b3:da:e8:59:8a:24:5f:db:31:c7:2c:c4:ab:
1c:a6:a7:20:35:bb:58:83:e2:04:1e:a9:59:c5:25:bb:45:bb:
82:e0:6a:95:da:8c:f1:5f:31:c3:14:7b:3c:cb:aa:13:80:4a:
96:f1:00:aa:be:26:49:9a:f5:c0:41:01:c6:e2:9f:0b:8a:11:
f1:ff:e2:30
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZe3cPUlj2zjtr0xJFcvQAw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjI4MTY0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmRhM2EwOTUxYzQ5NzM5NGE3Mzk1ZTQxZjA4NTdlYmQyNGEwNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnljyCilpCCEOKpiNTck+CgAxNxDS
UM2IKAnV1WPCN7YbhYFKRBWcMFkOIKWsFrw5aHoLAlCD/EZbebCBzhVCKZc8AasA
lQNnwaaOIF0VO+6E7wacrCgacvXjPmPbjDaH53dbdEqwqowVWSen+CCH36gjMxcD
nj24muoLIF/Mnu8yG1jDkYZYtMp/dF+Cwy4e5izKZw3I/CKqJ/vW9jTDMuvCdjD4
el9Ge3Y9foEZsLKXGRanBhaIcYp9qy2UWlb4z9xIfaPz1wVrdP+yePoR9nx1q4qI
E/z131UDqxrXLa/cwxDNblBr3XG0lXCkuIUXPn6V5RNM5GjYPftVGGd8QwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFI/aOglRxJc5SnOV5B8IV+vSSgZPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvajlvNkNWSEVsemxLYzVYa0h3aFg2OUpLQms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBACj
BR4DBACjBTsDBACjBVkDBACjBXADBACjBXkDBAGjBYADBACjBYsDBACjBY8DBACj
BZIDBACjBZcDBACjBaADBACjBaIDBACjBacDBACjBbIDBACjBbYDBACjBboDBACj
Bb0DBACjBckwDAMEAKMFywMEAKMFzgMEAKMF0QMEAKMF2gMEAKMF3QMEAKMF4AME
AKMF5AMEAKMF6QMEAKMF7QMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEAhn1jmn8c
MnHbZ1xP9bKEZF6AC0qy2N7I234I+vTAlujC/iTdp9pMsfMrxIpyxD2Qc9JZuli+
3idwSXjgZnduoDExy1PkvLEoibRJNTad11zGX/B41/GChPwkUboJMSWjbpAI/4Pg
B46h6CsWGAZE9OSDAEHITKD83mpKpMzElDa1o2WbFH7UESgfo5Y0pOfMAjcQWQbg
Aj0DW+pbkaEpjJmZaDKu9P1bMelyrEpDQXuHWfR9/nixvQCz2uhZiiRf2zHHLMSr
HKanIDW7WIPiBB6pWcUlu0W7guBqldqM8V8xwxR7PMuqE4BKlvEAqr4mSZr1wEEB
xuKfC4oR8f/iMA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:49:46 2025 by rpki-client