
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP7S0aSp_E3ihsp0zmSHqDFHAxI.roa
File: mP7S0aSp_E3ihsp0zmSHqDFHAxI.roa (raw, json)
Hash identifier: o851D4pebkhzbgUVFVa/D6YJ+kggtvO3lFuv/bmtgOw=
Subject key identifier: 98:FE:D2:D1:A4:A9:FC:4D:E2:86:CA:74:CE:64:87:A8:31:47:03:12
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0199486D37FEF99C7F46ECEBAEC5F8D1C47F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP7S0aSp_E3ihsp0zmSHqDFHAxI.roa
Signing time: Sun 14 Sep 2025 13:32:21 +0000
ROA not before: Sun 14 Sep 2025 13:32:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:55:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:48:6d:37:fe:f9:9c:7f:46:ec:eb:ae:c5:f8:d1:c4:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 14 13:32:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98fed2d1a4a9fc4de286ca74ce6487a831470312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0f:d2:2c:6f:f3:85:0d:50:25:ef:82:68:eb:
c8:37:1a:7c:c1:8c:dd:57:34:8c:e6:8e:f1:30:f6:
39:01:4b:61:8d:c3:9c:c4:8e:5d:33:0f:42:32:58:
ad:4f:ab:8b:cf:59:39:a2:fe:09:be:d3:b4:ea:f0:
1a:ca:10:ec:7f:00:39:42:5b:89:2e:e3:fb:0e:56:
50:40:c5:61:5c:b3:b7:5d:7f:6f:66:26:8d:9b:31:
b7:b8:49:2f:d2:46:34:86:7b:41:9c:c9:07:8e:02:
73:30:d6:43:77:32:2a:ec:fc:23:a1:6a:92:96:b5:
17:9b:04:f0:27:0b:89:72:94:a0:b8:fd:cb:05:4f:
f5:87:c8:df:08:83:de:fd:58:40:cd:94:36:ef:e7:
19:74:be:6a:fa:99:72:33:2c:74:64:28:a4:03:eb:
ae:da:23:6c:6f:00:cd:2a:25:fd:89:cb:df:42:9a:
86:8d:92:32:45:05:77:88:e3:91:06:29:32:ff:c2:
ba:f6:51:cf:2f:5a:4c:b4:f7:1d:eb:14:0d:77:77:
02:7c:35:df:0d:06:8e:1c:cb:28:dd:87:a8:a0:db:
6a:8c:4c:98:f3:82:36:89:39:0c:b3:79:18:f5:7a:
c5:26:09:cb:87:1c:e6:ad:54:5c:e6:27:15:a5:c1:
c5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FE:D2:D1:A4:A9:FC:4D:E2:86:CA:74:CE:64:87:A8:31:47:03:12
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/mP7S0aSp_E3ihsp0zmSHqDFHAxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.134.0/24
163.5.173.0/24
163.5.231.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:00:aa:43:71:82:73:4d:a6:2f:be:89:95:e8:9d:ba:43:40:
b2:63:da:54:4f:d5:f5:9a:f8:3c:e5:c3:28:50:73:8a:5c:f1:
a6:26:83:c8:7f:ee:cc:2e:cb:41:9e:60:1a:3c:8a:16:51:c7:
f8:34:eb:df:f1:1d:80:b7:54:ff:c9:96:b9:34:73:2b:41:4f:
a0:b9:5e:45:df:b3:78:e1:04:d3:7b:0b:f4:1b:8f:5b:52:19:
55:86:d8:bd:f4:1d:be:50:2e:ec:0d:2d:70:eb:39:12:00:c8:
5d:e2:5c:8f:24:65:44:ba:54:3d:25:61:1d:59:02:23:4a:e5:
73:6f:9a:33:f0:39:f8:62:fa:63:1b:da:41:c9:9e:4f:1f:20:
f1:c2:85:97:bd:4c:2c:53:73:14:21:09:ad:4e:47:ff:f8:4e:
01:24:03:90:a4:02:43:18:a5:03:da:71:ce:d8:d4:19:29:54:
41:dc:50:74:6f:74:a2:bb:bb:49:06:ef:23:65:11:bc:a8:71:
42:c2:4f:a4:c8:6a:b0:5f:51:62:49:5f:ec:1b:fd:54:3a:81:
50:1e:0a:4e:3e:f8:52:dd:56:e4:c2:b1:18:7e:6e:a2:15:9a:
6d:d8:1b:3a:67:2e:78:28:ab:03:a3:00:38:e7:7a:00:ee:1c:
92:72:c2:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlIbTf++Zx/RuzrrsX40cR/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwOTE0MTMzMjIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZlZDJkMWE0YTlmYzRkZTI4NmNhNzRjZTY0ODdhODMxNDcwMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQ/SLG/zhQ1QJe+CaOvINxp8wYzd
VzSM5o7xMPY5AUthjcOcxI5dMw9CMlitT6uLz1k5ov4JvtO06vAayhDsfwA5QluJ
LuP7DlZQQMVhXLO3XX9vZiaNmzG3uEkv0kY0hntBnMkHjgJzMNZDdzIq7PwjoWqS
lrUXmwTwJwuJcpSguP3LBU/1h8jfCIPe/VhAzZQ27+cZdL5q+plyMyx0ZCikA+uu
2iNsbwDNKiX9icvfQpqGjZIyRQV3iOORBiky/8K69lHPL1pMtPcd6xQNd3cCfDXf
DQaOHMso3YeooNtqjEyY84I2iTkMs3kY9XrFJgnLhxzmrVRc5icVpcHFqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJj+0tGkqfxN4obKdM5kh6gxRwMSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbVA3UzBhU3BfRTNpaHNwMHptU0hxREZIQXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUzAwQA
owWGAwQAowWtAwQAowXnMA0GCSqGSIb3DQEBCwUAA4IBAQCrAKpDcYJzTaYvvomV
6J26Q0CyY9pUT9X1mvg85cMoUHOKXPGmJoPIf+7MLstBnmAaPIoWUcf4NOvf8R2A
t1T/yZa5NHMrQU+guV5F37N44QTTewv0G49bUhlVhti99B2+UC7sDS1w6zkSAMhd
4lyPJGVEulQ9JWEdWQIjSuVzb5oz8Dn4YvpjG9pByZ5PHyDxwoWXvUwsU3MUIQmt
Tkf/+E4BJAOQpAJDGKUD2nHO2NQZKVRB3FB0b3Siu7tJBu8jZRG8qHFCwk+kyGqw
X1FiSV/sG/1UOoFQHgpOPvhS3VbkwrEYfm6iFZpt2Bs6Zy54KKsDowA453oA7hyS
csIo
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:50:51 2025 by rpki-client