Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oVt6oqDgAFgKF7yPhucU9XxvOHk.roa
File: oVt6oqDgAFgKF7yPhucU9XxvOHk.roa (raw, json)
Hash identifier: lXQ5BxdSVt+iHhhhCPbpg5Y0o+vhtmTYiWYVvQofVMk=
Subject key identifier: A1:5B:7A:A2:A0:E0:00:58:0A:17:BC:8F:86:E7:14:F5:7C:6F:38:79
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198D26979EB92033B3AACFCA0A30C07F281
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oVt6oqDgAFgKF7yPhucU9XxvOHk.roa
Signing time: Fri 22 Aug 2025 15:33:04 +0000
ROA not before: Fri 22 Aug 2025 15:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:69:79:eb:92:03:3b:3a:ac:fc:a0:a3:0c:07:f2:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 22 15:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a15b7aa2a0e000580a17bc8f86e714f57c6f3879
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6c:23:ae:a7:f9:20:9e:33:89:34:84:f6:d5:
a3:ef:92:5f:a6:31:67:fe:db:9d:ba:bd:00:d3:2a:
f0:13:8a:a4:b7:40:7c:71:33:9f:50:23:0d:21:2d:
e1:94:c6:83:70:0c:3e:11:e4:5d:1c:90:b9:73:8c:
a7:6f:f5:1f:8f:85:15:63:9f:3b:7a:0b:c7:91:67:
7a:2f:1b:aa:e7:f8:7e:c3:58:2a:f6:c5:8a:b2:e3:
57:c9:15:e1:36:ca:34:7f:22:61:b9:f5:81:9d:6e:
2e:95:29:a5:8e:ea:41:40:dc:44:30:4e:fc:6f:7a:
96:fe:46:bb:1f:19:20:93:13:80:1f:8b:e8:df:90:
fb:84:c0:99:ec:76:b0:20:4c:43:1a:a3:cc:ba:c2:
07:ad:e9:72:59:23:30:5b:55:40:7c:dc:e6:65:ab:
66:69:76:55:75:9a:50:4d:0f:84:8f:e8:8c:2e:38:
6d:16:79:84:8b:ca:93:26:79:4c:58:3f:4e:69:05:
8d:f2:75:52:a0:3d:e3:1b:99:40:41:43:a0:0f:59:
bb:66:00:f6:53:f9:c0:ca:ad:e3:85:ea:18:6f:cb:
b7:e1:51:84:f9:84:94:bf:7f:2e:23:6f:db:16:6a:
f6:a1:06:a9:3a:dc:13:8f:01:75:a6:1f:62:6b:cd:
d8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:5B:7A:A2:A0:E0:00:58:0A:17:BC:8F:86:E7:14:F5:7C:6F:38:79
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/oVt6oqDgAFgKF7yPhucU9XxvOHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.38.0/24
163.5.59.0/24
163.5.89.0/24
163.5.104.0/24
163.5.112.0/24
163.5.119.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.178.0/23
163.5.182.0/24
163.5.189.0/24
163.5.201.0/24
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:47:e7:d2:7b:d1:d7:f8:c3:0f:b1:a2:15:54:f0:7f:a3:47:
84:ab:34:cf:58:79:37:7b:ee:cc:c4:2e:26:4a:58:1d:1f:20:
51:04:0b:76:64:2c:f0:2c:e4:f4:e4:b4:53:53:1f:e1:21:d0:
3b:cc:7b:b4:7c:1e:77:97:42:3d:71:15:6e:b1:b4:87:1d:d9:
4a:a6:e8:97:7f:3b:52:28:e2:a6:68:03:3c:d6:4b:2b:59:40:
17:0d:15:f6:3b:10:af:39:e6:78:47:27:a7:1c:c7:9a:8f:aa:
3a:da:5a:30:a1:24:e2:57:9f:1f:97:47:74:b1:93:9b:e3:c9:
93:05:ed:8b:31:fd:d7:4d:54:9c:6b:84:4b:36:7c:75:0c:95:
f7:94:e7:73:86:58:0b:3f:5e:76:c0:0a:82:4e:9a:0a:17:22:
65:10:6b:cb:07:cf:93:db:a4:b9:69:0d:c1:a4:11:d9:38:f7:
ce:29:46:24:59:a7:49:ab:91:9b:f7:6b:4a:ef:cc:a0:8f:a5:
c4:a3:25:44:d5:78:ca:9a:df:c3:4c:95:35:61:ef:8a:8c:e8:
89:50:e0:a1:ff:41:7a:96:6f:ef:be:98:87:62:fd:51:fd:b2:
4f:92:f5:c0:95:d6:53:16:04:a7:6d:31:4f:c2:cf:41:33:60:
5c:92:5d:15
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZjSaXnrkgM7Oqz8oKMMB/KBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODIyMTUzMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTViN2FhMmEwZTAwMDU4MGExN2JjOGY4NmU3MTRmNTdjNmYzODc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxWwjrqf5IJ4ziTSE9tWj75JfpjFn
/tudur0A0yrwE4qkt0B8cTOfUCMNIS3hlMaDcAw+EeRdHJC5c4ynb/Ufj4UVY587
egvHkWd6Lxuq5/h+w1gq9sWKsuNXyRXhNso0fyJhufWBnW4ulSmljupBQNxEME78
b3qW/ka7HxkgkxOAH4vo35D7hMCZ7HawIExDGqPMusIHrelyWSMwW1VAfNzmZatm
aXZVdZpQTQ+Ej+iMLjhtFnmEi8qTJnlMWD9OaQWN8nVSoD3jG5lAQUOgD1m7ZgD2
U/nAyq3jheoYb8u34VGE+YSUv38uI2/bFmr2oQapOtwTjwF1ph9ia83YEQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFKFbeqKg4ABYChe8j4bnFPV8bzh5MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb1Z0Nm9xRGdBRmdLRjd5UGh1Y1U5WHh2T0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBACj
BR4DBACjBSYDBACjBTsDBACjBVkDBACjBWgDBACjBXADBACjBXcDBACjBXkDBAGj
BYADBACjBYsDBACjBY8DBACjBZIDBACjBZcDBACjBZ0DBACjBaADBACjBaIDBACj
BacDBAGjBbIDBACjBbYDBACjBb0DBACjBckwDAMEAKMFywMEAaMFzAMEAKMF2gME
AKMF4AMEAKMF5AMEAKMF6QMEAKMF7QMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEA
Ckfn0nvR1/jDD7GiFVTwf6NHhKs0z1h5N3vuzMQuJkpYHR8gUQQLdmQs8Czk9OS0
U1Mf4SHQO8x7tHwed5dCPXEVbrG0hx3ZSqbol387UijipmgDPNZLK1lAFw0V9jsQ
rznmeEcnpxzHmo+qOtpaMKEk4lefH5dHdLGTm+PJkwXtizH9101UnGuESzZ8dQyV
95Tnc4ZYCz9edsAKgk6aChciZRBrywfPk9ukuWkNwaQR2Tj3zilGJFmnSauRm/dr
Su/MoI+lxKMlRNV4yprfw0yVNWHviozoiVDgof9BepZv776Yh2L9Uf2yT5L1wJXW
UxYEp20xT8LPQTNgXJJdFQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:23:25 2025 by rpki-client