Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xkGdyd8Ez6v3RnxLyy9cymjTQ4U.roa
File: xkGdyd8Ez6v3RnxLyy9cymjTQ4U.roa (raw, json)
Hash identifier: 7GxxOVTTvw+ayboKWgxwfiJAashD0V2gCzeXUoOBgVs=
Subject key identifier: C6:41:9D:C9:DF:04:CF:AB:F7:46:7C:4B:CB:2F:5C:CA:68:D3:43:85
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0199CEE638B198E78CCD8395EC08DF2B62E8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xkGdyd8Ez6v3RnxLyy9cymjTQ4U.roa
Signing time: Fri 10 Oct 2025 16:13:38 +0000
ROA not before: Fri 10 Oct 2025 16:13:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:e6:38:b1:98:e7:8c:cd:83:95:ec:08:df:2b:62:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 10 16:13:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6419dc9df04cfabf7467c4bcb2f5cca68d34385
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b0:5f:f9:ed:c5:ff:5c:e7:b5:03:54:9c:a8:
3b:6a:ac:71:89:38:56:20:d7:84:3f:e9:0d:97:5d:
fc:b7:ba:b7:68:26:43:4b:aa:72:cb:a7:3f:b1:69:
72:85:24:db:99:32:b6:a6:27:6a:37:d9:b2:cf:4c:
dc:b1:4d:16:d4:f8:8c:6d:64:57:87:66:12:b6:2f:
3e:79:58:de:b8:b8:8e:cc:2d:1d:ea:48:4d:a2:4e:
75:9f:83:7a:33:79:c0:de:eb:1b:a5:8b:42:b9:9e:
c0:38:d1:89:e8:3c:88:16:7b:e4:95:8a:82:32:3f:
f5:f6:88:8c:6d:e5:9d:06:d8:fd:dd:fc:26:af:7a:
4d:c2:49:65:46:bf:bc:1b:a1:0b:e1:67:36:3a:d2:
51:6e:40:42:73:00:2a:0b:3f:bb:35:6c:25:00:e5:
90:7c:e9:cd:ae:1c:13:64:9a:6c:e2:e9:93:25:07:
0b:18:c4:84:a0:37:07:e9:30:f7:7b:2f:43:bb:f9:
42:15:56:9d:55:f7:61:14:5a:04:4e:45:ab:2a:43:
17:69:82:86:82:7c:4b:04:5e:6d:0a:c1:f4:5c:be:
48:60:05:0f:0d:2f:eb:d9:0d:52:4b:cd:bc:74:d2:
14:c8:83:84:00:a4:d3:15:98:4f:52:c3:ac:c4:de:
62:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:41:9D:C9:DF:04:CF:AB:F7:46:7C:4B:CB:2F:5C:CA:68:D3:43:85
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xkGdyd8Ez6v3RnxLyy9cymjTQ4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.39.0/24
163.5.60.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0-163.5.102.255
163.5.108.0/24
163.5.114.0/24
163.5.116.0/23
163.5.130.0/24
163.5.147.0/24
163.5.174.0/24
163.5.189.0/24
163.5.192.0/24
163.5.225.0-163.5.228.255
163.5.240.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:dd:d2:24:54:74:9e:7d:e3:2a:c9:50:f0:b9:1c:3c:62:80:
18:de:a7:33:8c:19:6e:45:51:4f:b2:19:45:d8:ba:08:60:72:
cc:71:32:fe:24:83:d5:67:eb:df:00:03:af:ff:04:ca:37:2b:
9c:19:44:f7:40:8d:6c:dc:c2:cd:39:c3:34:b3:3f:5f:48:60:
78:8d:3f:61:de:11:7c:6b:66:ff:4f:59:e5:0e:c1:f5:c4:ed:
b8:e0:a5:e7:d5:cc:a3:7d:da:e2:ff:d7:32:54:5c:d6:1d:4a:
a4:dd:36:53:49:20:e6:a8:62:49:13:41:b8:cc:a4:f1:f9:2a:
e2:4c:e1:67:21:85:89:d5:b1:08:b2:80:a9:f9:82:af:8c:fc:
1d:32:c5:4e:e9:3e:a1:ae:a0:2e:16:13:63:29:5f:f6:b2:ea:
d7:7c:eb:dd:fe:7b:f9:31:95:51:16:50:46:b0:73:14:71:00:
23:7f:92:14:9c:38:f9:62:b9:f5:e2:44:7e:50:b1:4f:13:09:
b2:f5:05:ec:7f:aa:cb:0e:43:64:98:e4:10:d9:5a:77:7d:27:
fb:ff:0d:dc:b1:5d:0e:90:24:1a:54:b3:84:50:f8:c7:f2:0f:
5e:c6:09:24:02:71:f3:da:b6:f2:f5:4e:73:20:d5:1f:e7:48:
70:db:d3:d1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZnO5jixmOeMzYOV7AjfK2LoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUxMDEwMTYxMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQxOWRjOWRmMDRjZmFiZjc0NjdjNGJjYjJmNWNjYTY4ZDM0Mzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrBf+e3F/1zntQNUnKg7aqxxiThW
INeEP+kNl138t7q3aCZDS6pyy6c/sWlyhSTbmTK2pidqN9myz0zcsU0W1PiMbWRX
h2YSti8+eVjeuLiOzC0d6khNok51n4N6M3nA3usbpYtCuZ7AONGJ6DyIFnvklYqC
Mj/19oiMbeWdBtj93fwmr3pNwkllRr+8G6EL4Wc2OtJRbkBCcwAqCz+7NWwlAOWQ
fOnNrhwTZJps4umTJQcLGMSEoDcH6TD3ey9Du/lCFVadVfdhFFoETkWrKkMXaYKG
gnxLBF5tCsH0XL5IYAUPDS/r2Q1SS828dNIUyIOEAKTTFZhPUsOsxN5i9wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFMZBncnfBM+r90Z8S8svXMpo00OFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveGtHZHlkOEV6NnYzUm54THl5OWN5bWpUUTRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAKMF
IgMEAKMFJwMEAKMFPAMEAKMFWAMEAKMFWgMEAKMFXTAMAwQCowVkAwQAowVmAwQA
owVsAwQAowVyAwQBowV0AwQAowWCAwQAowWTAwQAowWuAwQAowW9AwQAowXAMAwD
BACjBeEDBACjBeQDBACjBfADBACjBfMwDQYJKoZIhvcNAQELBQADggEBAC7d0iRU
dJ594yrJUPC5HDxigBjepzOMGW5FUU+yGUXYughgcsxxMv4kg9Vn698AA6//BMo3
K5wZRPdAjWzcws05wzSzP19IYHiNP2HeEXxrZv9PWeUOwfXE7bjgpefVzKN92uL/
1zJUXNYdSqTdNlNJIOaoYkkTQbjMpPH5KuJM4WchhYnVsQiygKn5gq+M/B0yxU7p
PqGuoC4WE2MpX/ay6td8693+e/kxlVEWUEawcxRxACN/khScOPliufXiRH5QsU8T
CbL1Bex/qssOQ2SY5BDZWnd9J/v/DdyxXQ6QJBpUs4RQ+MfyD17GCSQCcfPatvL1
TnMg1R/nSHDb09E=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:01 2025 by rpki-client