Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dqTe5pjyUF-qEHmQ_4bj0Up4HCg.roa
File: dqTe5pjyUF-qEHmQ_4bj0Up4HCg.roa (raw, json)
Hash identifier: eWEyQOAmxY5ChEtXYNHj4CLvxmV/6G1byrsl6iS4Fro=
Subject key identifier: 76:A4:DE:E6:98:F2:50:5F:AA:10:79:90:FF:86:E3:D1:4A:78:1C:28
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01978DFC7C5E69D16ECFD1DD5323190EED53
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dqTe5pjyUF-qEHmQ_4bj0Up4HCg.roa
Signing time: Fri 20 Jun 2025 15:37:03 +0000
ROA not before: Fri 20 Jun 2025 15:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 163.5.28.0/24 maxlen: 24
163.5.136.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:fc:7c:5e:69:d1:6e:cf:d1:dd:53:23:19:0e:ed:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 20 15:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76a4dee698f2505faa107990ff86e3d14a781c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1f:3a:78:dc:fc:a1:73:55:29:c5:24:4a:db:
fb:31:f4:67:99:20:19:b8:b9:b2:c7:8f:11:12:33:
19:29:a6:f4:56:45:ae:43:b8:d4:95:c5:f2:59:af:
62:c5:28:e5:ee:9e:80:f0:5a:89:b4:50:1b:d6:0e:
13:dd:64:6b:a1:12:66:1d:bc:35:5d:18:a0:75:ea:
ce:15:d7:79:e5:eb:31:8d:ff:04:0c:ee:0a:13:e8:
ee:4a:6d:c3:00:8f:a4:4b:bf:8f:d2:ad:9c:a8:88:
92:3f:9f:2c:37:5f:4e:17:b0:2c:77:45:82:1b:b8:
be:be:c0:86:9a:b3:be:27:b8:1e:e5:c7:b2:46:d5:
b8:d6:57:60:0c:7f:de:25:a0:5a:30:c3:bc:6b:55:
16:9c:cb:9a:0c:0f:a8:b8:b3:88:10:4a:1b:3c:9d:
a6:c9:8e:88:10:cb:7f:73:1b:61:34:44:24:af:1d:
3c:97:72:4d:00:ad:e6:7d:41:32:9b:03:f0:2f:c7:
1f:2a:38:b6:7d:03:e6:88:4e:27:d2:ee:af:73:ab:
ee:47:ff:90:64:ac:1e:b7:12:e3:9e:17:1a:63:c5:
cb:c7:d2:aa:06:a9:18:45:ab:24:ff:47:42:93:84:
6e:20:76:e0:52:79:e5:74:27:a0:30:42:a8:b1:a1:
19:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:A4:DE:E6:98:F2:50:5F:AA:10:79:90:FF:86:E3:D1:4A:78:1C:28
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dqTe5pjyUF-qEHmQ_4bj0Up4HCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.28.0/24
163.5.136.0/24
163.5.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:8a:80:b7:3a:aa:eb:17:49:16:e3:b1:c2:48:01:76:4f:ec:
7e:0e:0e:9e:56:c9:c4:e8:ff:5c:ca:2e:9f:e0:6c:4a:4b:97:
18:09:10:ec:e7:04:97:1e:f5:6a:9d:13:3d:9f:91:8b:d5:1e:
83:3f:24:ed:a0:50:e6:53:f4:38:3a:5a:0a:40:ca:5c:38:e6:
a7:f7:4a:d2:fb:a9:ef:b0:48:11:27:c5:c0:86:3d:0e:1d:04:
d8:8a:1e:dd:ef:38:df:c1:44:6c:07:ae:db:2e:07:39:0f:5b:
12:49:6f:a6:a3:56:48:46:6b:bd:b2:35:56:95:31:08:25:5c:
11:75:9c:6d:f1:6c:40:43:34:67:48:05:b6:bc:2b:b0:e2:48:
7d:0f:fc:32:a4:b3:31:3a:be:59:1f:fd:aa:94:57:8f:79:cc:
78:31:f7:39:4f:cb:50:35:f6:84:df:09:ee:9f:6c:5c:6d:e1:
6d:65:d1:bd:a7:1d:d4:a5:c9:1c:33:58:d8:4a:37:ce:b6:51:
c9:08:bb:a1:e9:2c:87:5b:18:cf:c8:03:c3:c9:c6:30:2a:97:
91:08:32:cd:66:4d:9e:8b:e7:20:9f:ff:0b:b3:fc:ef:f4:88:
17:cd:ed:59:93:c5:68:ab:f3:be:99:32:6a:d8:1b:06:cc:4b:
27:67:2e:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeN/HxeadFuz9HdUyMZDu1TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNjIwMTUzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmE0ZGVlNjk4ZjI1MDVmYWExMDc5OTBmZjg2ZTNkMTRhNzgxYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB86eNz8oXNVKcUkStv7MfRnmSAZ
uLmyx48REjMZKab0VkWuQ7jUlcXyWa9ixSjl7p6A8FqJtFAb1g4T3WRroRJmHbw1
XRigderOFdd55esxjf8EDO4KE+juSm3DAI+kS7+P0q2cqIiSP58sN19OF7Asd0WC
G7i+vsCGmrO+J7ge5ceyRtW41ldgDH/eJaBaMMO8a1UWnMuaDA+ouLOIEEobPJ2m
yY6IEMt/cxthNEQkrx08l3JNAK3mfUEymwPwL8cfKji2fQPmiE4n0u6vc6vuR/+Q
ZKwetxLjnhcaY8XLx9KqBqkYRask/0dCk4RuIHbgUnnldCegMEKosaEZWQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHak3uaY8lBfqhB5kP+G49FKeBwoMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZHFUZTVwanlVRi1xRUhtUV80YmowVXA0SENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowUcAwQA
owWIAwQAowXfMA0GCSqGSIb3DQEBCwUAA4IBAQAvioC3OqrrF0kW47HCSAF2T+x+
Dg6eVsnE6P9cyi6f4GxKS5cYCRDs5wSXHvVqnRM9n5GL1R6DPyTtoFDmU/Q4OloK
QMpcOOan90rS+6nvsEgRJ8XAhj0OHQTYih7d7zjfwURsB67bLgc5D1sSSW+mo1ZI
Rmu9sjVWlTEIJVwRdZxt8WxAQzRnSAW2vCuw4kh9D/wypLMxOr5ZH/2qlFePecx4
Mfc5T8tQNfaE3wnun2xcbeFtZdG9px3UpckcM1jYSjfOtlHJCLuh6SyHWxjPyAPD
ycYwKpeRCDLNZk2ei+cgn/8Ls/zv9IgXze1Zk8Voq/O+mTJq2BsGzEsnZy6j
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:25:30 2025 by rpki-client