Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4H12RhXsdFlFirmu8QPexbAspOE.roa
File: 4H12RhXsdFlFirmu8QPexbAspOE.roa (raw, json)
Hash identifier: HaIhCykrh7PotXnnf1uy/nyth6cAyNGDGzVh0s4iNTU=
Subject key identifier: E0:7D:76:46:15:EC:74:59:45:8A:B9:AE:F1:03:DE:C5:B0:2C:A4:E1
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0197C74C685841F3200BD16A4C4EAB50D082
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4H12RhXsdFlFirmu8QPexbAspOE.roa
Signing time: Tue 01 Jul 2025 18:42:42 +0000
ROA not before: Tue 01 Jul 2025 18:42:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 142111
IP address blocks: 163.5.53.0/24 maxlen: 24
163.5.79.0/24 maxlen: 24
163.5.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:4c:68:58:41:f3:20:0b:d1:6a:4c:4e:ab:50:d0:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jul 1 18:42:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e07d764615ec7459458ab9aef103dec5b02ca4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:ca:39:55:45:3a:3b:ee:8b:f0:d1:8d:bb:
97:e1:da:34:84:e3:12:82:ef:69:a9:00:b3:bf:89:
41:60:46:ff:bd:ae:be:1e:73:c3:05:8d:29:94:1c:
58:1c:54:be:dd:9f:9b:69:91:aa:e1:6b:e7:9b:20:
35:25:8a:ed:8d:6a:de:51:69:0c:60:8c:0d:74:cc:
df:17:6e:b1:af:59:6d:b1:b9:a7:4a:bc:9e:8d:b3:
f0:d7:62:e9:84:8f:af:d2:46:24:4f:5e:5d:7c:e0:
b4:2e:1a:4b:78:c4:71:de:c9:53:eb:2b:47:cd:22:
58:5c:18:48:81:f0:2b:29:0c:e0:02:b1:42:e9:f1:
94:cc:0d:78:17:0c:02:dc:e1:96:ff:72:ac:02:96:
76:15:4f:b8:54:ad:89:2e:e5:80:18:c2:a3:16:cc:
0b:d1:d4:a9:34:f2:ef:cd:ab:90:00:71:d9:7d:4e:
8b:5a:2a:ce:2a:0f:a1:5e:dc:12:d3:5e:e7:61:20:
6b:41:28:ea:65:2a:a5:f6:0c:05:4d:ce:c6:43:37:
4b:6d:e3:d7:25:4c:4b:6e:5e:6e:14:db:2c:61:87:
26:fe:88:f1:d3:c9:74:fa:11:a3:80:4a:94:cf:f1:
c6:97:14:24:0d:8a:65:f9:d5:69:5c:4f:da:19:4e:
f7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7D:76:46:15:EC:74:59:45:8A:B9:AE:F1:03:DE:C5:B0:2C:A4:E1
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4H12RhXsdFlFirmu8QPexbAspOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.53.0/24
163.5.79.0/24
163.5.161.0/24
Signature Algorithm: sha256WithRSAEncryption
93:82:7e:fc:e0:a5:1c:12:58:13:3c:9d:27:9f:69:ea:f2:82:
66:06:af:0e:5e:fc:a8:c8:05:ac:4d:ec:af:e8:d2:45:39:96:
58:4c:d9:eb:33:16:e7:f2:4f:f9:60:34:80:34:b9:76:64:89:
aa:3b:71:25:61:74:8a:96:c1:91:d4:f9:b7:48:06:cb:09:a5:
33:9b:dd:13:ab:35:e9:8e:7b:ef:b1:9f:fb:40:93:ef:2c:0c:
ae:60:1c:4a:b9:4f:69:c1:c9:23:6a:e3:74:10:42:96:aa:23:
2d:fe:5c:96:09:a8:a1:f2:cb:5f:af:0d:b5:f8:17:a3:1b:98:
08:c8:08:96:b4:89:95:77:e3:90:e9:01:c7:98:5b:98:e6:34:
9a:6a:db:3b:4f:f1:bb:dc:9b:f2:28:f7:3c:f7:94:95:a6:f5:
4d:17:1f:54:e0:57:39:b1:dd:5e:92:80:3b:eb:a7:df:bd:03:
65:e1:09:72:66:6d:aa:b1:04:aa:0c:c1:1a:fd:08:ec:d2:31:
16:8f:74:74:f4:b2:f6:bb:22:95:56:04:71:ca:52:28:d0:c8:
9d:a5:37:07:cc:84:8c:19:92:c9:6d:67:b0:f7:a8:35:99:e0:
b0:42:04:6f:0f:ec:b6:93:6b:f4:56:2a:4e:3f:53:eb:08:7b:
3b:95:3a:61
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfHTGhYQfMgC9FqTE6rUNCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNzAxMTg0MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdkNzY0NjE1ZWM3NDU5NDU4YWI5YWVmMTAzZGVjNWIwMmNhNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJrKOVVFOjvui/DRjbuX4do0hOMS
gu9pqQCzv4lBYEb/va6+HnPDBY0plBxYHFS+3Z+baZGq4WvnmyA1JYrtjWreUWkM
YIwNdMzfF26xr1ltsbmnSryejbPw12LphI+v0kYkT15dfOC0LhpLeMRx3slT6ytH
zSJYXBhIgfArKQzgArFC6fGUzA14FwwC3OGW/3KsApZ2FU+4VK2JLuWAGMKjFswL
0dSpNPLvzauQAHHZfU6LWirOKg+hXtwS017nYSBrQSjqZSql9gwFTc7GQzdLbePX
JUxLbl5uFNssYYcm/ojx08l0+hGjgEqUz/HGlxQkDYpl+dVpXE/aGU733QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOB9dkYV7HRZRYq5rvED3sWwLKThMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNEgxMlJoWHNkRmxGaXJtdThRUGV4YkFzcE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowU1AwQA
owVPAwQAowWhMA0GCSqGSIb3DQEBCwUAA4IBAQCTgn784KUcElgTPJ0nn2nq8oJm
Bq8OXvyoyAWsTeyv6NJFOZZYTNnrMxbn8k/5YDSANLl2ZImqO3ElYXSKlsGR1Pm3
SAbLCaUzm90TqzXpjnvvsZ/7QJPvLAyuYBxKuU9pwckjauN0EEKWqiMt/lyWCaih
8stfrw21+BejG5gIyAiWtImVd+OQ6QHHmFuY5jSaats7T/G73JvyKPc895SVpvVN
Fx9U4Fc5sd1ekoA766ffvQNl4QlyZm2qsQSqDMEa/Qjs0jEWj3R09LL2uyKVVgRx
ylIo0MidpTcHzISMGZLJbWew96g1meCwQgRvD+y2k2v0VipOP1PrCHs7lTph
-----END CERTIFICATE-----
Generated at Wed Jul 2 14:14:19 2025 by rpki-client