Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9-KX22ZGArJ0aXxr_tE1DvC5Z1I.roa
File: 9-KX22ZGArJ0aXxr_tE1DvC5Z1I.roa (raw, json)
Hash identifier: qnBDGJeuG9flO/Fc8gsVCa+ZxgLiLNII+qp1tVVv7ao=
Subject key identifier: F7:E2:97:DB:66:46:02:B2:74:69:7C:6B:FE:D1:35:0E:F0:B9:67:52
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198E5E8F0FA9DE62D5EC3F8B9ED873090D4
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9-KX22ZGArJ0aXxr_tE1DvC5Z1I.roa
Signing time: Tue 26 Aug 2025 10:25:04 +0000
ROA not before: Tue 26 Aug 2025 10:25:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.62.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e5:e8:f0:fa:9d:e6:2d:5e:c3:f8:b9:ed:87:30:90:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 26 10:25:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7e297db664602b274697c6bfed1350ef0b96752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d7:50:f7:7c:d4:93:83:82:ab:de:61:44:e1:
9e:8b:ab:ab:61:7e:d3:9f:49:06:31:36:a0:90:0a:
23:60:aa:ed:03:98:bb:59:e5:bd:c4:a5:85:0d:13:
d5:e3:de:3c:b9:15:8c:72:55:d7:ca:74:55:8e:c2:
b7:cd:89:39:8f:8e:9f:67:c3:0d:b5:d1:38:90:a8:
78:aa:56:87:60:20:af:01:50:95:59:08:96:dd:1d:
a4:63:02:47:04:4f:cf:7f:6e:cf:ce:84:08:1a:71:
03:71:1f:d9:70:45:6a:84:dd:3a:02:bd:38:c5:1a:
05:b8:b7:4b:c2:a6:e0:ec:f4:7c:1f:f9:41:e4:3c:
0b:87:db:95:9c:aa:da:82:19:cd:f8:84:9d:34:57:
a9:78:08:07:b2:94:d6:f8:15:f4:b8:10:12:22:28:
00:0b:00:9d:1e:35:ed:c9:82:5c:fd:92:93:b7:da:
df:23:be:6f:09:70:8a:5f:24:2d:9f:6a:a0:2c:67:
75:ac:9d:d1:07:e0:c7:bf:f1:a6:f9:2e:05:5d:f5:
1c:53:f8:b2:55:5f:39:a4:6e:ef:6d:97:d4:aa:72:
da:76:23:e8:02:a7:72:68:4e:08:72:be:41:57:c9:
aa:e6:76:c6:83:5d:31:5f:f1:29:e5:c3:f3:63:2b:
2c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:E2:97:DB:66:46:02:B2:74:69:7C:6B:FE:D1:35:0E:F0:B9:67:52
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9-KX22ZGArJ0aXxr_tE1DvC5Z1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.62.0/24
163.5.149.0/24
163.5.179.0/24
163.5.187.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:6d:21:8b:d9:ee:80:82:2a:8a:4c:7d:1a:17:fe:8d:6c:5d:
2d:a4:56:39:d7:6c:76:03:81:b1:b1:bf:cc:2e:bd:ae:e9:0a:
5b:f5:b6:d8:f1:e0:bf:85:27:96:2d:87:fe:ff:7b:c0:05:bb:
f3:c3:28:17:a2:11:d7:15:bf:9e:a1:6e:14:4e:2d:1b:4a:31:
03:27:cc:a6:4e:12:36:08:4c:5b:c1:2e:5c:d4:2f:c3:72:eb:
8b:d8:23:17:1d:fb:91:ac:8d:3a:76:4c:fa:6f:ad:aa:80:84:
f3:17:48:d6:4f:8e:76:d1:65:79:53:17:5b:9f:c1:9d:91:3b:
66:ea:3c:d6:3e:fa:ab:de:22:07:eb:c9:fb:86:31:ab:e7:f2:
68:07:61:cb:78:76:dd:3b:9b:8e:54:e4:68:08:05:0c:48:b9:
58:df:96:b9:59:09:1e:7a:dc:fc:24:8c:88:7e:5a:a1:ef:06:
c1:63:7f:0b:c2:b5:fd:b6:80:54:70:d3:f0:16:bd:ba:93:b3:
8a:54:81:c6:70:e2:c9:2d:de:d9:98:8e:4b:e9:13:cb:5d:40:
2c:5f:a0:4c:f7:31:be:67:4e:ae:9f:f9:30:e1:c5:47:15:ab:
1b:90:a0:f3:7b:0a:1c:51:e4:56:15:f6:af:f9:e3:cd:33:7b:
b9:b3:52:c8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjl6PD6neYtXsP4ue2HMJDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODI2MTAyNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2UyOTdkYjY2NDYwMmIyNzQ2OTdjNmJmZWQxMzUwZWYwYjk2NzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytdQ93zUk4OCq95hROGei6urYX7T
n0kGMTagkAojYKrtA5i7WeW9xKWFDRPV4948uRWMclXXynRVjsK3zYk5j46fZ8MN
tdE4kKh4qlaHYCCvAVCVWQiW3R2kYwJHBE/Pf27PzoQIGnEDcR/ZcEVqhN06Ar04
xRoFuLdLwqbg7PR8H/lB5DwLh9uVnKraghnN+ISdNFepeAgHspTW+BX0uBASIigA
CwCdHjXtyYJc/ZKTt9rfI75vCXCKXyQtn2qgLGd1rJ3RB+DHv/Gm+S4FXfUcU/iy
VV85pG7vbZfUqnLadiPoAqdyaE4Icr5BV8mq5nbGg10xX/Ep5cPzYyssJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPfil9tmRgKydGl8a/7RNQ7wuWdSMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOS1LWDIyWkdBckowYVh4cl90RTFEdkM1WjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowU+AwQA
owWVAwQAowWzAwQAowW7MA0GCSqGSIb3DQEBCwUAA4IBAQANbSGL2e6AgiqKTH0a
F/6NbF0tpFY512x2A4Gxsb/MLr2u6Qpb9bbY8eC/hSeWLYf+/3vABbvzwygXohHX
Fb+eoW4UTi0bSjEDJ8ymThI2CExbwS5c1C/DcuuL2CMXHfuRrI06dkz6b62qgITz
F0jWT4520WV5Uxdbn8GdkTtm6jzWPvqr3iIH68n7hjGr5/JoB2HLeHbdO5uOVORo
CAUMSLlY35a5WQkeetz8JIyIflqh7wbBY38LwrX9toBUcNPwFr26k7OKVIHGcOLJ
Ld7ZmI5L6RPLXUAsX6BM9zG+Z06un/kw4cVHFasbkKDzewocUeRWFfav+ePNM3u5
s1LI
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:35:19 2025 by rpki-client