Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ELMtu9OlS2hYZGotQSH6mXYfaCc.roa
File: ELMtu9OlS2hYZGotQSH6mXYfaCc.roa (raw, json)
Hash identifier: uD+IeY6TDmkdHQSrBwK2PLH323kNvyIVYzG8CRou43k=
Subject key identifier: 10:B3:2D:BB:D3:A5:4B:68:58:64:6A:2D:41:21:FA:99:76:1F:68:27
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0197220DBE55E428C85F00B6E6A030D95A3D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ELMtu9OlS2hYZGotQSH6mXYfaCc.roa
Signing time: Fri 30 May 2025 16:36:55 +0000
ROA not before: Fri 30 May 2025 16:36:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 163.5.86.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.155.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.230.0/24 maxlen: 24
163.5.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:22:0d:be:55:e4:28:c8:5f:00:b6:e6:a0:30:d9:5a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 30 16:36:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10b32dbbd3a54b6858646a2d4121fa99761f6827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:79:98:b8:e6:e6:0e:29:b1:4b:f1:21:e4:75:
5b:d8:a7:11:11:9e:7a:82:38:05:c4:6e:91:cc:53:
e0:49:06:45:5e:cb:b5:81:12:1e:88:8c:4a:88:77:
8a:83:ed:40:3d:7b:39:68:a1:46:3a:86:19:c3:01:
c4:61:db:da:e1:49:70:b3:f7:dc:ad:9d:93:a4:31:
65:21:79:54:92:cc:5b:76:5e:db:f5:18:32:26:0a:
b7:93:83:9d:f7:3c:8d:e2:06:bd:69:6e:dc:7d:70:
2f:a7:61:98:bc:2f:7a:3f:03:4b:76:33:02:3b:e9:
8c:ea:da:ee:bd:e8:07:f1:ed:88:75:17:c7:af:58:
4c:25:ff:59:28:41:61:8a:7a:e2:5a:30:97:69:65:
06:3c:fb:ce:82:02:d1:bc:db:11:bf:a0:af:58:f7:
14:6f:29:83:f8:71:63:5f:0d:be:c2:65:65:2a:b2:
33:79:1f:b9:b5:2b:1b:70:fe:7f:cf:3d:4a:21:d2:
6d:71:4c:b8:d9:f4:eb:92:3d:0b:80:b4:94:93:14:
66:a5:6a:03:3c:e1:1a:5a:aa:6c:a4:98:86:82:39:
d1:2e:e9:e4:13:7e:ed:77:54:55:2f:c8:ac:99:53:
6c:bd:52:87:c4:2c:1e:27:4c:8c:8d:06:d7:74:67:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B3:2D:BB:D3:A5:4B:68:58:64:6A:2D:41:21:FA:99:76:1F:68:27
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ELMtu9OlS2hYZGotQSH6mXYfaCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.86.0/24
163.5.111.0/24
163.5.142.0/24
163.5.155.0-163.5.156.255
163.5.170.0/24
163.5.175.0/24
163.5.219.0/24
163.5.230.0/24
163.5.242.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:de:96:39:c2:0f:4c:c5:a2:f7:c5:71:e5:28:8b:bf:5c:a6:
d7:d6:77:f3:47:b0:25:06:26:37:7d:c4:1f:85:08:84:4a:96:
57:d7:43:02:93:1c:87:cf:ec:de:2d:4f:83:3c:ee:f5:26:47:
0f:cc:4b:1b:96:48:48:47:96:4f:85:6c:52:4a:3a:2b:61:95:
5b:52:1c:7b:81:42:db:52:18:a6:5e:48:73:53:07:5e:83:65:
01:26:8c:3e:9a:18:a7:ff:01:25:85:28:23:73:b4:db:00:4d:
b1:90:75:d3:5a:00:9f:ee:08:9d:b9:7c:8e:6d:4b:d6:8f:2a:
59:d2:11:d9:ba:ef:96:1e:72:ba:93:85:6e:5e:ac:28:6b:cb:
61:ce:9d:fc:08:cf:38:c0:33:3c:c9:f4:82:18:79:76:42:0f:
39:50:58:a2:32:51:d6:b4:38:29:33:fe:13:98:f5:8f:37:a7:
f7:f2:2a:94:11:de:e6:c6:6d:75:84:fe:18:d2:bf:33:38:b5:
51:d5:de:99:25:77:43:a3:ac:1a:b2:c7:95:fd:91:f8:d9:c6:
32:09:1a:c4:b1:16:5b:dd:2c:c0:6d:72:69:5a:b3:04:77:f8:
dc:1d:95:6f:41:3c:58:3c:4d:21:0a:b7:dd:73:75:88:d7:37:
bc:42:aa:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZciDb5V5CjIXwC25qAw2Vo9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNTMwMTYzNjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGIzMmRiYmQzYTU0YjY4NTg2NDZhMmQ0MTIxZmE5OTc2MWY2ODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XmYuObmDimxS/Eh5HVb2KcREZ56
gjgFxG6RzFPgSQZFXsu1gRIeiIxKiHeKg+1APXs5aKFGOoYZwwHEYdva4Ulws/fc
rZ2TpDFlIXlUksxbdl7b9RgyJgq3k4Od9zyN4ga9aW7cfXAvp2GYvC96PwNLdjMC
O+mM6truvegH8e2IdRfHr1hMJf9ZKEFhinriWjCXaWUGPPvOggLRvNsRv6CvWPcU
bymD+HFjXw2+wmVlKrIzeR+5tSsbcP5/zz1KIdJtcUy42fTrkj0LgLSUkxRmpWoD
POEaWqpspJiGgjnRLunkE37td1RVL8ismVNsvVKHxCweJ0yMjQbXdGdAJQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBCzLbvTpUtoWGRqLUEh+pl2H2gnMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvRUxNdHU5T2xTMmhZWkdvdFFTSDZtWFlmYUNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAowVWAwQA
owVvAwQAowWOMAwDBACjBZsDBACjBZwDBACjBaoDBACjBa8DBACjBdsDBACjBeYD
BACjBfIwDQYJKoZIhvcNAQELBQADggEBAKreljnCD0zFovfFceUoi79cptfWd/NH
sCUGJjd9xB+FCIRKllfXQwKTHIfP7N4tT4M87vUmRw/MSxuWSEhHlk+FbFJKOith
lVtSHHuBQttSGKZeSHNTB16DZQEmjD6aGKf/ASWFKCNztNsATbGQddNaAJ/uCJ25
fI5tS9aPKlnSEdm675YecrqThW5erChry2HOnfwIzzjAMzzJ9IIYeXZCDzlQWKIy
Uda0OCkz/hOY9Y83p/fyKpQR3ubGbXWE/hjSvzM4tVHV3pkld0OjrBqyx5X9kfjZ
xjIJGsSxFlvdLMBtcmlaswR3+NwdlW9BPFg8TSEKt91zdYjXN7xCqus=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:40:35 2025 by rpki-client