Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/H69piXX90KmGrAd9nvFWtFNeJgE.roa
File: H69piXX90KmGrAd9nvFWtFNeJgE.roa (raw, json)
Hash identifier: KqqI6j39CG7G8rB9P1uY/c2E2mtmE77X8oKse2BXhsc=
Subject key identifier: 1F:AF:69:89:75:FD:D0:A9:86:AC:07:7D:9E:F1:56:B4:53:5E:26:01
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0198A94196C38F36CD775089DEB217EB0062
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/H69piXX90KmGrAd9nvFWtFNeJgE.roa
Signing time: Thu 14 Aug 2025 15:45:04 +0000
ROA not before: Thu 14 Aug 2025 15:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 163.5.140.0/24 maxlen: 24
163.5.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a9:41:96:c3:8f:36:cd:77:50:89:de:b2:17:eb:00:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Aug 14 15:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1faf698975fdd0a986ac077d9ef156b4535e2601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:12:6b:3a:b2:c5:ab:40:7d:93:43:0e:41:05:
05:e0:8f:9b:a8:4a:0c:5e:ca:28:e1:ec:69:d7:89:
86:a6:e1:ca:1a:ba:bf:be:09:15:7f:32:58:01:26:
67:0e:e6:5b:eb:a8:f6:4a:a1:3e:a1:84:93:f2:9d:
2b:b1:2d:fc:9b:dd:05:75:41:89:c6:1f:de:a3:9c:
ad:84:33:9c:47:dd:7d:ba:b7:37:46:25:16:92:a3:
90:18:95:62:8b:4a:06:d5:8b:d0:0a:5d:2e:d5:20:
73:9d:2a:96:ad:a9:5d:8d:10:83:58:98:8e:23:9d:
4c:1e:78:5a:1b:d7:ef:b8:da:06:b8:40:48:4f:9b:
8a:40:83:e9:88:b3:f7:4a:bd:33:42:34:b0:ce:06:
d2:27:6e:cb:db:c7:16:0d:9d:ec:ea:82:7a:1a:52:
08:ad:11:ab:06:70:f5:8c:c6:ef:63:64:cd:c7:7d:
f2:b3:a8:86:2c:f4:8c:e8:43:f6:ba:ba:a1:79:4d:
07:ec:f2:ec:9b:69:e3:79:88:a2:b2:43:5a:ed:3c:
93:be:0c:a3:47:1c:d3:2a:28:b9:b5:54:1d:6e:94:
a4:eb:e9:c5:71:cb:60:f3:2d:b6:0e:45:11:3f:80:
6c:b2:5f:2d:c7:90:b5:fa:7b:ef:02:5d:ad:d0:3b:
e4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:AF:69:89:75:FD:D0:A9:86:AC:07:7D:9E:F1:56:B4:53:5E:26:01
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/H69piXX90KmGrAd9nvFWtFNeJgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.140.0/24
163.5.190.0/24
Signature Algorithm: sha256WithRSAEncryption
76:d3:a6:e8:e8:52:cb:20:94:cc:cb:77:a4:63:30:70:a0:50:
4d:71:5b:c5:fe:62:71:43:37:69:55:38:79:95:b2:e6:9f:47:
1c:0a:2e:aa:ab:d4:3f:13:a1:8f:f1:64:ab:a3:58:aa:04:e0:
50:1e:0b:de:bf:06:37:23:fb:e9:48:8c:e0:a4:cb:d3:b1:c0:
5b:f4:0a:e9:75:44:9f:cf:0f:33:27:e5:9d:86:50:d8:22:2f:
37:83:52:ef:79:43:49:83:2c:4c:7d:fb:8c:bc:58:64:55:d8:
86:9d:b0:c3:a0:66:0e:ea:8f:0b:af:d5:53:7b:3f:bb:cf:78:
8b:b7:fa:26:ff:4a:98:58:74:b0:a5:27:60:92:64:ff:d2:26:
27:96:93:92:81:9e:d8:d2:7b:54:3f:a7:62:92:92:ce:43:d9:
aa:7f:d1:59:1f:fc:78:c7:47:38:4a:db:05:c5:87:a2:4c:ba:
6f:82:59:d3:ed:45:62:a9:c4:8f:c3:ef:df:e5:b9:a0:18:c3:
aa:0e:50:1b:0b:2e:7f:5f:d9:8c:ac:5f:64:2a:c6:2c:ca:cf:
95:f9:45:b1:4d:24:c5:bb:ae:d7:45:e2:a7:32:d6:76:f2:59:
6b:d8:f4:9e:67:9b:b3:41:45:96:d9:b7:90:f5:11:47:33:95:
91:36:6c:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZipQZbDjzbNd1CJ3rIX6wBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwODE0MTU0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmFmNjk4OTc1ZmRkMGE5ODZhYzA3N2Q5ZWYxNTZiNDUzNWUyNjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRJrOrLFq0B9k0MOQQUF4I+bqEoM
Xsoo4exp14mGpuHKGrq/vgkVfzJYASZnDuZb66j2SqE+oYST8p0rsS38m90FdUGJ
xh/eo5ythDOcR919urc3RiUWkqOQGJVii0oG1YvQCl0u1SBznSqWraldjRCDWJiO
I51MHnhaG9fvuNoGuEBIT5uKQIPpiLP3Sr0zQjSwzgbSJ27L28cWDZ3s6oJ6GlII
rRGrBnD1jMbvY2TNx33ys6iGLPSM6EP2urqheU0H7PLsm2njeYiiskNa7TyTvgyj
RxzTKii5tVQdbpSk6+nFcctg8y22DkURP4Bssl8tx5C1+nvvAl2t0DvkdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB+vaYl1/dCphqwHfZ7xVrRTXiYBMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSDY5cGlYWDkwS21HckFkOW52Rld0Rk5lSmdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowWMAwQA
owW+MA0GCSqGSIb3DQEBCwUAA4IBAQB206bo6FLLIJTMy3ekYzBwoFBNcVvF/mJx
QzdpVTh5lbLmn0ccCi6qq9Q/E6GP8WSro1iqBOBQHgvevwY3I/vpSIzgpMvTscBb
9ArpdUSfzw8zJ+WdhlDYIi83g1LveUNJgyxMffuMvFhkVdiGnbDDoGYO6o8Lr9VT
ez+7z3iLt/om/0qYWHSwpSdgkmT/0iYnlpOSgZ7Y0ntUP6dikpLOQ9mqf9FZH/x4
x0c4StsFxYeiTLpvglnT7UViqcSPw+/f5bmgGMOqDlAbCy5/X9mMrF9kKsYsys+V
+UWxTSTFu67XReKnMtZ28llr2PSeZ5uzQUWW2beQ9RFHM5WRNmxC
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:46:54 2025 by rpki-client