Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ux2JcjfUc236bO10rQ_cUetKF7Q.roa
File: Ux2JcjfUc236bO10rQ_cUetKF7Q.roa (raw, json)
Hash identifier: 1T+hDqcFuY2HTDc7fov3V2bGKLF8IGJODqrMsgEpK+4=
Subject key identifier: 53:1D:89:72:37:D4:73:6D:FA:6C:ED:74:AD:0F:DC:51:EB:4A:17:B4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019A003056FF856F06D8E8E1F8B4B3BC338D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ux2JcjfUc236bO10rQ_cUetKF7Q.roa
Signing time: Mon 20 Oct 2025 05:55:59 +0000
ROA not before: Mon 20 Oct 2025 05:55:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.53.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:30:56:ff:85:6f:06:d8:e8:e1:f8:b4:b3:bc:33:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 20 05:55:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=531d897237d4736dfa6ced74ad0fdc51eb4a17b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ff:f3:ae:7e:d5:0e:49:6f:b5:6a:a5:84:fb:
a3:45:9d:c4:87:0a:be:6d:1d:47:24:03:fd:98:60:
43:50:ac:ba:12:50:9c:e9:bf:77:6c:84:70:15:84:
68:0b:7c:d1:25:54:01:be:61:d1:07:23:da:33:b3:
f0:24:5d:d7:2e:f5:f9:f7:87:ae:b0:81:27:3b:43:
a1:7e:14:04:f4:9d:92:ec:6e:8d:ec:a2:41:21:e6:
71:46:6c:4c:ba:76:46:fa:2f:b2:5c:bb:44:3e:98:
93:95:d2:a1:8a:c6:ec:07:b7:18:50:c7:9d:cf:d4:
6a:aa:27:e1:d8:11:c6:4f:ab:8d:26:22:9f:95:1a:
51:04:5d:c2:ac:72:16:ae:f7:4d:5b:83:3d:3d:a0:
55:30:78:46:64:5f:a1:6d:1d:d8:66:c0:bd:8e:4e:
56:91:68:3d:68:01:c4:64:f0:48:91:99:3b:31:2a:
44:24:c1:e7:14:29:04:84:63:17:ac:09:fb:b2:c0:
3b:8e:d8:d0:94:94:80:00:c2:88:48:35:01:2a:01:
08:8d:22:00:1b:d1:70:87:9e:ef:38:a1:01:67:1e:
2a:80:41:19:09:fb:02:90:ae:6c:03:29:e8:77:13:
bb:dc:b8:a9:27:a4:f7:b7:6d:26:ca:4e:0c:36:b1:
3b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:1D:89:72:37:D4:73:6D:FA:6C:ED:74:AD:0F:DC:51:EB:4A:17:B4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ux2JcjfUc236bO10rQ_cUetKF7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.8.0/23
163.5.13.0/24
163.5.30.0/24
163.5.38.0/24
163.5.53.0/24
163.5.58.0/23
163.5.71.0/24
163.5.106.0/24
163.5.112.0/24
163.5.119.0/24
163.5.121.0/24
163.5.125.0/24
163.5.127.0-163.5.129.255
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.200.0/23
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.238.0/24
163.5.241.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:91:67:0c:43:68:36:0d:c8:1b:92:3b:f0:4f:50:b0:de:99:
65:bd:05:7c:60:2d:69:45:b4:30:f5:52:07:0f:47:8f:3d:20:
9b:a3:b6:9c:07:43:7f:17:fc:36:65:c6:85:e9:9c:38:52:46:
78:82:76:6f:12:3d:05:83:d5:d3:c9:74:ef:1c:24:71:06:d2:
e9:44:1c:3f:2a:c4:e8:5e:c4:bf:9e:20:ca:ac:17:a1:ed:3f:
21:35:44:35:18:e8:f6:2b:02:a3:05:4f:67:7b:cd:ab:92:e7:
fa:df:e4:8b:43:a5:15:7e:bb:a5:b1:ad:86:46:a6:eb:c0:be:
d2:76:d2:67:0a:20:11:ac:84:b9:ad:40:a9:a0:ac:4d:72:4e:
7f:29:3f:8e:71:68:50:c7:0a:ae:de:73:8d:d5:1e:4c:14:55:
cf:9f:90:cf:78:75:4f:a1:cc:32:be:8a:24:21:b7:f4:5a:ec:
58:64:d5:3d:ba:a7:81:e4:ee:47:6f:ec:b3:44:5f:b2:eb:ff:
a3:fa:1a:8b:33:7e:a7:f6:98:e8:a3:58:21:1d:20:9a:d5:0c:
b9:05:19:69:d3:30:ad:8b:01:b7:d7:6e:15:48:70:bd:6b:09:
ac:72:26:33:ef:94:3e:07:0c:a9:29:c9:61:66:7a:36:6a:81:
51:18:e7:a3
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZoAMFb/hW8G2Ojh+LSzvDONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUxMDIwMDU1NTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzFkODk3MjM3ZDQ3MzZkZmE2Y2VkNzRhZDBmZGM1MWViNGExN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl//zrn7VDklvtWqlhPujRZ3Ehwq+
bR1HJAP9mGBDUKy6ElCc6b93bIRwFYRoC3zRJVQBvmHRByPaM7PwJF3XLvX594eu
sIEnO0OhfhQE9J2S7G6N7KJBIeZxRmxMunZG+i+yXLtEPpiTldKhisbsB7cYUMed
z9Rqqifh2BHGT6uNJiKflRpRBF3CrHIWrvdNW4M9PaBVMHhGZF+hbR3YZsC9jk5W
kWg9aAHEZPBIkZk7MSpEJMHnFCkEhGMXrAn7ssA7jtjQlJSAAMKISDUBKgEIjSIA
G9Fwh57vOKEBZx4qgEEZCfsCkK5sAynodxO73LipJ6T3t20myk4MNrE7yQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFFMdiXI31HNt+mztdK0P3FHrShe0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVXgySmNqZlVjMjM2Yk8xMHJRX2NVZXRLRjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAGj
BQgDBACjBQ0DBACjBR4DBACjBSYDBACjBTUDBAGjBToDBACjBUcDBACjBWoDBACj
BXADBACjBXcDBACjBXkDBACjBX0wDAMEAKMFfwMEAaMFgAMEAKMFhAMEAKMFiwME
AKMFjwMEAKMFkgMEAKMFlwMEAKMFoAMEAKMFpwMEAKMFrwMEAKMFsgMEAKMFtgME
AKMFugMEAKMFvQMEAaMFyDAMAwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQAowXk
AwQAowXuAwQAowXxAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQBOkWcMQ2g2Dcgb
kjvwT1Cw3pllvQV8YC1pRbQw9VIHD0ePPSCbo7acB0N/F/w2ZcaF6Zw4UkZ4gnZv
Ej0Fg9XTyXTvHCRxBtLpRBw/KsToXsS/niDKrBeh7T8hNUQ1GOj2KwKjBU9ne82r
kuf63+SLQ6UVfrulsa2GRqbrwL7SdtJnCiARrIS5rUCpoKxNck5/KT+OcWhQxwqu
3nON1R5MFFXPn5DPeHVPocwyvookIbf0WuxYZNU9uqeB5O5Hb+yzRF+y6/+j+hqL
M36n9pjoo1ghHSCa1Qy5BRlp0zCtiwG3124VSHC9awmsciYz75Q+BwypKclhZno2
aoFRGOej
-----END CERTIFICATE-----
Generated at Tue Oct 21 16:46:22 2025 by rpki-client