Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z55uzs3HZ3eEjK8Daj8USWyFIGk.roa
File: Z55uzs3HZ3eEjK8Daj8USWyFIGk.roa (raw, json)
Hash identifier: 6gbffaKuY8Apzzh869AVMw4fJehXpcJGY3HwiuJKTWE=
Subject key identifier: 67:9E:6E:CE:CD:C7:67:77:84:8C:AF:03:6A:3F:14:49:6C:85:20:69
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019A355AF8C179A54E2E1FD979CCA7BBB259
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z55uzs3HZ3eEjK8Daj8USWyFIGk.roa
Signing time: Thu 30 Oct 2025 13:42:25 +0000
ROA not before: Thu 30 Oct 2025 13:42:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.8.0/24 maxlen: 24
163.5.9.0/24 maxlen: 24
163.5.13.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.71.0/24 maxlen: 24
163.5.106.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.127.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.238.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:5a:f8:c1:79:a5:4e:2e:1f:d9:79:cc:a7:bb:b2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Oct 30 13:42:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=679e6ececdc76777848caf036a3f14496c852069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d1:89:8f:d7:91:67:50:00:81:4c:23:b2:cd:
af:45:17:e7:cd:57:1d:de:ab:30:5d:3a:fb:7e:43:
61:b8:61:1d:52:df:e7:7a:29:43:8a:aa:36:91:10:
40:96:3d:c9:26:5f:b5:62:5f:21:05:be:7f:e9:67:
4c:d8:df:a7:f6:92:2b:2b:c0:0b:98:31:fd:5f:56:
8b:77:14:3f:f0:6d:73:82:80:6d:7a:bf:5a:ad:16:
c9:24:51:c2:49:cd:da:ae:77:84:1e:5f:d7:63:47:
bf:c6:87:16:30:e4:e0:16:70:c0:d0:24:dc:01:9a:
e2:8b:a1:02:32:ca:b8:4d:77:29:c2:9a:3d:10:72:
8d:1a:a7:f8:02:8a:f2:20:96:85:23:f9:0a:7c:ad:
ca:07:7f:78:14:ea:f2:4e:8a:e0:38:ab:9b:47:b5:
a3:19:c0:d5:3d:e1:36:84:31:13:93:b2:42:f0:d4:
1c:2e:08:15:87:ec:35:2d:ee:e5:72:e3:6b:c2:f8:
5c:9c:aa:0f:1b:03:91:7b:ba:23:6c:51:26:4e:23:
27:10:6a:dd:80:66:c9:94:a2:fb:6f:e7:d0:42:7e:
cc:ea:69:16:08:35:1b:82:ac:f9:ed:de:0b:e1:13:
65:41:e2:c2:93:04:f2:36:33:b5:f9:72:b8:6c:23:
1c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:9E:6E:CE:CD:C7:67:77:84:8C:AF:03:6A:3F:14:49:6C:85:20:69
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Z55uzs3HZ3eEjK8Daj8USWyFIGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.8.0/23
163.5.13.0/24
163.5.30.0/24
163.5.38.0/24
163.5.58.0/23
163.5.71.0/24
163.5.106.0/24
163.5.112.0/24
163.5.119.0/24
163.5.121.0/24
163.5.125.0/24
163.5.127.0-163.5.129.255
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.200.0/23
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.238.0/24
163.5.241.0/24
163.5.244.0/24
Signature Algorithm: sha256WithRSAEncryption
89:bf:f1:d7:85:12:7a:35:d4:18:86:54:9a:91:3c:d0:d1:59:
64:97:7b:6d:2c:59:e4:ed:03:41:b0:35:d2:16:bc:64:70:20:
af:b3:49:51:2d:8c:49:57:cb:4a:0e:13:a3:89:5e:03:67:94:
5d:ca:9f:a1:b7:71:20:ec:5f:65:40:a0:40:05:32:91:10:c2:
c4:c7:71:13:2b:11:5f:98:f4:e5:82:78:47:0a:61:ea:ac:7a:
76:fa:aa:44:eb:7f:47:6d:6b:ea:5d:28:95:39:f4:dc:26:7f:
fe:68:93:72:fa:90:9f:9c:a7:2d:ee:3e:f5:ee:0d:90:9e:b1:
79:ac:f8:93:17:28:18:17:d4:4e:92:50:ba:24:59:bf:e0:99:
21:7b:57:c4:64:ec:3d:4b:23:57:58:4a:43:d5:a2:cc:b5:2a:
d5:a2:55:11:84:d5:0d:29:ca:1c:04:5c:6c:51:12:e0:2f:20:
ad:96:88:31:76:3e:04:03:c0:ea:c2:ee:be:18:b2:26:de:51:
06:29:87:bd:e2:37:44:24:09:31:6f:e9:ca:49:ec:2c:fe:a7:
f0:ee:3b:96:ee:a8:37:a7:be:2f:dd:ba:c7:05:da:91:41:31:
9f:0a:dd:c3:72:64:ee:56:94:cf:21:0f:25:61:ab:2c:de:0c:
9a:e5:37:12
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZo1WvjBeaVOLh/Zecynu7JZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUxMDMwMTM0MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzllNmVjZWNkYzc2Nzc3ODQ4Y2FmMDM2YTNmMTQ0OTZjODUyMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdGJj9eRZ1AAgUwjss2vRRfnzVcd
3qswXTr7fkNhuGEdUt/neilDiqo2kRBAlj3JJl+1Yl8hBb5/6WdM2N+n9pIrK8AL
mDH9X1aLdxQ/8G1zgoBter9arRbJJFHCSc3arneEHl/XY0e/xocWMOTgFnDA0CTc
AZrii6ECMsq4TXcpwpo9EHKNGqf4AoryIJaFI/kKfK3KB394FOryTorgOKubR7Wj
GcDVPeE2hDETk7JC8NQcLggVh+w1Le7lcuNrwvhcnKoPGwORe7ojbFEmTiMnEGrd
gGbJlKL7b+fQQn7M6mkWCDUbgqz57d4L4RNlQeLCkwTyNjO1+XK4bCMcVQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFGeebs7Nx2d3hIyvA2o/FElshSBpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWjU1dXpzM0haM2VFaks4RGFqOFVTV3lGSUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAGj
BQgDBACjBQ0DBACjBR4DBACjBSYDBAGjBToDBACjBUcDBACjBWoDBACjBXADBACj
BXcDBACjBXkDBACjBX0wDAMEAKMFfwMEAaMFgAMEAKMFhAMEAKMFiwMEAKMFjwME
AKMFkgMEAKMFlwMEAKMFoAMEAKMFpwMEAKMFrwMEAaMFsgMEAKMFtgMEAKMFugME
AKMFvQMEAaMFyDAMAwQAowXLAwQBowXMAwQAowXaAwQAowXgAwQAowXkAwQAowXu
AwQAowXxAwQAowX0MA0GCSqGSIb3DQEBCwUAA4IBAQCJv/HXhRJ6NdQYhlSakTzQ
0Vlkl3ttLFnk7QNBsDXSFrxkcCCvs0lRLYxJV8tKDhOjiV4DZ5Rdyp+ht3Eg7F9l
QKBABTKREMLEx3ETKxFfmPTlgnhHCmHqrHp2+qpE639HbWvqXSiVOfTcJn/+aJNy
+pCfnKct7j717g2QnrF5rPiTFygYF9ROklC6JFm/4Jkhe1fEZOw9SyNXWEpD1aLM
tSrVolURhNUNKcocBFxsURLgLyCtlogxdj4EA8Dqwu6+GLIm3lEGKYe94jdEJAkx
b+nKSews/qfw7juW7qg3p74v3brHBdqRQTGfCt3DcmTuVpTPIQ8lYass3gya5TcS
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:28:45 2025 by rpki-client