Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tXRWcoBgh832VvIwc3vIEvkqD94.roa
File: tXRWcoBgh832VvIwc3vIEvkqD94.roa (raw, json)
Hash identifier: PgvoIQmGYbwKIM/rVP9BqF9KGyLdwEWjxNS7IRh4jP0=
Subject key identifier: B5:74:56:72:80:60:87:CD:F6:56:F2:30:73:7B:C8:12:F9:2A:0F:DE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01990AB0B3DEA09C47AE90DD6C052612985C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tXRWcoBgh832VvIwc3vIEvkqD94.roa
Signing time: Tue 02 Sep 2025 13:49:36 +0000
ROA not before: Tue 02 Sep 2025 13:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.38.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:b0:b3:de:a0:9c:47:ae:90:dd:6c:05:26:12:98:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Sep 2 13:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5745672806087cdf656f230737bc812f92a0fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8d:44:06:58:95:fb:d5:ff:2a:14:b2:5e:7e:
ca:f1:5f:98:73:50:0d:fb:d5:71:02:96:ef:58:59:
17:df:3b:95:6f:0e:32:74:01:9f:b7:e5:39:9e:b7:
59:43:47:51:7c:65:aa:50:b3:9f:86:16:1f:90:ca:
a7:42:9e:c0:96:15:a6:2d:79:53:da:71:7c:70:ff:
26:c7:e1:bc:bb:b0:99:1b:79:bd:a2:75:b7:6e:a6:
cb:b7:a5:de:93:3e:1e:e8:96:94:20:0c:12:07:89:
d9:04:18:f5:e1:f1:97:e1:b9:a0:84:80:fe:11:8c:
3e:ad:6a:ad:ba:3c:ad:27:eb:90:6d:ad:f2:e8:c1:
60:a9:da:a1:88:82:2a:0a:3a:e1:01:44:38:e2:e7:
6b:8c:2b:94:80:8e:4a:eb:d9:7b:60:f7:b5:8b:25:
5d:36:bf:35:38:20:f8:14:19:e9:c7:ba:ad:f1:61:
a5:c9:dc:fc:30:ae:e7:5f:32:12:54:cb:4b:8f:c5:
a5:9f:94:25:93:39:e9:60:f7:43:12:fc:5f:fa:9f:
47:15:85:45:47:0c:62:eb:33:b9:fb:eb:e0:9c:ad:
08:98:72:0a:9a:c5:85:1a:f0:38:c2:c7:77:cc:56:
74:0b:45:b7:a9:42:3f:04:b6:fb:ea:44:99:ac:7a:
d1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:74:56:72:80:60:87:CD:F6:56:F2:30:73:7B:C8:12:F9:2A:0F:DE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tXRWcoBgh832VvIwc3vIEvkqD94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.38.0/24
163.5.59.0/24
163.5.104.0/24
163.5.112.0/24
163.5.121.0/24
163.5.128.0/23
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.189.0/24
163.5.200.0/23
163.5.203.0-163.5.205.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
77:1f:f9:15:a8:a4:84:14:b2:91:c6:2d:20:36:c5:48:85:9d:
b6:bc:57:95:fa:b2:da:d4:84:16:88:d8:b8:54:04:50:94:75:
2f:d5:67:2c:6c:ba:cc:e9:db:ea:c4:21:a5:f3:f6:0e:bc:c3:
d2:17:cf:0a:19:a2:82:3c:77:b9:b2:80:37:42:dc:de:2a:d2:
9e:12:a4:b2:81:cb:dc:2e:75:a8:da:7e:3c:cc:1d:e6:83:8b:
15:b2:bb:67:20:d4:bb:e9:4e:b9:47:75:6a:ad:75:ee:75:dd:
ab:57:3b:d4:56:3f:7f:10:9a:e8:8c:11:23:63:ab:5e:46:09:
17:9b:e7:18:0e:39:ed:0b:77:51:bd:70:cf:9c:e0:ae:60:b2:
47:ab:c9:78:ed:f1:94:1d:19:d3:ce:0f:52:8c:89:8e:c1:98:
3a:d7:2c:c8:3f:e9:5e:92:07:ae:01:27:66:7a:37:e5:16:05:
a2:de:e8:bd:4f:3b:c8:23:6a:50:14:d1:47:24:21:a7:79:ea:
fd:7c:b9:f8:df:4e:7e:98:a8:86:f3:91:8b:ae:61:99:71:b6:
a4:8b:4d:12:ef:90:33:af:74:20:14:aa:9d:be:6c:07:15:be:
84:5c:0a:db:81:9e:81:93:83:f2:78:20:2b:cc:af:35:f6:f5:
90:c2:63:76
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZkKsLPeoJxHrpDdbAUmEphcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwOTAyMTM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc0NTY3MjgwNjA4N2NkZjY1NmYyMzA3MzdiYzgxMmY5MmEwZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA041EBliV+9X/KhSyXn7K8V+Yc1AN
+9VxApbvWFkX3zuVbw4ydAGft+U5nrdZQ0dRfGWqULOfhhYfkMqnQp7AlhWmLXlT
2nF8cP8mx+G8u7CZG3m9onW3bqbLt6Xekz4e6JaUIAwSB4nZBBj14fGX4bmghID+
EYw+rWqtujytJ+uQba3y6MFgqdqhiIIqCjrhAUQ44udrjCuUgI5K69l7YPe1iyVd
Nr81OCD4FBnpx7qt8WGlydz8MK7nXzISVMtLj8Wln5QlkznpYPdDEvxf+p9HFYVF
Rwxi6zO5++vgnK0ImHIKmsWFGvA4wsd3zFZ0C0W3qUI/BLb76kSZrHrRsQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFLV0VnKAYIfN9lbyMHN7yBL5Kg/eMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdFhSV2NvQmdoODMyVnZJd2MzdklFdmtxRDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBACj
BR4DBACjBSYDBACjBTsDBACjBWgDBACjBXADBACjBXkDBAGjBYADBACjBYsDBACj
BY8DBACjBZIDBACjBZcDBACjBZ0DBACjBaADBACjBaIDBACjBacDBACjBa8DBACj
BbIDBACjBbYDBACjBb0DBAGjBcgwDAMEAKMFywMEAaMFzAMEAKMF2gMEAKMF4AME
AKMF5AMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEAdx/5FaikhBSykcYtIDbFSIWd
trxXlfqy2tSEFojYuFQEUJR1L9VnLGy6zOnb6sQhpfP2DrzD0hfPChmigjx3ubKA
N0Lc3irSnhKksoHL3C51qNp+PMwd5oOLFbK7ZyDUu+lOuUd1aq117nXdq1c71FY/
fxCa6IwRI2OrXkYJF5vnGA457Qt3Ub1wz5zgrmCyR6vJeO3xlB0Z084PUoyJjsGY
OtcsyD/pXpIHrgEnZno35RYFot7ovU87yCNqUBTRRyQhp3nq/Xy5+N9OfpiohvOR
i65hmXG2pItNEu+QM690IBSqnb5sBxW+hFwK24GegZOD8nggK8yvNfb1kMJjdg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:41:01 2025 by rpki-client