Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/jaJHGhM03pdKXU-GKkJa6RbXza8.roa
File: jaJHGhM03pdKXU-GKkJa6RbXza8.roa (raw, json)
Hash identifier: Xice7TtWbhhry5l8mkNOfTIRzz6L8HFpzbJK4C0Sr3E=
Subject key identifier: 8D:A2:47:1A:13:34:DE:97:4A:5D:4F:86:2A:42:5A:E9:16:D7:CD:AF
Certificate issuer: /CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Certificate serial: 019D718478947FC1D27DB4949358C4B016E4
Authority key identifier: 6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/jaJHGhM03pdKXU-GKkJa6RbXza8.roa
Signing time: Thu 09 Apr 2026 09:13:20 +0000
ROA not before: Thu 09 Apr 2026 09:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213705
IP address blocks: 153.51.160.0/22 maxlen: 22
153.51.164.0/22 maxlen: 24
153.51.168.0/22 maxlen: 24
153.51.172.0/22 maxlen: 22
153.51.176.0/24 maxlen: 24
153.51.184.0/22 maxlen: 22
153.51.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:84:78:94:7f:c1:d2:7d:b4:94:93:58:c4:b0:16:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Validity
Not Before: Apr 9 09:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8da2471a1334de974a5d4f862a425ae916d7cdaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:56:ed:fb:a1:86:16:fa:6f:38:7f:dc:1d:
0e:45:c8:29:83:6d:3d:24:5e:f6:92:4a:64:a8:24:
95:20:cb:d6:97:e9:30:c2:5e:2f:5b:4d:ed:53:e2:
c2:e5:2c:b7:97:76:ad:55:75:90:69:9e:16:8a:37:
e5:93:5d:f8:3e:71:c9:95:1c:40:4e:06:b6:47:4f:
d8:a3:9f:fe:cb:9e:08:74:eb:67:6d:7a:26:ae:a5:
8e:51:4a:8e:b9:a5:6f:a4:43:b8:36:23:38:13:a7:
77:f1:09:aa:77:f6:ab:de:92:1e:84:82:24:08:f1:
40:fc:78:97:e3:c1:e4:35:bb:46:88:b7:20:00:56:
42:f8:6c:81:4e:35:a7:72:e5:0f:66:66:78:fd:f9:
a1:a5:6c:dc:90:d5:eb:4e:bf:c4:b5:55:8a:65:db:
88:e0:d8:8d:24:48:1a:82:3e:52:f4:b8:aa:f1:4d:
a7:c7:59:7b:88:52:08:22:dd:f9:36:d3:5d:0c:b8:
47:21:14:a2:3d:19:38:eb:57:19:cc:23:46:ee:a1:
5d:95:b8:de:95:2c:52:89:bf:bb:4e:f5:37:70:6b:
46:14:a5:95:49:94:eb:ca:2f:68:83:af:03:c9:ec:
e3:2d:7c:d7:28:63:7d:8c:3a:0d:b3:a1:fe:19:02:
a4:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A2:47:1A:13:34:DE:97:4A:5D:4F:86:2A:42:5A:E9:16:D7:CD:AF
X509v3 Authority Key Identifier:
keyid:6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/jaJHGhM03pdKXU-GKkJa6RbXza8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.160.0-153.51.176.255
153.51.184.0/22
153.51.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:99:ce:19:e9:7a:9c:ee:b5:64:bc:ca:49:23:ee:78:eb:a3:
d3:05:d9:2d:a2:73:b4:df:03:a6:28:47:27:ed:63:a0:9b:46:
42:3d:dc:6e:3a:43:6d:c6:98:f0:48:29:d3:f1:22:7b:e6:87:
a0:50:63:d8:f8:89:b0:45:94:2a:ed:f4:eb:48:08:26:51:b3:
ef:8a:da:3f:5e:54:dd:6b:a4:0a:78:5d:83:42:25:11:12:06:
ef:d1:b8:8e:4a:d3:1f:d3:44:6f:37:5f:ed:ac:80:09:be:7b:
c6:93:b8:9a:28:f0:20:01:f1:03:fa:a6:d3:8a:84:e5:f8:f9:
81:59:93:91:c7:57:23:90:a4:1c:0d:be:e8:88:15:e6:04:2a:
3d:26:14:f0:68:e1:d8:68:df:f0:14:38:e1:78:af:38:c1:24:
ff:5b:0c:92:89:aa:38:24:88:0c:03:24:ba:fe:99:fe:1f:cb:
4e:42:5a:eb:bc:1b:f0:38:7e:c1:1f:28:81:45:8b:d2:25:21:
c7:b9:9d:d3:9d:b3:1c:2c:1c:3d:09:cf:04:9f:68:ea:fa:b2:
c8:e5:eb:80:ee:27:fd:74:cb:23:8e:1c:92:34:3b:94:dd:36:
c5:7c:f2:dc:21:f4:59:8f:d6:16:d6:00:61:51:bf:c5:51:44:
b8:e6:47:13
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1xhHiUf8HSfbSUk1jEsBbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMTA0ZjFlNGFiYWVjMWVmZjgwZjI2MmM2MmY5NmMyNTQz
OGM4ZTEwHhcNMjYwNDA5MDkxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGEyNDcxYTEzMzRkZTk3NGE1ZDRmODYyYTQyNWFlOTE2ZDdjZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2pW7fuhhhb6bzh/3B0ORcgpg209
JF72kkpkqCSVIMvWl+kwwl4vW03tU+LC5Sy3l3atVXWQaZ4Wijflk134PnHJlRxA
Tga2R0/Yo5/+y54IdOtnbXomrqWOUUqOuaVvpEO4NiM4E6d38Qmqd/ar3pIehIIk
CPFA/HiX48HkNbtGiLcgAFZC+GyBTjWncuUPZmZ4/fmhpWzckNXrTr/EtVWKZduI
4NiNJEgagj5S9Liq8U2nx1l7iFIIIt35NtNdDLhHIRSiPRk461cZzCNG7qFdlbje
lSxSib+7TvU3cGtGFKWVSZTryi9og68DyezjLXzXKGN9jDoNs6H+GQKkWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI2iRxoTNN6XSl1PhipCWukW182vMB8GA1UdIwQY
MBaAFGsQTx5Kuuwe/4DyYsYvlsJUOMjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMt
MzBjOWRlMjA1YWZjLzEvamFKSEdoTTAzcGRLWFUtR0trSmE2UmJYemE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMtMzBjOWRlMjA1YWZj
LzEvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAWZM6AD
BACZM7ADBAKZM7gDBACZM78wDQYJKoZIhvcNAQELBQADggEBAC2ZzhnpepzutWS8
ykkj7njro9MF2S2ic7TfA6YoRyftY6CbRkI93G46Q23GmPBIKdPxInvmh6BQY9j4
ibBFlCrt9OtICCZRs++K2j9eVN1rpAp4XYNCJRESBu/RuI5K0x/TRG83X+2sgAm+
e8aTuJoo8CAB8QP6ptOKhOX4+YFZk5HHVyOQpBwNvuiIFeYEKj0mFPBo4dho3/AU
OOF4rzjBJP9bDJKJqjgkiAwDJLr+mf4fy05CWuu8G/A4fsEfKIFFi9IlIce5ndOd
sxwsHD0JzwSfaOr6ssjl64DuJ/10yyOOHJI0O5TdNsV88twh9FmP1hbWAGFRv8VR
RLjmRxM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:24:39 2026 by rpki-client