Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QoAo3IelBj7pnrQ_Wo6QQN5sXQY.roa
File: QoAo3IelBj7pnrQ_Wo6QQN5sXQY.roa (raw, json)
Hash identifier: gzs2YE0rZZ4toBI2MizC+yWI5zWqwrGL99xik5sS4V8=
Subject key identifier: 42:80:28:DC:87:A5:06:3E:E9:9E:B4:3F:5A:8E:90:40:DE:6C:5D:06
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019EC0522FBD8EE03E4580756530ABE9DF11
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QoAo3IelBj7pnrQ_Wo6QQN5sXQY.roa
Signing time: Sat 13 Jun 2026 09:31:12 +0000
ROA not before: Sat 13 Jun 2026 09:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.49.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c0:52:2f:bd:8e:e0:3e:45:80:75:65:30:ab:e9:df:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 13 09:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=428028dc87a5063ee99eb43f5a8e9040de6c5d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6c:10:32:31:ec:d2:98:0b:f4:38:d1:14:a8:
fb:94:3f:fe:46:e7:ee:af:e5:3e:d9:07:f1:c7:81:
c9:30:d8:81:f8:5d:a7:9b:25:88:d1:ee:a5:5a:dd:
5e:c5:a2:75:9e:07:ca:d3:08:51:6b:03:bd:31:35:
2e:c6:7c:89:b1:69:44:64:6e:47:af:d5:e2:01:66:
8c:12:2d:f0:90:fd:f8:ce:ca:87:4c:83:0d:77:bb:
00:af:e8:5c:c0:16:a8:c3:03:80:d7:d5:fa:aa:50:
d6:02:05:df:30:b0:76:25:a0:3f:f5:00:36:b0:b8:
da:8f:ba:a0:c5:20:07:4d:fd:d9:d4:cf:84:e3:a5:
04:f2:a4:21:a3:26:09:10:6a:84:2e:c2:84:22:2c:
ba:47:ab:6c:75:8e:86:6f:fa:db:ec:3d:f6:33:59:
3e:20:75:42:ed:11:97:52:7c:45:ed:43:ec:32:de:
71:cb:43:7c:15:ea:49:04:0b:3c:d7:2a:d3:2b:6c:
b0:e7:e3:4a:89:92:76:88:5c:2c:d3:4c:3b:a7:1e:
38:45:6a:9e:07:6e:d0:96:6d:e0:d2:5a:d4:5f:3d:
58:7b:24:00:fd:2f:46:8f:87:d8:50:07:2b:e1:d2:
fa:59:ae:f4:23:c3:97:f0:91:a6:fa:a1:42:7f:13:
5a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:80:28:DC:87:A5:06:3E:E9:9E:B4:3F:5A:8E:90:40:DE:6C:5D:06
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/QoAo3IelBj7pnrQ_Wo6QQN5sXQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.49.0/24
163.5.59.0/24
163.5.112.0/24
163.5.120.0/23
163.5.125.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.196.0/24
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:b4:2a:c2:c0:d3:97:58:f9:47:34:f9:ad:31:98:25:70:eb:
32:c9:ed:96:0b:c6:18:66:dd:30:60:b8:b7:0a:9d:7c:e2:7e:
43:bd:ab:30:6f:05:bb:1e:b5:c7:4d:11:c7:51:26:ab:71:4a:
da:2b:f8:94:17:43:ec:de:e2:5c:4a:a1:36:33:ea:40:67:f2:
f9:54:31:6d:4d:b8:40:04:c4:a2:c3:38:33:36:79:39:7c:b1:
c8:3f:eb:1e:3b:4e:65:78:b5:9e:09:e2:ee:de:9e:af:15:8c:
0f:e9:54:d6:bb:bf:c8:82:2b:d2:e8:da:1c:4d:9a:cf:71:e4:
a3:7c:39:f3:8b:a7:c9:26:dc:62:de:cf:08:4e:df:f5:25:c6:
62:9b:69:c9:8d:20:ae:8d:a0:8a:22:ea:03:d0:c7:2e:9a:e0:
b0:47:0f:45:49:c0:59:a5:03:07:16:c3:ff:86:b9:79:4d:e6:
bf:63:38:70:cb:bb:35:a8:dd:25:75:e3:38:1d:1d:40:43:ef:
26:79:82:33:2a:36:20:a5:d4:ab:7b:0a:38:e9:04:ef:33:c0:
e5:aa:da:26:f7:c7:70:ea:84:d7:7c:de:dc:48:85:6b:08:0b:
38:c9:44:6a:3f:f7:bd:1a:17:9b:29:d1:52:7b:da:84:5b:52:
05:d0:39:b2
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ7AUi+9juA+RYB1ZTCr6d8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjEzMDkzMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjgwMjhkYzg3YTUwNjNlZTk5ZWI0M2Y1YThlOTA0MGRlNmM1ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GwQMjHs0pgL9DjRFKj7lD/+Rufu
r+U+2Qfxx4HJMNiB+F2nmyWI0e6lWt1exaJ1ngfK0whRawO9MTUuxnyJsWlEZG5H
r9XiAWaMEi3wkP34zsqHTIMNd7sAr+hcwBaowwOA19X6qlDWAgXfMLB2JaA/9QA2
sLjaj7qgxSAHTf3Z1M+E46UE8qQhoyYJEGqELsKEIiy6R6tsdY6Gb/rb7D32M1k+
IHVC7RGXUnxF7UPsMt5xy0N8FepJBAs81yrTK2yw5+NKiZJ2iFws00w7px44RWqe
B27Qlm3g0lrUXz1YeyQA/S9Gj4fYUAcr4dL6Wa70I8OX8JGm+qFCfxNa+wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEKAKNyHpQY+6Z60P1qOkEDebF0GMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUW9BbzNJZWxCajdwbnJRX1dvNlFRTjVzWFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAKMF
MQMEAKMFOwMEAKMFcAMEAaMFeAMEAKMFfQMEAKMFgQMEAKMFiwMEAKMFjwMEAKMF
kgMEAKMFlwMEAKMFoAMEAKMFpwMEAKMFsgMEAKMFxAMEAKMF1wMEAKMF2gMEAKMF
4AMEAKMF5AMEAKMF6QMEAKMF8QMEAKMF8zANBgkqhkiG9w0BAQsFAAOCAQEAO7Qq
wsDTl1j5RzT5rTGYJXDrMsntlgvGGGbdMGC4twqdfOJ+Q72rMG8Fux61x00Rx1Em
q3FK2iv4lBdD7N7iXEqhNjPqQGfy+VQxbU24QATEosM4MzZ5OXyxyD/rHjtOZXi1
ngni7t6erxWMD+lU1ru/yIIr0ujaHE2az3Hko3w584unySbcYt7PCE7f9SXGYptp
yY0gro2giiLqA9DHLprgsEcPRUnAWaUDBxbD/4a5eU3mv2M4cMu7NajdJXXjOB0d
QEPvJnmCMyo2IKXUq3sKOOkE7zPA5araJvfHcOqE13ze3EiFawgLOMlEaj/3vRoX
mynRUnvahFtSBdA5sg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:31:19 2026 by rpki-client