Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bRzByUxMaZgw3AZTzxyJY_IOPJc.roa
File: bRzByUxMaZgw3AZTzxyJY_IOPJc.roa (raw, json)
Hash identifier: nvPEX7WmcIweoFelhrCc2j/C631nEpaJzWaFBIetfT4=
Subject key identifier: 6D:1C:C1:C9:4C:4C:69:98:30:DC:06:53:CF:1C:89:63:F2:0E:3C:97
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019EB5470C2538BC804474599D09570842FB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bRzByUxMaZgw3AZTzxyJY_IOPJc.roa
Signing time: Thu 11 Jun 2026 06:03:12 +0000
ROA not before: Thu 11 Jun 2026 06:03:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:47:0c:25:38:bc:80:44:74:59:9d:09:57:08:42:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 11 06:03:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d1cc1c94c4c699830dc0653cf1c8963f20e3c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:a5:f9:ee:98:df:e4:ac:0f:b2:b0:e9:09:
ab:da:f7:25:64:f3:ff:15:f9:fe:f7:74:d4:ac:5b:
19:22:c2:13:fe:28:f4:31:f9:d6:6b:b9:68:07:b3:
f8:b5:2f:2d:f5:8b:53:ba:62:32:9a:b7:b8:dd:ad:
62:6a:75:a1:54:38:f9:9b:5f:4e:35:48:91:d8:08:
ac:70:c1:64:c7:de:6e:9d:76:fa:a0:21:2c:05:af:
07:00:02:ea:bd:83:ff:5e:06:3c:81:42:3d:fa:eb:
4f:91:68:45:be:22:55:88:ec:cb:2e:d3:ab:bb:a7:
18:39:45:f8:9f:59:cd:d4:f5:2b:f4:df:b9:b2:7b:
7c:bf:1a:35:35:39:20:e8:79:3d:51:49:66:69:97:
87:68:72:bf:8d:4c:ac:b9:5d:0f:18:8f:57:27:44:
a2:44:db:c8:54:c6:9c:9b:c0:4e:f7:77:83:bb:a1:
4b:0a:4d:97:77:86:fa:c3:f7:ce:c1:32:0a:30:26:
5e:3e:2c:a0:41:72:c1:45:39:80:e3:34:e2:f4:6e:
0e:a7:e0:53:cc:6e:b6:90:1d:80:da:96:f9:2e:ae:
8a:16:2d:b6:1d:f4:63:1d:cc:a6:2e:fc:ac:04:47:
46:a0:ae:3c:98:bd:29:58:0b:4b:77:0d:56:a8:b5:
e8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1C:C1:C9:4C:4C:69:98:30:DC:06:53:CF:1C:89:63:F2:0E:3C:97
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bRzByUxMaZgw3AZTzxyJY_IOPJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.88.0/24
163.5.90.0/24
163.5.100.0/24
163.5.117.0/24
163.5.130.0/24
163.5.154.0/24
163.5.174.0/24
163.5.177.0/24
163.5.189.0/24
163.5.240.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1f:6b:aa:71:a6:9c:70:71:a9:f5:79:cb:5f:77:8d:b1:94:
54:18:b1:d6:17:3e:3b:5e:f8:03:1c:1e:c3:7b:6e:21:61:a5:
87:46:0a:01:e0:5f:ea:13:40:ce:ae:7d:3a:f0:1e:84:80:4d:
c1:58:78:e7:34:96:fb:2f:0e:62:24:3b:31:af:1e:0b:f0:e1:
46:84:95:39:13:33:78:7a:42:13:e4:64:f9:fa:46:5d:7f:ea:
a1:c3:3a:6a:ec:a5:48:a2:35:7e:f7:76:21:20:ba:03:0a:a1:
5f:7c:80:2d:ba:e5:bb:6c:cd:1e:09:6f:f4:59:73:b0:0e:80:
c5:3e:be:c2:3b:b3:ad:0f:1e:e7:94:90:4a:91:87:e1:44:e5:
15:40:0a:87:25:89:00:6b:15:76:a6:d0:e6:9b:bc:0e:d8:90:
69:dc:f4:bc:ed:1f:f0:f5:62:7a:0e:ea:96:6c:a9:3b:b6:70:
80:be:22:5f:3a:fe:fd:a6:f7:28:af:9d:cb:87:31:0f:aa:4a:
d0:c3:c5:88:86:66:e7:b4:c1:d3:2f:d5:bc:95:89:1b:4d:65:
ea:a3:2e:d1:90:db:77:34:6f:f4:dc:3a:84:20:db:d9:8a:e2:
c7:c1:d0:b4:e4:3e:8a:2d:b1:74:9f:f9:35:50:44:d4:c6:82:
62:37:88:76
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ61RwwlOLyARHRZnQlXCEL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjExMDYwMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFjYzFjOTRjNGM2OTk4MzBkYzA2NTNjZjFjODk2M2YyMGUzYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiOl+e6Y3+SsD7Kw6Qmr2vclZPP/
Ffn+93TUrFsZIsIT/ij0MfnWa7loB7P4tS8t9YtTumIymre43a1ianWhVDj5m19O
NUiR2AiscMFkx95unXb6oCEsBa8HAALqvYP/XgY8gUI9+utPkWhFviJViOzLLtOr
u6cYOUX4n1nN1PUr9N+5snt8vxo1NTkg6Hk9UUlmaZeHaHK/jUysuV0PGI9XJ0Si
RNvIVMacm8BO93eDu6FLCk2Xd4b6w/fOwTIKMCZePiygQXLBRTmA4zTi9G4Op+BT
zG62kB2A2pb5Lq6KFi22HfRjHcymLvysBEdGoK48mL0pWAtLdw1WqLXoqwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFG0cwclMTGmYMNwGU88ciWPyDjyXMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYlJ6QnlVeE1hWmd3M0FaVHp4eUpZX0lPUEpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAowVYAwQA
owVaAwQAowVkAwQAowV1AwQAowWCAwQAowWaAwQAowWuAwQAowWxAwQAowW9AwQA
owXwAwQAowX8MA0GCSqGSIb3DQEBCwUAA4IBAQCLH2uqcaaccHGp9XnLX3eNsZRU
GLHWFz47XvgDHB7De24hYaWHRgoB4F/qE0DOrn068B6EgE3BWHjnNJb7Lw5iJDsx
rx4L8OFGhJU5EzN4ekIT5GT5+kZdf+qhwzpq7KVIojV+93YhILoDCqFffIAtuuW7
bM0eCW/0WXOwDoDFPr7CO7OtDx7nlJBKkYfhROUVQAqHJYkAaxV2ptDmm7wO2JBp
3PS87R/w9WJ6DuqWbKk7tnCAviJfOv79pvcor53LhzEPqkrQw8WIhmbntMHTL9W8
lYkbTWXqoy7RkNt3NG/03DqEINvZiuLHwdC05D6KLbF0n/k1UETUxoJiN4h2
-----END CERTIFICATE-----
Generated at Sat Jun 13 23:03:10 2026 by rpki-client