Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi2kzONUyNsGySXp-3Z5DXIIB44.roa
File: bi2kzONUyNsGySXp-3Z5DXIIB44.roa (raw, json)
Hash identifier: wgQkmJGPghKlacot0jxymOW3hJSCGUlQD2Q0c3/DEr0=
Subject key identifier: 6E:2D:A4:CC:E3:54:C8:DB:06:C9:25:E9:FB:76:79:0D:72:08:07:8E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019EB5470B75623B2C370D30575B804D69CB
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi2kzONUyNsGySXp-3Z5DXIIB44.roa
Signing time: Thu 11 Jun 2026 06:03:12 +0000
ROA not before: Thu 11 Jun 2026 06:03:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.39.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:47:0b:75:62:3b:2c:37:0d:30:57:5b:80:4d:69:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 11 06:03:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e2da4cce354c8db06c925e9fb76790d7208078e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:02:03:f6:12:c5:b6:71:9b:65:37:ce:d9:63:
59:bb:e2:f9:dc:1b:36:d0:09:be:8f:a0:75:3e:28:
be:a1:7d:9a:41:e7:04:f8:c8:5f:4b:89:fc:6e:eb:
18:d7:a1:7e:5d:f3:e1:b1:cc:74:c0:5e:9c:c0:47:
8d:ab:6e:c6:1e:e2:8a:38:78:cc:0f:1b:44:1a:df:
d3:e8:22:97:ca:d6:97:5b:1b:81:7e:06:76:4a:34:
44:32:2d:d4:d8:f8:1d:6d:e1:44:53:dc:9c:d0:c2:
5d:61:e3:fa:02:bd:11:e9:19:cf:bf:e2:87:2c:43:
e6:06:90:54:00:33:d0:80:93:fe:01:14:37:13:54:
ab:b1:78:28:aa:e2:79:42:32:83:d5:61:17:f7:ae:
48:3a:b0:d0:75:36:43:3f:f2:12:c5:a6:f2:8a:79:
b1:70:bb:cb:45:d3:0e:c0:19:90:23:fe:24:89:fd:
f2:bb:7d:a4:a0:d2:31:38:a4:29:94:c8:25:c7:2c:
39:a3:5a:84:20:75:3b:22:44:2e:c9:c9:6b:bd:46:
6d:4f:fb:7e:01:55:f9:33:ef:d3:96:a0:42:05:b2:
f3:c0:1b:a7:be:2a:d3:5a:11:8c:30:5f:b8:d2:f2:
72:97:57:15:d7:0d:86:ee:2c:8b:0b:93:23:d6:f8:
5b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2D:A4:CC:E3:54:C8:DB:06:C9:25:E9:FB:76:79:0D:72:08:07:8E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/bi2kzONUyNsGySXp-3Z5DXIIB44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.39.0/24
163.5.59.0/24
163.5.66.0/24
163.5.112.0/24
163.5.120.0/23
163.5.125.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.196.0/24
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
29:8a:5c:27:1c:8a:e7:bf:05:92:7a:10:3d:87:af:c5:fa:06:
82:d9:f1:55:b3:b2:44:ad:47:4e:ab:6f:7b:a5:2f:cd:00:c2:
09:7c:67:db:30:26:99:95:e0:6c:4e:af:7b:9b:af:73:49:b7:
7e:30:63:ae:6a:32:ea:6e:87:86:94:56:d5:82:a6:4d:b0:94:
20:4a:c6:34:6a:08:f0:71:b3:49:f4:5e:c2:f8:f6:d9:c5:fb:
51:ac:7c:5a:69:b0:1f:26:28:9f:85:a3:8e:42:ca:22:25:7b:
a5:26:16:74:df:7c:b7:b2:f3:8b:4e:ab:83:20:7c:43:80:1d:
3d:cf:cf:be:4f:ea:e7:18:98:f4:10:08:3c:98:49:3f:96:ec:
7b:eb:1b:3a:b0:3b:5f:bb:43:43:eb:5e:d6:b2:8c:28:b6:42:
13:72:82:fd:25:45:66:43:41:7d:06:c1:c8:76:3c:d0:61:ae:
f9:cc:99:b1:38:a1:e3:b8:99:e4:81:01:26:7b:71:11:e6:27:
65:b0:ea:74:88:e2:27:48:8b:92:86:cc:3c:30:d3:23:ce:88:
61:9b:8d:f7:26:ab:78:75:94:f6:e1:26:4d:5d:c5:ca:7f:1f:
fe:ae:0a:b5:0f:22:2a:dc:38:a7:da:91:ed:dd:81:37:c5:5a:
c2:57:9e:cf
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ61Rwt1YjssNw0wV1uATWnLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjExMDYwMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJkYTRjY2UzNTRjOGRiMDZjOTI1ZTlmYjc2NzkwZDcyMDgwNzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwID9hLFtnGbZTfO2WNZu+L53Bs2
0Am+j6B1Pii+oX2aQecE+MhfS4n8busY16F+XfPhscx0wF6cwEeNq27GHuKKOHjM
DxtEGt/T6CKXytaXWxuBfgZ2SjREMi3U2PgdbeFEU9yc0MJdYeP6Ar0R6RnPv+KH
LEPmBpBUADPQgJP+ARQ3E1SrsXgoquJ5QjKD1WEX965IOrDQdTZDP/ISxabyinmx
cLvLRdMOwBmQI/4kif3yu32koNIxOKQplMglxyw5o1qEIHU7IkQuyclrvUZtT/t+
AVX5M+/TlqBCBbLzwBunvirTWhGMMF+40vJyl1cV1w2G7iyLC5Mj1vhblQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFG4tpMzjVMjbBskl6ft2eQ1yCAeOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYmkya3pPTlV5TnNHeVNYcC0zWjVEWElJQjQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBACj
BScDBACjBTsDBACjBUIDBACjBXADBAGjBXgDBACjBX0DBACjBYEDBACjBYsDBACj
BY8DBACjBZIDBACjBZcDBACjBaADBACjBacDBACjBbIDBACjBcQDBACjBdcDBACj
BdoDBACjBeADBACjBeQDBACjBekDBACjBfEDBACjBfMwDQYJKoZIhvcNAQELBQAD
ggEBACmKXCcciue/BZJ6ED2Hr8X6BoLZ8VWzskStR06rb3ulL80Awgl8Z9swJpmV
4GxOr3ubr3NJt34wY65qMupuh4aUVtWCpk2wlCBKxjRqCPBxs0n0XsL49tnF+1Gs
fFppsB8mKJ+Fo45CyiIle6UmFnTffLey84tOq4MgfEOAHT3Pz75P6ucYmPQQCDyY
ST+W7HvrGzqwO1+7Q0PrXtayjCi2QhNygv0lRWZDQX0Gwch2PNBhrvnMmbE4oeO4
meSBASZ7cRHmJ2Ww6nSI4idIi5KGzDww0yPOiGGbjfcmq3h1lPbhJk1dxcp/H/6u
CrUPIircOKfake3dgTfFWsJXns8=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:54 2026 by rpki-client