Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gjqCUszLPRVZFiGuE4G5vSQRtAA.roa
File: gjqCUszLPRVZFiGuE4G5vSQRtAA.roa (raw, json)
Hash identifier: BUsM66MvPdqBMnmYTuFECEd0KF5zYbkKYEWcRTFqqck=
Subject key identifier: 82:3A:82:52:CC:CB:3D:15:59:16:21:AE:13:81:B9:BD:24:11:B4:00
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019C8EBFE82A1A5EB3F38B2F1954F6D7FBCE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gjqCUszLPRVZFiGuE4G5vSQRtAA.roa
Signing time: Tue 24 Feb 2026 08:24:27 +0000
ROA not before: Tue 24 Feb 2026 08:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.62.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8e:bf:e8:2a:1a:5e:b3:f3:8b:2f:19:54:f6:d7:fb:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 24 08:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=823a8252cccb3d15591621ae1381b9bd2411b400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:2d:df:86:b8:b9:fc:09:41:c1:e7:f8:c6:
de:1d:2b:2a:6c:66:a6:c8:08:13:b1:b2:0c:a1:ca:
74:f3:8b:0e:51:c9:a4:7b:81:85:a4:42:5f:05:af:
93:26:16:59:78:0e:da:03:1d:9c:9a:ce:8a:ce:c8:
a6:67:da:f0:a8:5a:61:20:c0:6d:8a:9e:9d:42:c3:
b9:05:dd:8a:32:9e:c7:1c:10:f9:14:2c:ef:96:8f:
01:fb:88:a8:aa:e4:16:dd:e6:ac:3b:0d:98:3a:b3:
a8:c3:88:98:22:d9:ab:f0:a8:a4:a5:c6:85:f4:39:
d9:79:7b:3d:16:fc:d5:49:ea:39:64:74:7f:51:d7:
79:0e:3c:e9:64:43:2b:88:2f:cf:d7:f6:2d:9c:fc:
a9:eb:74:19:2f:8a:36:05:6e:91:db:bf:0d:56:a0:
b1:3c:cf:50:fd:c3:6f:76:45:85:4a:f0:63:66:b4:
6a:f1:6e:c3:b5:52:92:40:48:07:c3:2e:d1:83:1e:
2b:66:4f:55:17:9c:20:e2:a3:84:32:5c:cb:44:18:
70:92:93:59:f1:4e:b1:16:eb:49:cd:18:31:3e:4c:
e7:2d:d3:04:e5:43:8b:b5:f3:5e:dc:67:c1:8c:38:
b5:4c:21:ff:f9:50:ed:14:ef:5b:d7:91:b0:61:eb:
7e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:3A:82:52:CC:CB:3D:15:59:16:21:AE:13:81:B9:BD:24:11:B4:00
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gjqCUszLPRVZFiGuE4G5vSQRtAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.62.0/24
163.5.131.0/24
163.5.149.0/24
163.5.187.0/24
Signature Algorithm: sha256WithRSAEncryption
04:4e:d2:22:bf:4c:2b:7f:ae:0c:2a:a0:5e:a5:8b:84:67:8f:
82:96:95:63:56:f6:75:88:22:07:3f:70:ca:66:b6:8d:44:09:
b8:b7:11:08:a1:8c:a9:90:8f:a9:5b:16:74:9f:cc:0b:4f:06:
36:fc:e4:c4:7e:e0:7f:67:66:59:c3:f0:a4:2e:f9:43:a4:19:
40:1c:7a:97:c3:27:3b:5f:ad:85:40:f3:09:d6:a5:03:b7:8d:
aa:12:ac:39:86:3b:31:76:ff:6d:f2:0d:7a:34:3a:68:0b:91:
54:14:eb:7b:df:95:62:4e:2c:59:7a:c9:dd:0f:53:c5:dd:a0:
0b:fd:9a:35:4a:4c:5a:a8:28:b4:e1:31:6b:ff:83:eb:57:63:
18:bb:22:fe:aa:eb:de:4e:10:48:a6:c6:8a:19:d8:d9:35:52:
18:73:ca:a7:4e:15:1a:72:ec:2f:ee:6c:1c:5f:84:e4:b0:87:
85:c6:d1:c9:2c:a8:1f:60:d9:76:99:97:33:41:39:e0:38:a1:
ab:f1:00:f9:62:23:f4:0d:56:7c:76:12:95:74:d7:aa:c0:be:
86:58:a1:65:62:40:06:1b:85:83:17:b5:89:cb:98:6c:28:2f:
0b:94:45:08:1b:8f:ab:a0:6c:5b:e8:ef:7f:bb:aa:40:c3:db:
72:1e:34:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyOv+gqGl6z84svGVT21/vOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMjI0MDgyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjNhODI1MmNjY2IzZDE1NTkxNjIxYWUxMzgxYjliZDI0MTFiNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6Et34a4ufwJQcHn+MbeHSsqbGam
yAgTsbIMocp084sOUcmke4GFpEJfBa+TJhZZeA7aAx2cms6KzsimZ9rwqFphIMBt
ip6dQsO5Bd2KMp7HHBD5FCzvlo8B+4ioquQW3easOw2YOrOow4iYItmr8KikpcaF
9DnZeXs9FvzVSeo5ZHR/Udd5DjzpZEMriC/P1/YtnPyp63QZL4o2BW6R278NVqCx
PM9Q/cNvdkWFSvBjZrRq8W7DtVKSQEgHwy7Rgx4rZk9VF5wg4qOEMlzLRBhwkpNZ
8U6xFutJzRgxPkznLdME5UOLtfNe3GfBjDi1TCH/+VDtFO9b15GwYet+1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFII6glLMyz0VWRYhrhOBub0kEbQAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ2pxQ1VzekxQUlZaRmlHdUU0RzV2U1FSdEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowU+AwQA
owWDAwQAowWVAwQAowW7MA0GCSqGSIb3DQEBCwUAA4IBAQAETtIiv0wrf64MKqBe
pYuEZ4+ClpVjVvZ1iCIHP3DKZraNRAm4txEIoYypkI+pWxZ0n8wLTwY2/OTEfuB/
Z2ZZw/CkLvlDpBlAHHqXwyc7X62FQPMJ1qUDt42qEqw5hjsxdv9t8g16NDpoC5FU
FOt735ViTixZesndD1PF3aAL/Zo1SkxaqCi04TFr/4PrV2MYuyL+quveThBIpsaK
GdjZNVIYc8qnThUacuwv7mwcX4TksIeFxtHJLKgfYNl2mZczQTngOKGr8QD5YiP0
DVZ8dhKVdNeqwL6GWKFlYkAGG4WDF7WJy5hsKC8LlEUIG4+roGxb6O9/u6pAw9ty
HjQ1
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:12 2026 by rpki-client