Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iKxROfAaYTn1ZWRatfgG6sRPouM.roa
File: iKxROfAaYTn1ZWRatfgG6sRPouM.roa (raw, json)
Hash identifier: RKe/Jt0nCEGI8cbX61Dc6q5Adh3bBA1XMm3WmTb0jrY=
Subject key identifier: 88:AC:51:39:F0:1A:61:39:F5:65:64:5A:B5:F8:06:EA:C4:4F:A2:E3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D928D338EE1EA52C48F79AA9A0812878B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iKxROfAaYTn1ZWRatfgG6sRPouM.roa
Signing time: Wed 15 Apr 2026 19:10:20 +0000
ROA not before: Wed 15 Apr 2026 19:10:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.59.0/24 maxlen: 24
163.5.99.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:8d:33:8e:e1:ea:52:c4:8f:79:aa:9a:08:12:87:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 15 19:10:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=88ac5139f01a6139f565645ab5f806eac44fa2e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:37:c5:69:05:0a:32:2f:fd:59:6b:92:2f:af:
fa:b9:b4:80:b9:4e:7e:8b:c5:85:ec:18:73:83:d4:
22:2c:ee:41:f1:ec:b7:e5:87:44:41:b6:85:ee:93:
35:65:88:26:4b:c7:94:a5:5b:af:6c:b8:23:b8:3a:
46:a5:97:ff:25:f4:b9:e8:b0:82:c6:fe:98:b7:f9:
ef:20:4c:d8:2e:6f:8f:55:fc:91:c3:ce:09:6d:1e:
b3:94:1f:47:a5:5a:43:16:87:8a:c8:41:a7:2c:be:
d7:f2:36:3d:42:36:5e:08:dd:c4:9c:6d:bb:05:a2:
d9:95:8f:80:39:63:f0:73:9b:88:b8:06:6c:60:f9:
00:11:67:a6:18:95:c2:c7:ef:9d:43:f1:16:1d:5a:
4f:a7:44:fe:6e:7b:78:5b:58:46:c6:37:bb:77:88:
7a:97:5d:c7:47:5a:9e:b2:34:3d:a9:67:36:ac:87:
e3:6e:7d:70:c0:e0:6d:be:73:66:64:8d:e7:e1:1f:
b4:0a:bc:bb:38:ed:fe:d0:8f:29:11:18:bb:06:c6:
15:77:b6:75:39:f4:29:a3:01:84:10:78:f5:02:c0:
16:4c:b0:76:4b:79:c0:78:dc:29:7a:a1:ab:bc:f4:
58:21:f9:f1:52:1d:11:20:32:e6:4f:eb:7b:7b:b7:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:AC:51:39:F0:1A:61:39:F5:65:64:5A:B5:F8:06:EA:C4:4F:A2:E3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/iKxROfAaYTn1ZWRatfgG6sRPouM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.59.0/24
163.5.99.0/24
163.5.112.0/24
163.5.120.0/23
163.5.129.0/24
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.164.0/24
163.5.167.0/24
163.5.178.0/24
163.5.186.0/24
163.5.196.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
34:6a:e9:65:52:3d:db:af:25:08:e9:63:e3:28:f6:28:96:66:
44:3c:3c:8a:bd:14:f9:60:34:55:9b:81:4f:5b:7f:5b:68:63:
ff:24:21:a6:36:d0:50:72:0b:2b:39:51:75:fe:48:48:b2:39:
e6:30:a4:bb:9e:36:8d:62:07:06:15:57:33:38:0d:0e:52:e7:
04:65:1d:54:dc:4e:3b:2c:de:cf:99:fb:c8:05:15:2f:a5:86:
2f:07:26:9e:d2:07:7a:ee:22:9b:55:05:90:f4:f6:3a:90:c1:
ec:9c:15:33:54:0b:62:82:d9:bb:c2:eb:08:ab:d5:bf:08:b1:
90:ed:f2:28:dd:7f:3b:bc:63:a9:e3:ae:5b:a9:9c:8f:ec:29:
d0:ea:c6:af:00:ef:af:25:48:d7:3f:16:69:2f:b4:ff:86:c7:
f3:1b:a6:d5:45:de:f5:25:da:a1:92:1f:81:3b:d8:b9:ad:90:
c7:5a:66:53:d8:cf:70:43:7f:df:3a:60:cf:23:6a:1d:b7:8b:
2f:cf:85:ab:0d:3c:c2:49:f4:52:f1:4d:da:09:eb:45:e2:53:
b7:ed:88:23:9a:be:69:0d:3f:c8:30:a0:9c:13:87:36:e3:fc:
7e:68:91:93:e3:d3:7f:ee:b7:fc:4b:55:f0:c0:85:8b:24:25:
25:99:b5:95
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ2SjTOO4epSxI95qpoIEoeLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNDE1MTkxMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGFjNTEzOWYwMWE2MTM5ZjU2NTY0NWFiNWY4MDZlYWM0NGZhMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjfFaQUKMi/9WWuSL6/6ubSAuU5+
i8WF7Bhzg9QiLO5B8ey35YdEQbaF7pM1ZYgmS8eUpVuvbLgjuDpGpZf/JfS56LCC
xv6Yt/nvIEzYLm+PVfyRw84JbR6zlB9HpVpDFoeKyEGnLL7X8jY9QjZeCN3EnG27
BaLZlY+AOWPwc5uIuAZsYPkAEWemGJXCx++dQ/EWHVpPp0T+bnt4W1hGxje7d4h6
l13HR1qesjQ9qWc2rIfjbn1wwOBtvnNmZI3n4R+0Cry7OO3+0I8pERi7BsYVd7Z1
OfQpowGEEHj1AsAWTLB2S3nAeNwpeqGrvPRYIfnxUh0RIDLmT+t7e7dZzwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFIisUTnwGmE59WVkWrX4BurET6LjMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaUt4Uk9mQWFZVG4xWldSYXRmZ0c2c1JQb3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAKMF
OwMEAKMFYwMEAKMFcAMEAaMFeAMEAKMFgQMEAKMFhAMEAKMFiwMEAKMFjwMEAKMF
kgMEAKMFlwMEAKMFoAMEAKMFpAMEAKMFpwMEAKMFsgMEAKMFugMEAKMFxAMEAKMF
2gMEAKMF4AMEAKMF5AMEAKMF6QMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEANGrp
ZVI9268lCOlj4yj2KJZmRDw8ir0U+WA0VZuBT1t/W2hj/yQhpjbQUHILKzlRdf5I
SLI55jCku542jWIHBhVXMzgNDlLnBGUdVNxOOyzez5n7yAUVL6WGLwcmntIHeu4i
m1UFkPT2OpDB7JwVM1QLYoLZu8LrCKvVvwixkO3yKN1/O7xjqeOuW6mcj+wp0OrG
rwDvryVI1z8WaS+0/4bH8xum1UXe9SXaoZIfgTvYua2Qx1pmU9jPcEN/3zpgzyNq
HbeLL8+Fqw08wkn0UvFN2gnrReJTt+2II5q+aQ0/yDCgnBOHNuP8fmiRk+PTf+63
/EtV8MCFiyQlJZm1lQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:26:06 2026 by rpki-client