Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j5_sPOwetKD4Nc2dfhf7nHcmhwA.roa
File: j5_sPOwetKD4Nc2dfhf7nHcmhwA.roa (raw, json)
Hash identifier: NbiFTERH43UXdryNyd3g/mgzd2x5HyeGc/L0TqUxozw=
Subject key identifier: 8F:9F:EC:3C:EC:1E:B4:A0:F8:35:CD:9D:7E:17:FB:9C:77:26:87:00
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019C4C27A7C8357B8EC668FEC1FBE0650723
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j5_sPOwetKD4Nc2dfhf7nHcmhwA.roa
Signing time: Wed 11 Feb 2026 10:03:13 +0000
ROA not before: Wed 11 Feb 2026 10:03:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 163.5.39.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.153.0/24 maxlen: 24
163.5.154.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.177.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
163.5.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:27:a7:c8:35:7b:8e:c6:68:fe:c1:fb:e0:65:07:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 11 10:03:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f9fec3cec1eb4a0f835cd9d7e17fb9c77268700
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9d:c7:70:cf:5d:84:c4:ce:fb:72:5e:ec:29:
d7:cb:8b:83:85:86:7d:12:9c:e6:e2:8d:59:2e:33:
5a:5c:15:45:d4:4f:f0:fc:85:92:25:95:0c:ed:31:
93:8f:d6:71:00:1a:10:75:ac:db:00:07:ed:ce:d1:
ac:d6:88:61:92:61:ed:05:03:3f:7f:f7:35:ae:a3:
b2:6c:62:7c:43:bb:73:5f:a1:88:f5:16:07:ce:3e:
25:04:c0:c4:4b:88:fc:43:44:a2:dd:f5:40:d9:c8:
77:94:c3:bf:8a:f6:be:36:72:ad:23:d9:11:96:76:
1b:4b:a2:cb:bb:cf:f3:bf:ea:d4:be:f6:fa:8a:d7:
dd:fe:19:e1:da:de:e4:a4:9c:0a:15:81:78:a1:40:
65:e3:4e:cc:47:df:b4:f9:1c:a9:fe:d5:21:e8:53:
17:d6:8e:33:6e:14:b5:81:11:b6:32:ec:8a:1d:16:
75:15:d3:7f:2f:6c:39:5f:f2:2f:41:45:ee:06:e0:
7f:db:94:a3:f9:ed:a8:b4:03:d2:0c:75:66:64:bc:
a4:99:72:d6:7b:e3:08:5c:b5:fb:bd:05:74:db:28:
8d:60:3b:09:29:a6:04:6e:0f:fa:47:4d:90:32:e4:
f2:15:20:66:a5:a6:b0:32:36:6a:d2:7a:bf:d3:0f:
38:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:9F:EC:3C:EC:1E:B4:A0:F8:35:CD:9D:7E:17:FB:9C:77:26:87:00
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/j5_sPOwetKD4Nc2dfhf7nHcmhwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.39.0/24
163.5.88.0/24
163.5.90.0/24
163.5.100.0/24
163.5.114.0/24
163.5.117.0/24
163.5.130.0/24
163.5.147.0/24
163.5.153.0-163.5.154.255
163.5.174.0/24
163.5.177.0/24
163.5.189.0/24
163.5.226.0/23
163.5.240.0/24
163.5.243.0/24
163.5.252.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f6:b0:94:1d:2e:ef:52:fd:7c:ae:ae:09:8f:7c:92:16:f3:
c2:ee:30:47:83:86:f7:7b:cc:a6:28:6a:89:05:b4:ae:a0:de:
f3:33:58:b0:18:5d:e6:ee:23:63:9b:fd:a5:8f:2e:33:6c:cb:
ad:db:80:1b:62:0d:7e:46:52:3e:49:1d:f3:7e:6e:09:e0:cd:
97:ce:fb:ab:1a:fa:2c:f7:4f:47:67:f0:32:e6:37:9a:ee:44:
97:49:9c:e3:b2:9b:28:1a:c1:c5:16:15:3a:af:3f:58:85:89:
bc:0d:db:8a:90:61:7d:26:7a:51:f5:2a:23:d0:26:38:01:e6:
a9:5d:c6:9d:0a:06:ab:7b:38:0e:fa:3b:c8:ef:4b:00:f3:76:
32:61:21:ca:8d:fa:33:45:b7:22:74:cd:e7:25:02:a0:bf:c2:
09:77:e5:db:be:60:47:9a:b1:c3:e5:1b:fb:c2:6c:cf:42:93:
a4:2a:b6:6e:fe:80:75:59:47:4d:2d:43:11:df:56:cf:36:6b:
ab:67:55:a0:ed:3c:aa:47:f0:d5:79:a5:f6:c5:00:73:6f:a7:
34:73:86:23:96:d8:b8:86:c4:eb:20:9f:4c:ee:d3:4d:2b:f0:
0c:59:40:59:0f:b2:89:d1:22:17:e2:95:d4:4e:d6:79:b8:21:
4f:46:a8:60
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZxMJ6fINXuOxmj+wfvgZQcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMjExMTAwMzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjlmZWMzY2VjMWViNGEwZjgzNWNkOWQ3ZTE3ZmI5Yzc3MjY4NzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyp3HcM9dhMTO+3Je7CnXy4uDhYZ9
Epzm4o1ZLjNaXBVF1E/w/IWSJZUM7TGTj9ZxABoQdazbAAftztGs1ohhkmHtBQM/
f/c1rqOybGJ8Q7tzX6GI9RYHzj4lBMDES4j8Q0Si3fVA2ch3lMO/iva+NnKtI9kR
lnYbS6LLu8/zv+rUvvb6itfd/hnh2t7kpJwKFYF4oUBl407MR9+0+Ryp/tUh6FMX
1o4zbhS1gRG2MuyKHRZ1FdN/L2w5X/IvQUXuBuB/25Sj+e2otAPSDHVmZLykmXLW
e+MIXLX7vQV02yiNYDsJKaYEbg/6R02QMuTyFSBmpaawMjZq0nq/0w84uQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFI+f7DzsHrSg+DXNnX4X+5x3JocAMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvajVfc1BPd2V0S0Q0TmMyZGZoZjduSGNtaHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAKMFJwME
AKMFWAMEAKMFWgMEAKMFZAMEAKMFcgMEAKMFdQMEAKMFggMEAKMFkzAMAwQAowWZ
AwQAowWaAwQAowWuAwQAowWxAwQAowW9AwQBowXiAwQAowXwAwQAowXzAwQAowX8
MA0GCSqGSIb3DQEBCwUAA4IBAQBs9rCUHS7vUv18rq4Jj3ySFvPC7jBHg4b3e8ym
KGqJBbSuoN7zM1iwGF3m7iNjm/2ljy4zbMut24AbYg1+RlI+SR3zfm4J4M2Xzvur
Gvos909HZ/Ay5jea7kSXSZzjspsoGsHFFhU6rz9YhYm8DduKkGF9JnpR9Soj0CY4
AeapXcadCgarezgO+jvI70sA83YyYSHKjfozRbcidM3nJQKgv8IJd+XbvmBHmrHD
5Rv7wmzPQpOkKrZu/oB1WUdNLUMR31bPNmurZ1Wg7TyqR/DVeaX2xQBzb6c0c4Yj
lti4hsTrIJ9M7tNNK/AMWUBZD7KJ0SIX4pXUTtZ5uCFPRqhg
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:19 2026 by rpki-client