Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qfwNWVEaXR3gVRXExIBGg5xdtMc.roa
File: qfwNWVEaXR3gVRXExIBGg5xdtMc.roa (raw, json)
Hash identifier: idwPRfFvTEFc+U29fbSK5uI/pwnTcfCB0scVcFJrtis=
Subject key identifier: A9:FC:0D:59:51:1A:5D:1D:E0:55:15:C4:C4:80:46:83:9C:5D:B4:C7
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019C291CDFCF1B1D7CB5BB1F2436F0EB71E0
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qfwNWVEaXR3gVRXExIBGg5xdtMc.roa
Signing time: Wed 04 Feb 2026 14:44:44 +0000
ROA not before: Wed 04 Feb 2026 14:44:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 395793
IP address blocks: 163.5.17.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:29:1c:df:cf:1b:1d:7c:b5:bb:1f:24:36:f0:eb:71:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 4 14:44:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a9fc0d59511a5d1de05515c4c48046839c5db4c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:aa:b9:f8:b4:f2:44:b4:7b:1d:18:e8:4f:f1:
49:0d:65:7b:25:0a:aa:18:a3:25:06:b4:14:23:d4:
12:69:93:ad:0c:a2:62:b0:65:13:00:94:c1:41:e8:
79:1a:f6:cc:8b:c8:54:76:85:cb:e2:94:d2:38:3e:
3a:1e:1d:8e:12:87:46:53:8a:99:f1:aa:91:8d:de:
60:b3:a2:65:3c:d4:e3:e1:01:92:70:a4:4a:e4:ab:
b3:c7:15:9c:a6:00:ba:9b:12:0c:7e:71:b9:dd:76:
0b:1c:10:3d:41:51:23:e9:fc:dc:2f:4c:37:85:a9:
50:e5:a8:a6:56:dc:40:72:8f:e4:60:1a:26:b5:72:
52:2c:3c:22:dd:a6:85:fc:6f:a1:b7:c4:a7:93:13:
42:e3:dd:56:83:51:e5:3a:6b:24:57:b8:95:82:82:
25:1a:99:b1:a4:27:dd:0e:b5:9e:68:31:66:43:5f:
f1:e5:8f:48:ba:7e:37:e3:0e:29:95:dd:74:90:79:
7a:35:1d:46:cb:cf:e1:67:b7:7a:bc:42:c9:93:65:
4f:28:4f:ca:54:b4:1e:48:3a:09:60:b6:39:fc:8c:
7a:1c:69:8a:5b:b9:14:e0:c1:b9:36:5f:d7:1d:c6:
52:e0:05:57:88:bf:49:81:c9:7b:69:71:ca:6f:99:
b1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:FC:0D:59:51:1A:5D:1D:E0:55:15:C4:C4:80:46:83:9C:5D:B4:C7
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/qfwNWVEaXR3gVRXExIBGg5xdtMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.17.0/24
163.5.25.0/24
163.5.35.0/24
163.5.40.0/24
163.5.44.0/24
163.5.110.0/24
163.5.126.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:07:72:28:3f:73:6c:f8:0b:74:82:1a:f7:d5:cf:1a:f3:b0:
7c:fe:96:12:db:35:f0:e2:9c:02:cb:a2:fc:98:50:b5:01:36:
e9:b8:7b:1e:b5:69:cb:70:b8:d0:24:3e:9d:4a:e4:81:e5:b1:
3e:f7:1f:05:83:10:10:8f:8a:ee:d8:7e:18:54:e0:59:c8:54:
d2:41:9f:a1:4f:33:af:5f:b5:60:f9:88:37:dc:54:85:1c:bf:
f3:3a:ce:78:3d:58:37:62:40:6f:6e:b4:50:f8:0a:6d:57:e6:
9f:fa:97:7f:77:1f:41:c9:b8:ab:34:d4:66:3e:3b:3b:40:c9:
2b:cf:9f:bb:c1:a6:9a:9a:f4:ae:4b:f4:e1:b2:65:81:45:38:
5b:40:f4:b3:07:17:a2:c2:a2:f3:8a:fa:57:15:2d:1c:a0:dd:
43:db:ad:0e:9d:10:e3:68:f3:84:83:5e:28:55:c6:31:fa:21:
a1:57:ed:ad:36:ed:33:49:fb:f6:2f:1a:9b:9c:cd:c9:73:0d:
51:22:98:02:e5:3b:a7:6f:92:c9:ec:e7:11:dd:8c:15:0b:dd:
b9:a1:db:a4:69:4f:6e:64:ad:31:53:98:b6:29:03:d5:37:b9:
9f:63:9c:f6:dc:62:f2:ab:c9:c5:07:04:5a:5c:e6:5d:c7:93:
98:1b:91:9b
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZwpHN/PGx18tbsfJDbw63HgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMjA0MTQ0NDQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWZjMGQ1OTUxMWE1ZDFkZTA1NTE1YzRjNDgwNDY4MzljNWRiNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6q5+LTyRLR7HRjoT/FJDWV7JQqq
GKMlBrQUI9QSaZOtDKJisGUTAJTBQeh5GvbMi8hUdoXL4pTSOD46Hh2OEodGU4qZ
8aqRjd5gs6JlPNTj4QGScKRK5KuzxxWcpgC6mxIMfnG53XYLHBA9QVEj6fzcL0w3
halQ5aimVtxAco/kYBomtXJSLDwi3aaF/G+ht8SnkxNC491Wg1HlOmskV7iVgoIl
GpmxpCfdDrWeaDFmQ1/x5Y9Iun434w4pld10kHl6NR1Gy8/hZ7d6vELJk2VPKE/K
VLQeSDoJYLY5/Ix6HGmKW7kU4MG5Nl/XHcZS4AVXiL9Jgcl7aXHKb5mxBQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKn8DVlRGl0d4FUVxMSARoOcXbTHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcWZ3TldWRWFYUjNnVlJYRXhJQkdnNXhkdE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowURAwQA
owUZAwQAowUjAwQAowUoAwQAowUsAwQAowVuAwQAowV+AwQAowX9MA0GCSqGSIb3
DQEBCwUAA4IBAQCbB3IoP3Ns+At0ghr31c8a87B8/pYS2zXw4pwCy6L8mFC1ATbp
uHsetWnLcLjQJD6dSuSB5bE+9x8FgxAQj4ru2H4YVOBZyFTSQZ+hTzOvX7Vg+Yg3
3FSFHL/zOs54PVg3YkBvbrRQ+AptV+af+pd/dx9BybirNNRmPjs7QMkrz5+7waaa
mvSuS/ThsmWBRThbQPSzBxeiwqLzivpXFS0coN1D260OnRDjaPOEg14oVcYx+iGh
V+2tNu0zSfv2LxqbnM3Jcw1RIpgC5Tunb5LJ7OcR3YwVC925odukaU9uZK0xU5i2
KQPVN7mfY5z23GLyq8nFBwRaXOZdx5OYG5Gb
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:02 2026 by rpki-client