Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/I11I5Ct4Ul9Ba9BKaEoNELRkhOY.roa
File: I11I5Ct4Ul9Ba9BKaEoNELRkhOY.roa (raw, json)
Hash identifier: 7t3VhrTGJ5UUpkg1TBpcecrKSVG93c2keEbKIdx0fx8=
Subject key identifier: 23:5D:48:E4:2B:78:52:5F:41:6B:D0:4A:68:4A:0D:10:B4:64:84:E6
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 019D8F9725366F61AC24998B3C659571F7A3
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/I11I5Ct4Ul9Ba9BKaEoNELRkhOY.roa
Signing time: Wed 15 Apr 2026 05:22:20 +0000
ROA not before: Wed 15 Apr 2026 05:22:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 158.173.3.0/24 maxlen: 24
158.173.4.0/24 maxlen: 24
158.173.5.0/24 maxlen: 24
158.173.6.0/24 maxlen: 24
158.173.7.0/24 maxlen: 24
158.173.16.0/24 maxlen: 24
158.173.17.0/24 maxlen: 24
158.173.18.0/24 maxlen: 24
158.173.19.0/24 maxlen: 24
158.173.20.0/24 maxlen: 24
158.173.21.0/24 maxlen: 24
158.173.22.0/24 maxlen: 24
158.173.23.0/24 maxlen: 24
158.173.24.0/24 maxlen: 24
158.173.25.0/24 maxlen: 24
158.173.32.0/24 maxlen: 24
158.173.33.0/24 maxlen: 24
158.173.44.0/24 maxlen: 24
158.173.45.0/24 maxlen: 24
158.173.46.0/24 maxlen: 24
158.173.47.0/24 maxlen: 24
158.173.55.0/24 maxlen: 24
158.173.67.0/24 maxlen: 24
158.173.72.0/24 maxlen: 24
158.173.73.0/24 maxlen: 24
158.173.76.0/24 maxlen: 24
158.173.88.0/24 maxlen: 24
158.173.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8f:97:25:36:6f:61:ac:24:99:8b:3c:65:95:71:f7:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Apr 15 05:22:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=235d48e42b78525f416bd04a684a0d10b46484e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b1:5a:a0:f9:08:17:d7:be:d0:e9:ad:8f:92:
8b:1b:35:83:7f:c2:30:de:bf:21:c1:3e:65:37:4f:
65:e7:05:4d:b4:fa:71:f5:f4:93:2a:f5:39:d1:a8:
a8:f2:29:9c:0b:ba:84:07:99:b4:92:6f:c9:04:d9:
14:ee:de:82:05:10:93:01:22:d9:b2:a7:5f:f9:3f:
8a:bd:ad:96:83:95:15:b9:9e:b7:cd:f5:b1:5d:bb:
6b:2e:92:c4:78:35:51:43:b4:bb:bc:dd:c3:aa:1a:
3e:c8:4e:e9:7c:a4:5d:02:b9:67:14:2d:74:a0:33:
15:a3:d9:86:3c:0a:9d:4e:7d:d5:bb:03:5e:3d:f0:
f8:07:df:70:00:e1:5b:16:88:56:c2:34:ec:56:22:
da:8e:f3:b3:dd:07:79:03:61:e1:6a:d0:a5:e8:03:
1c:16:bd:49:e0:ee:0b:f0:d6:3c:d8:9c:33:a5:31:
ff:34:3e:11:ab:5d:bd:63:c9:54:5b:78:87:41:b4:
ed:d2:0f:a9:63:82:fe:04:73:d9:5c:3a:e9:26:ec:
b7:48:39:1c:62:08:77:a0:b3:9f:aa:4d:7a:0f:e8:
bb:c2:f2:86:6e:eb:80:99:49:5b:89:3b:6d:53:42:
a9:fe:e7:b3:94:3f:30:d0:ca:0f:9f:f6:00:56:7e:
04:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5D:48:E4:2B:78:52:5F:41:6B:D0:4A:68:4A:0D:10:B4:64:84:E6
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/I11I5Ct4Ul9Ba9BKaEoNELRkhOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.3.0-158.173.7.255
158.173.16.0-158.173.25.255
158.173.32.0/23
158.173.44.0/22
158.173.55.0/24
158.173.67.0/24
158.173.72.0/23
158.173.76.0/24
158.173.88.0/23
Signature Algorithm: sha256WithRSAEncryption
87:cb:d9:17:d0:e7:95:2d:c9:e8:78:9c:40:98:49:18:ce:54:
49:c0:e3:5a:64:84:ec:a1:a2:f3:e4:e0:1a:d3:68:4f:d2:d2:
5c:b8:79:4f:e1:0a:31:4c:dc:d7:a7:4e:0e:22:99:78:e2:01:
a7:15:8b:8e:50:b8:84:c0:75:5c:1e:1f:61:78:35:34:c9:83:
5c:ba:9f:90:6d:70:b4:8b:80:ae:48:74:1f:2b:6c:93:2d:57:
54:ea:af:ce:32:54:d8:8f:f0:53:77:e9:38:71:e3:89:83:35:
58:25:a0:97:cd:71:ac:dd:d3:21:95:19:a0:c6:cb:b9:9a:a5:
2d:47:25:c0:b9:9a:84:0a:7a:08:71:93:10:d7:05:63:fc:8e:
bc:91:ae:5d:bb:0b:79:bb:aa:fc:d4:19:04:1c:96:c7:47:4c:
20:7a:e0:6b:40:3b:28:33:0d:07:88:05:46:8b:7a:a5:77:01:
9a:40:07:a5:90:2a:92:0c:13:73:7b:c9:9e:43:92:c5:db:97:
2d:cc:76:34:92:5f:0b:5b:70:91:3f:65:0d:4b:6c:f8:3c:5c:
bd:bf:05:81:5c:a1:bf:26:a1:e4:1a:2e:10:b6:8a:99:fe:db:
f0:70:98:61:fc:e9:49:da:4d:4b:5c:b1:79:a2:e1:f5:f1:9f:
00:68:2a:d4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ2PlyU2b2GsJJmLPGWVcfejMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjYwNDE1MDUyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVkNDhlNDJiNzg1MjVmNDE2YmQwNGE2ODRhMGQxMGI0NjQ4NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bFaoPkIF9e+0Omtj5KLGzWDf8Iw
3r8hwT5lN09l5wVNtPpx9fSTKvU50aio8imcC7qEB5m0km/JBNkU7t6CBRCTASLZ
sqdf+T+Kva2Wg5UVuZ63zfWxXbtrLpLEeDVRQ7S7vN3Dqho+yE7pfKRdArlnFC10
oDMVo9mGPAqdTn3VuwNePfD4B99wAOFbFohWwjTsViLajvOz3Qd5A2HhatCl6AMc
Fr1J4O4L8NY82JwzpTH/ND4Rq129Y8lUW3iHQbTt0g+pY4L+BHPZXDrpJuy3SDkc
Ygh3oLOfqk16D+i7wvKGbuuAmUlbiTttU0Kp/uezlD8w0MoPn/YAVn4EuwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCNdSOQreFJfQWvQSmhKDRC0ZITmMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvSTExSTVDdDRVbDlCYTlCS2FFb05FTFJraE9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBACerQMD
BAOerQAwDAMEBJ6tEAMEAZ6tGAMEAZ6tIAMEAp6tLAMEAJ6tNwMEAJ6tQwMEAZ6t
SAMEAJ6tTAMEAZ6tWDANBgkqhkiG9w0BAQsFAAOCAQEAh8vZF9DnlS3J6HicQJhJ
GM5UScDjWmSE7KGi8+TgGtNoT9LSXLh5T+EKMUzc16dODiKZeOIBpxWLjlC4hMB1
XB4fYXg1NMmDXLqfkG1wtIuArkh0Hytsky1XVOqvzjJU2I/wU3fpOHHjiYM1WCWg
l81xrN3TIZUZoMbLuZqlLUclwLmahAp6CHGTENcFY/yOvJGuXbsLebuq/NQZBByW
x0dMIHrga0A7KDMNB4gFRot6pXcBmkAHpZAqkgwTc3vJnkOSxduXLcx2NJJfC1tw
kT9lDUts+Dxcvb8FgVyhvyah5BouELaKmf7b8HCYYfzpSdpNS1yxeaLh9fGfAGgq
1A==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:50:45 2026 by rpki-client