Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/14uGQ8WMqrRLKyUZ9kqWu4j1e8M.roa
File: 14uGQ8WMqrRLKyUZ9kqWu4j1e8M.roa (raw, json)
Hash identifier: Qnr3eRkYvbDJQKaS1S3aGvCVrdkDT01CmCbfF6l/2Gg=
Subject key identifier: D7:8B:86:43:C5:8C:AA:B4:4B:2B:25:19:F6:4A:96:BB:88:F5:7B:C3
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 019C14013A11C83AB59616671FEDD240AEB9
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/14uGQ8WMqrRLKyUZ9kqWu4j1e8M.roa
Signing time: Sat 31 Jan 2026 12:22:30 +0000
ROA not before: Sat 31 Jan 2026 12:22:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214998
IP address blocks: 5.160.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:14:01:3a:11:c8:3a:b5:96:16:67:1f:ed:d2:40:ae:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Jan 31 12:22:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d78b8643c58caab44b2b2519f64a96bb88f57bc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:71:f2:f9:d3:c5:5c:6a:be:4a:01:b3:3b:2b:
c5:78:a1:09:77:cf:8e:4e:6e:95:99:90:82:3b:97:
e7:05:fe:0d:28:9b:0e:f2:bb:da:17:e9:97:53:ac:
75:0f:6b:ee:a4:71:d2:4b:46:ce:6b:b3:ec:fe:e1:
aa:1d:fd:9f:a6:a1:86:83:5c:3a:10:65:3d:4b:b3:
b9:17:f4:1f:06:5b:dc:e3:f1:a1:92:30:a8:96:eb:
15:ed:89:65:31:0b:71:dc:8f:57:15:1a:81:b8:a5:
32:74:2b:33:65:78:84:b0:ff:a9:38:bf:49:e1:e0:
fe:31:ac:8e:c3:59:6b:27:f7:0c:e3:c4:cb:74:0e:
11:86:c9:96:2e:88:fd:48:85:36:d1:03:85:d0:c0:
3d:fc:2f:d3:4c:00:29:48:56:48:69:b6:83:a1:60:
9f:04:c6:59:40:0c:eb:9b:6c:ac:c9:1a:5c:1b:b3:
4a:a3:5b:bf:57:f2:e3:6a:78:78:a4:77:43:1b:27:
47:2a:e1:fa:53:a4:dd:b4:ae:f7:99:00:74:2b:51:
4f:2b:4f:fb:30:52:df:d2:9f:07:70:96:0e:a8:4a:
90:88:a3:25:70:7f:64:8a:e0:35:c7:3d:67:f1:cb:
94:fb:53:a0:ae:41:a5:75:e1:25:0f:f2:02:e3:7e:
7d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8B:86:43:C5:8C:AA:B4:4B:2B:25:19:F6:4A:96:BB:88:F5:7B:C3
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/14uGQ8WMqrRLKyUZ9kqWu4j1e8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.149.0/24
Signature Algorithm: sha256WithRSAEncryption
16:bf:fa:a6:b4:c0:fd:cc:03:26:17:52:cf:2e:2c:dd:e3:48:
97:d5:5c:a1:c4:9f:fc:d2:83:3a:1d:4c:ac:27:95:16:7e:a9:
2e:e1:e4:0e:ac:0a:3c:fb:64:b2:6e:f9:33:ed:2f:f0:df:2e:
df:d6:15:af:66:32:a1:c2:2c:a6:6b:7b:4b:16:0e:1d:89:f0:
9e:ca:2b:55:cc:38:03:18:da:67:a1:f4:16:f9:e3:c4:3a:cb:
5d:2a:3c:e8:ed:4c:d1:fd:22:a0:a9:71:f2:f9:a4:15:f7:8f:
72:4f:fc:bf:09:85:ca:8c:d6:21:a4:95:a0:6e:4f:d7:9c:6d:
69:40:db:41:a6:d5:56:a0:28:c7:e6:1e:d1:b2:14:64:35:40:
7e:7d:d2:6c:1d:2f:4a:7a:3c:76:10:c8:27:95:f2:8b:47:21:
af:57:cf:ad:ce:32:f9:db:e9:5b:f6:8e:2b:56:78:69:2f:f0:
91:77:9d:53:ee:68:0a:8b:67:04:17:6a:06:c0:90:b3:b0:57:
24:8d:f0:a4:45:de:79:33:f4:40:b4:c4:5c:af:5f:45:c2:15:
df:92:92:70:5f:0d:90:30:52:dc:60:c8:05:49:4a:bc:1d:a4:
f6:7f:39:75:90:40:7e:d2:a3:68:25:91:3e:8a:e1:ab:66:e6:
5c:e8:32:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwUAToRyDq1lhZnH+3SQK65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjYwMTMxMTIyMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzhiODY0M2M1OGNhYWI0NGIyYjI1MTlmNjRhOTZiYjg4ZjU3YmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13Hy+dPFXGq+SgGzOyvFeKEJd8+O
Tm6VmZCCO5fnBf4NKJsO8rvaF+mXU6x1D2vupHHSS0bOa7Ps/uGqHf2fpqGGg1w6
EGU9S7O5F/QfBlvc4/GhkjColusV7YllMQtx3I9XFRqBuKUydCszZXiEsP+pOL9J
4eD+MayOw1lrJ/cM48TLdA4RhsmWLoj9SIU20QOF0MA9/C/TTAApSFZIabaDoWCf
BMZZQAzrm2ysyRpcG7NKo1u/V/Ljanh4pHdDGydHKuH6U6TdtK73mQB0K1FPK0/7
MFLf0p8HcJYOqEqQiKMlcH9kiuA1xz1n8cuU+1OgrkGldeElD/IC4359cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNeLhkPFjKq0SyslGfZKlruI9XvDMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvMTR1R1E4V01xclJMS3lVWjlrcVd1NGoxZThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaCVMA0G
CSqGSIb3DQEBCwUAA4IBAQAWv/qmtMD9zAMmF1LPLizd40iX1VyhxJ/80oM6HUys
J5UWfqku4eQOrAo8+2Sybvkz7S/w3y7f1hWvZjKhwiyma3tLFg4difCeyitVzDgD
GNpnofQW+ePEOstdKjzo7UzR/SKgqXHy+aQV949yT/y/CYXKjNYhpJWgbk/XnG1p
QNtBptVWoCjH5h7RshRkNUB+fdJsHS9Kejx2EMgnlfKLRyGvV8+tzjL52+lb9o4r
VnhpL/CRd51T7mgKi2cEF2oGwJCzsFckjfCkRd55M/RAtMRcr19FwhXfkpJwXw2Q
MFLcYMgFSUq8HaT2fzl1kEB+0qNoJZE+iuGrZuZc6DI8
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:45:31 2026 by rpki-client