Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/rti6tjnaJyfv_Ylmdsnl4AB3DYs.roa
File: rti6tjnaJyfv_Ylmdsnl4AB3DYs.roa (raw, json)
Hash identifier: RksYRj9xScfDwNjU2z8C2o8FShcQoua9yZqEvSMWJ+M=
Subject key identifier: AE:D8:BA:B6:39:DA:27:27:EF:FD:89:66:76:C9:E5:E0:00:77:0D:8B
Certificate issuer: /CN=becec531e5c37756b828663f9cc20ad6217713ac
Certificate serial: 019B7BA51048C1C8B44ED190020BDA9CE424
Authority key identifier: BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/rti6tjnaJyfv_Ylmdsnl4AB3DYs.roa
Signing time: Thu 01 Jan 2026 22:19:33 +0000
ROA not before: Thu 01 Jan 2026 22:19:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 164.133.4.0/24 maxlen: 24
164.133.10.0/24 maxlen: 24
164.133.11.0/24 maxlen: 24
164.133.91.0/24 maxlen: 24
164.133.98.0/24 maxlen: 24
164.133.99.0/24 maxlen: 24
164.133.150.0/24 maxlen: 24
164.133.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a5:10:48:c1:c8:b4:4e:d1:90:02:0b:da:9c:e4:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=becec531e5c37756b828663f9cc20ad6217713ac
Validity
Not Before: Jan 1 22:19:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aed8bab639da2727effd896676c9e5e000770d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b3:19:43:c6:6f:82:55:ba:04:75:ad:2a:ce:
b0:f6:70:1d:8f:9a:20:5f:33:5f:3f:a2:8c:d2:d5:
6a:8e:85:08:f5:1b:25:e5:79:da:e6:bf:61:e1:e8:
db:3d:3a:71:c7:cf:a3:70:5a:11:42:d8:70:be:c3:
40:ff:a1:50:d3:42:85:cc:57:02:2c:25:af:36:4c:
88:df:4c:8c:b1:55:bd:a2:45:05:e1:6a:3d:7b:67:
b2:5f:d7:37:92:2a:df:97:a3:f2:71:0e:9d:ac:08:
51:32:99:01:6a:cc:4e:31:7d:7a:a6:47:98:62:53:
21:46:98:af:8e:f3:06:27:a2:aa:43:cf:df:9c:ae:
de:6c:fc:ca:a3:29:9a:88:fd:b8:ee:b7:cd:f5:c8:
2e:29:54:b7:b4:70:40:c0:14:37:24:d2:a0:f2:ce:
5b:a5:e2:ed:94:a0:be:3f:c9:2b:c4:e1:bb:ea:6a:
59:26:b9:6e:9e:03:10:0e:67:2e:6c:b1:66:31:6f:
5c:d6:e8:17:7b:f4:fb:f6:29:66:76:70:87:a5:91:
b3:c0:06:af:2b:c3:85:86:7b:4e:db:62:0a:a6:ea:
62:10:d0:73:cf:fa:6b:62:61:cf:4e:56:17:ef:cb:
b5:f3:a8:80:47:64:3d:59:50:08:8e:23:9e:27:d1:
62:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D8:BA:B6:39:DA:27:27:EF:FD:89:66:76:C9:E5:E0:00:77:0D:8B
X509v3 Authority Key Identifier:
keyid:BE:CE:C5:31:E5:C3:77:56:B8:28:66:3F:9C:C2:0A:D6:21:77:13:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vs7FMeXDd1a4KGY_nMIK1iF3E6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/rti6tjnaJyfv_Ylmdsnl4AB3DYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/1bcb8b-a3f8-48cc-8db9-3df9e21f4bcc/1/vs7FMeXDd1a4KGY_nMIK1iF3E6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.133.4.0/24
164.133.10.0/23
164.133.91.0/24
164.133.98.0/23
164.133.150.0/24
164.133.154.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:dd:8f:8a:0a:6f:87:a4:17:ef:ad:7f:8b:fd:d4:6b:0d:7d:
b9:cc:9d:a1:32:4f:af:b5:c9:ea:d9:bb:3a:46:05:cf:12:c5:
e6:2d:fa:9f:50:26:8f:af:5c:b0:b2:05:06:03:0b:0f:33:9f:
be:8e:a5:c5:ab:1c:89:48:14:cb:1b:9b:e2:e7:54:11:39:0e:
f5:b8:e9:40:e5:2b:19:b4:cc:f2:b2:b6:f2:c3:4c:0c:79:0b:
af:c1:ae:a6:e7:5d:a2:b4:20:68:d1:3e:d3:df:63:5c:14:f0:
6a:b0:79:e7:9f:5c:a8:87:00:e7:c1:69:50:55:8c:23:fb:3e:
61:2e:36:53:bd:db:eb:9b:df:2e:63:ac:c5:54:8f:19:26:d5:
32:44:09:c1:79:3d:74:db:50:d2:3d:18:b8:56:86:7a:e7:76:
ed:8c:b6:93:bf:4f:b7:00:fa:80:e2:71:1c:65:c5:ed:82:c4:
bb:42:2e:4e:43:d6:34:9f:85:b6:2c:d9:6f:4e:90:7b:2d:3f:
e6:9a:b5:ce:f5:94:c9:ea:c5:72:31:27:a8:7e:a4:56:f6:f5:
3b:2f:90:6d:3b:a2:17:be:1f:49:f4:26:9b:c1:1f:97:67:64:
ef:4f:bd:4d:17:1b:89:de:b1:0f:6e:58:e5:10:7e:99:f4:e0:
87:0f:ee:fb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZt7pRBIwci0TtGQAgvanOQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlY2VjNTMxZTVjMzc3NTZiODI4NjYzZjljYzIwYWQ2MjE3
NzEzYWMwHhcNMjYwMTAxMjIxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWQ4YmFiNjM5ZGEyNzI3ZWZmZDg5NjY3NmM5ZTVlMDAwNzcwZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7MZQ8ZvglW6BHWtKs6w9nAdj5og
XzNfP6KM0tVqjoUI9Rsl5Xna5r9h4ejbPTpxx8+jcFoRQthwvsNA/6FQ00KFzFcC
LCWvNkyI30yMsVW9okUF4Wo9e2eyX9c3kirfl6PycQ6drAhRMpkBasxOMX16pkeY
YlMhRpivjvMGJ6KqQ8/fnK7ebPzKoymaiP247rfN9cguKVS3tHBAwBQ3JNKg8s5b
peLtlKC+P8krxOG76mpZJrlungMQDmcubLFmMW9c1ugXe/T79ilmdnCHpZGzwAav
K8OFhntO22IKpupiENBzz/prYmHPTlYX78u186iAR2Q9WVAIjiOeJ9Fi5wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK7YurY52icn7/2JZnbJ5eAAdw2LMB8GA1UdIwQY
MBaAFL7OxTHlw3dWuChmP5zCCtYhdxOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjkt
M2RmOWUyMWY0YmNjLzEvcnRpNnRqbmFKeWZ2X1lsbWRzbmw0QUIzRFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8xYmNiOGItYTNmOC00OGNjLThkYjktM2RmOWUyMWY0YmNj
LzEvdnM3Rk1lWERkMWE0S0dZX25NSUsxaUYzRTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQApIUEAwQB
pIUKAwQApIVbAwQBpIViAwQApIWWAwQApIWaMA0GCSqGSIb3DQEBCwUAA4IBAQBt
3Y+KCm+HpBfvrX+L/dRrDX25zJ2hMk+vtcnq2bs6RgXPEsXmLfqfUCaPr1ywsgUG
AwsPM5++jqXFqxyJSBTLG5vi51QROQ71uOlA5SsZtMzysrbyw0wMeQuvwa6m512i
tCBo0T7T32NcFPBqsHnnn1yohwDnwWlQVYwj+z5hLjZTvdvrm98uY6zFVI8ZJtUy
RAnBeT1021DSPRi4VoZ653btjLaTv0+3APqA4nEcZcXtgsS7Qi5OQ9Y0n4W2LNlv
TpB7LT/mmrXO9ZTJ6sVyMSeofqRW9vU7L5BtO6IXvh9J9CabwR+XZ2TvT71NFxuJ
3rEPbljlEH6Z9OCHD+77
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:18 2026 by rpki-client