Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/I5HXYRGafW864Tb2HhIYS0551Bc.roa
File: I5HXYRGafW864Tb2HhIYS0551Bc.roa (raw, json)
Hash identifier: VTZUvDs+USpku14l3sfvCJeSXqWckg4mO3VDUzr27hM=
Subject key identifier: 23:91:D7:61:11:9A:7D:6F:3A:E1:36:F6:1E:12:18:4B:4E:79:D4:17
Certificate issuer: /CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Certificate serial: 019E1B9DF31BD2FAD054E7B2EBE1267D1713
Authority key identifier: 6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/I5HXYRGafW864Tb2HhIYS0551Bc.roa
Signing time: Tue 12 May 2026 09:56:36 +0000
ROA not before: Tue 12 May 2026 09:56:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213705
IP address blocks: 153.51.160.0/22 maxlen: 22
153.51.168.0/24 maxlen: 24
153.51.169.0/24 maxlen: 24
153.51.171.0/24 maxlen: 24
153.51.172.0/22 maxlen: 22
153.51.176.0/24 maxlen: 24
153.51.177.0/24 maxlen: 24
153.51.178.0/24 maxlen: 24
153.51.179.0/24 maxlen: 24
153.51.180.0/24 maxlen: 24
153.51.181.0/24 maxlen: 24
153.51.182.0/24 maxlen: 24
153.51.183.0/24 maxlen: 24
153.51.188.0/24 maxlen: 24
153.51.189.0/24 maxlen: 24
153.51.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1b:9d:f3:1b:d2:fa:d0:54:e7:b2:eb:e1:26:7d:17:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Validity
Not Before: May 12 09:56:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2391d761119a7d6f3ae136f61e12184b4e79d417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:4d:da:64:34:04:0c:04:8b:46:85:bd:45:
a2:0f:d2:36:c9:bf:d5:e4:5f:51:75:c8:08:f0:3a:
f4:ad:25:8e:f8:a9:b1:f3:c4:cd:f4:ea:b7:a4:f2:
ae:f5:16:9d:9a:d9:ed:b7:03:16:67:0d:c2:5c:b6:
57:2e:33:0c:80:61:86:78:94:bc:08:58:b5:17:b7:
24:6a:e3:10:93:f2:cd:7f:40:6a:b2:dc:de:ca:29:
31:4e:bf:ed:c3:0b:c3:f6:81:ca:b6:b0:72:84:13:
c0:3b:48:3d:83:aa:98:6a:cb:55:d9:a1:dd:48:88:
f6:d0:4a:56:c6:1a:e2:b7:40:1a:4d:90:aa:9b:2d:
5c:b7:b5:a5:90:48:6b:de:99:a7:20:05:bb:ec:2c:
3b:e6:f8:fb:38:19:0c:12:1e:25:20:af:94:6f:c7:
3c:7f:e6:6b:c1:3a:2b:9a:d0:7b:94:5a:13:ba:b4:
30:18:72:95:5a:4e:bf:34:69:8d:e4:18:20:13:6a:
8c:87:e5:ec:1d:6e:87:53:91:ff:85:8a:f6:cb:c1:
97:2f:4d:a6:5d:ee:d7:9e:37:6a:fe:3a:c7:c7:58:
6b:5d:15:95:95:c0:76:ff:cf:ef:da:7a:66:01:f0:
5b:72:e9:1c:f5:7c:b3:51:cc:c0:69:06:83:68:8d:
f9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:91:D7:61:11:9A:7D:6F:3A:E1:36:F6:1E:12:18:4B:4E:79:D4:17
X509v3 Authority Key Identifier:
keyid:6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/I5HXYRGafW864Tb2HhIYS0551Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.160.0/22
153.51.168.0/23
153.51.171.0-153.51.183.255
153.51.188.0/23
153.51.191.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:22:a9:b6:82:8d:bf:8a:f7:19:9b:25:da:32:b2:fd:9a:aa:
66:bd:b7:fe:db:20:75:e6:dd:73:95:11:84:58:27:01:75:82:
5b:75:6a:bd:d2:37:ea:8b:83:03:64:39:e6:a5:23:62:99:47:
0c:10:70:ea:50:95:24:ad:6c:37:bd:99:15:c9:a1:79:43:f8:
d9:c2:39:e0:e2:cc:35:9c:73:84:5e:e1:c9:29:e2:bc:82:af:
79:1b:8e:8c:b0:e3:4d:28:91:94:38:7d:29:6e:40:65:f3:e6:
c7:39:73:e7:b6:26:da:9c:c9:ab:91:f1:a1:a8:ff:1d:7b:d2:
cf:58:71:1f:00:85:7b:b0:32:75:1a:13:6f:46:af:4c:46:e4:
91:3a:7d:6c:00:0b:a2:22:6f:f1:f0:e1:b8:e1:e2:0c:b5:b6:
2a:b1:45:4a:f5:cb:08:a6:48:46:af:1f:27:f0:ad:b6:bc:b1:
f3:a7:5b:f9:b8:2d:c3:f0:25:f4:e3:a4:03:b1:f0:d5:21:8f:
5a:22:9c:c0:4a:30:52:02:8c:ed:62:cb:59:35:86:bd:5a:c3:
0c:04:66:6d:b2:2d:98:57:ad:af:14:6a:37:93:8a:ab:dd:15:
0a:d3:b5:21:24:b5:24:0b:ae:74:e5:28:5d:8c:e1:76:5b:dc:
44:27:e5:8e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ4bnfMb0vrQVOey6+EmfRcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMTA0ZjFlNGFiYWVjMWVmZjgwZjI2MmM2MmY5NmMyNTQz
OGM4ZTEwHhcNMjYwNTEyMDk1NjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzkxZDc2MTExOWE3ZDZmM2FlMTM2ZjYxZTEyMTg0YjRlNzlkNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3BN2mQ0BAwEi0aFvUWiD9I2yb/V
5F9RdcgI8Dr0rSWO+Kmx88TN9Oq3pPKu9RadmtnttwMWZw3CXLZXLjMMgGGGeJS8
CFi1F7ckauMQk/LNf0BqstzeyikxTr/twwvD9oHKtrByhBPAO0g9g6qYastV2aHd
SIj20EpWxhrit0AaTZCqmy1ct7WlkEhr3pmnIAW77Cw75vj7OBkMEh4lIK+Ub8c8
f+ZrwTormtB7lFoTurQwGHKVWk6/NGmN5BggE2qMh+XsHW6HU5H/hYr2y8GXL02m
Xe7Xnjdq/jrHx1hrXRWVlcB2/8/v2npmAfBbcukc9XyzUczAaQaDaI35VwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCOR12ERmn1vOuE29h4SGEtOedQXMB8GA1UdIwQY
MBaAFGsQTx5Kuuwe/4DyYsYvlsJUOMjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMt
MzBjOWRlMjA1YWZjLzEvSTVIWFlSR2FmVzg2NFRiMkhoSVlTMDU1MUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMtMzBjOWRlMjA1YWZj
LzEvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCmTOgAwQB
mTOoMAwDBACZM6sDBAOZM7ADBAGZM7wDBACZM78wDQYJKoZIhvcNAQELBQADggEB
AIoiqbaCjb+K9xmbJdoysv2aqma9t/7bIHXm3XOVEYRYJwF1glt1ar3SN+qLgwNk
OealI2KZRwwQcOpQlSStbDe9mRXJoXlD+NnCOeDizDWcc4Re4ckp4ryCr3kbjoyw
400okZQ4fSluQGXz5sc5c+e2JtqcyauR8aGo/x170s9YcR8AhXuwMnUaE29Gr0xG
5JE6fWwAC6Iib/Hw4bjh4gy1tiqxRUr1ywimSEavHyfwrba8sfOnW/m4LcPwJfTj
pAOx8NUhj1oinMBKMFICjO1iy1k1hr1awwwEZm2yLZhXra8UajeTiqvdFQrTtSEk
tSQLrnTlKF2M4XZb3EQn5Y4=
-----END CERTIFICATE-----
Generated at Tue May 12 21:53:01 2026 by rpki-client