Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pci-O-8XlY0GXpt26-922jZtRWs.roa
File: pci-O-8XlY0GXpt26-922jZtRWs.roa (raw, json)
Hash identifier: A988D7PR3sn84NiLMUzkVu/oeefH6T5wuqFYrAuf100=
Subject key identifier: A5:C8:BE:3B:EF:17:95:8D:06:5E:9B:76:EB:EF:76:DA:36:6D:45:6B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019E070DAE5C4FEBBA66D3134711ABAF5807
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pci-O-8XlY0GXpt26-922jZtRWs.roa
Signing time: Fri 08 May 2026 10:06:37 +0000
ROA not before: Fri 08 May 2026 10:06:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209193
IP address blocks: 5.175.144.0/20 maxlen: 32
5.231.244.0/24 maxlen: 24
5.231.245.0/24 maxlen: 24
5.231.246.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:0d:ae:5c:4f:eb:ba:66:d3:13:47:11:ab:af:58:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 8 10:06:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a5c8be3bef17958d065e9b76ebef76da366d456b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d0:80:e0:f9:6d:f3:46:a2:19:2e:53:99:06:
56:4f:b9:86:0d:50:2f:83:ee:73:c4:6f:a0:70:f3:
12:0f:16:c5:51:17:4a:f8:b1:79:95:1a:2c:be:96:
55:5e:af:0d:3b:14:0d:3f:bb:cf:b8:a2:ac:82:aa:
b0:dd:6e:34:ff:9d:4c:10:09:ca:6c:bb:c6:97:5f:
03:b8:b2:32:fe:43:d8:51:4f:38:ce:27:cc:2e:4c:
e2:99:0a:d9:4e:75:d0:82:06:e3:67:08:6e:34:90:
72:8d:db:88:69:4e:5a:7c:80:0b:4f:4e:55:cd:a8:
45:4e:d1:aa:b6:f5:50:27:83:cb:14:76:b0:80:01:
13:cd:0f:d1:48:e7:05:58:0d:0b:4f:54:70:5a:8c:
68:b1:9e:6d:f0:57:af:dd:1c:91:bd:dd:a1:4a:23:
1b:61:e7:ed:79:86:8a:df:89:93:85:d7:b3:a0:23:
ca:82:e0:de:2d:31:ad:38:c7:02:13:91:12:61:5d:
57:c1:a0:3b:43:81:4b:3d:99:b9:fd:3e:ac:ee:a7:
6a:fd:11:df:9e:44:76:e4:14:b7:4c:6c:95:6c:33:
4a:e0:ea:5f:c6:16:6f:85:42:11:ef:e1:3c:49:b8:
a0:8f:23:29:ae:a4:54:19:72:6f:ba:a7:ee:6c:e0:
49:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C8:BE:3B:EF:17:95:8D:06:5E:9B:76:EB:EF:76:DA:36:6D:45:6B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/pci-O-8XlY0GXpt26-922jZtRWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.144.0/20
5.231.244.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:d6:3f:39:07:a9:30:72:01:6f:0a:64:f4:67:ae:bb:bb:18:
43:00:ec:57:f0:b2:bd:10:9f:01:92:40:82:f6:9e:3a:1b:6c:
f8:63:71:cc:77:32:eb:3f:cf:bc:29:18:ee:03:51:4b:06:f2:
46:29:0f:69:8c:0a:79:18:05:45:cd:82:e7:70:5e:0d:c2:ca:
de:65:25:49:f2:12:91:96:97:3a:3e:8c:5b:a6:ba:76:96:33:
88:37:b1:48:5f:97:f4:8f:ec:d8:d1:9a:ea:61:6d:4f:da:c6:
98:5c:fb:1e:c0:39:5e:50:f5:39:91:c4:b0:6a:01:bc:a0:85:
54:0e:9a:7b:b1:66:c6:a2:7b:66:93:e1:e7:96:3f:c3:e2:0f:
91:61:d4:cf:b8:b4:d4:a4:56:13:f4:33:c4:43:11:8f:0c:9e:
e2:d5:76:11:7f:99:2b:46:58:96:03:d7:24:38:7b:47:4a:bf:
ac:55:08:87:44:c4:94:44:77:6c:c7:c2:a6:18:88:33:2a:60:
c4:0a:4c:2f:8b:a6:96:a1:61:e3:72:22:85:1a:97:7e:09:95:
86:78:92:bd:ed:89:a1:dd:84:93:89:ac:8d:6e:cc:23:47:d9:
c0:76:f3:b7:ec:d1:65:5f:f8:30:90:3e:a5:a2:ef:6b:6b:a7:
fc:00:21:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4HDa5cT+u6ZtMTRxGrr1gHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNTA4MTAwNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM4YmUzYmVmMTc5NThkMDY1ZTliNzZlYmVmNzZkYTM2NmQ0NTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9CA4Plt80aiGS5TmQZWT7mGDVAv
g+5zxG+gcPMSDxbFURdK+LF5lRosvpZVXq8NOxQNP7vPuKKsgqqw3W40/51MEAnK
bLvGl18DuLIy/kPYUU84zifMLkzimQrZTnXQggbjZwhuNJByjduIaU5afIALT05V
zahFTtGqtvVQJ4PLFHawgAETzQ/RSOcFWA0LT1RwWoxosZ5t8Fev3RyRvd2hSiMb
YefteYaK34mThdezoCPKguDeLTGtOMcCE5ESYV1XwaA7Q4FLPZm5/T6s7qdq/RHf
nkR25BS3TGyVbDNK4OpfxhZvhUIR7+E8SbigjyMprqRUGXJvuqfubOBJ6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKXIvjvvF5WNBl6bduvvdto2bUVrMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcGNpLU8tOFhsWTBHWHB0MjYtOTIyalp0UldzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBa+QAwQC
Bef0MA0GCSqGSIb3DQEBCwUAA4IBAQAu1j85B6kwcgFvCmT0Z667uxhDAOxX8LK9
EJ8BkkCC9p46G2z4Y3HMdzLrP8+8KRjuA1FLBvJGKQ9pjAp5GAVFzYLncF4Nwsre
ZSVJ8hKRlpc6Poxbprp2ljOIN7FIX5f0j+zY0ZrqYW1P2saYXPsewDleUPU5kcSw
agG8oIVUDpp7sWbGontmk+Hnlj/D4g+RYdTPuLTUpFYT9DPEQxGPDJ7i1XYRf5kr
RliWA9ckOHtHSr+sVQiHRMSURHdsx8KmGIgzKmDECkwvi6aWoWHjciKFGpd+CZWG
eJK97Ymh3YSTiayNbswjR9nAdvO37NFlX/gwkD6lou9ra6f8ACFO
-----END CERTIFICATE-----
Generated at Wed May 13 03:56:03 2026 by rpki-client