Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CTpA7iHWp9kg3-rGhfwcZOIWWu0.roa
File: CTpA7iHWp9kg3-rGhfwcZOIWWu0.roa (raw, json)
Hash identifier: Vuolz4wgDdJlP0tZF82TC0RYvWfv8Ikl7BqG1XNDuvI=
Subject key identifier: 09:3A:40:EE:21:D6:A7:D9:20:DF:EA:C6:85:FC:1C:64:E2:16:5A:ED
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019CF1CD410763A227F94E9F200DBFFD057B
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CTpA7iHWp9kg3-rGhfwcZOIWWu0.roa
Signing time: Sun 15 Mar 2026 14:01:26 +0000
ROA not before: Sun 15 Mar 2026 14:01:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.46.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.190.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f1:cd:41:07:63:a2:27:f9:4e:9f:20:0d:bf:fd:05:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 15 14:01:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=093a40ee21d6a7d920dfeac685fc1c64e2165aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:20:90:5e:cc:67:83:f7:3c:33:dd:6e:2c:ef:
b6:25:d3:4f:fd:78:65:9f:c4:60:3a:56:51:91:d5:
9f:c6:a7:68:b8:9e:cb:51:f9:f6:c2:12:46:23:e6:
08:95:ef:9c:20:b2:bf:35:d0:f8:0d:d8:85:0e:84:
4d:03:ab:72:9e:fc:11:af:75:5e:47:57:d5:53:69:
b8:a1:fd:78:98:26:b4:17:f2:e6:cc:24:76:92:17:
63:9f:ba:d0:a8:9b:6f:24:f3:8e:f6:dc:43:8d:46:
37:5f:2a:9f:e0:c3:8c:0b:b5:58:9c:2a:69:b8:c3:
ec:02:cc:b4:85:e2:57:fd:cf:22:6e:e7:77:45:54:
74:28:cb:e9:18:96:89:7b:23:14:c0:63:cb:89:e2:
1b:12:07:3c:6e:f8:c3:a8:1e:4a:cf:8b:8f:59:ab:
e8:42:ad:e7:ae:b2:45:7e:98:d9:74:01:d7:a8:5d:
da:30:d1:a4:6c:f7:11:bb:39:ee:0e:69:bd:2d:fe:
1d:e6:ad:b1:ac:65:4b:54:78:f3:9e:dd:b0:a7:4a:
9e:da:1f:4f:92:19:96:56:f7:da:a6:df:3a:50:60:
30:0b:48:28:cd:21:90:84:5f:98:e2:80:7e:ce:f0:
a3:4b:4f:90:82:05:d5:f0:b8:4a:02:ff:04:72:ad:
c2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3A:40:EE:21:D6:A7:D9:20:DF:EA:C6:85:FC:1C:64:E2:16:5A:ED
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/CTpA7iHWp9kg3-rGhfwcZOIWWu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.46.0/24
163.5.82.0/24
163.5.190.0/24
163.5.247.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
68:11:8f:95:70:59:05:d7:44:68:13:1d:92:21:59:cd:55:e1:
9a:d1:c3:ef:a6:13:99:43:d8:eb:e6:20:cc:13:01:c3:7f:aa:
81:e7:f2:57:4c:0a:46:50:fb:83:39:12:f5:a8:30:ff:4d:df:
66:ee:f7:66:dc:66:47:bc:71:ee:b1:d2:c2:72:b5:97:dc:70:
7c:69:bb:e8:ec:08:3c:4c:05:28:34:ee:91:b9:13:93:09:8d:
ce:30:3c:eb:35:6f:2c:20:86:17:6b:a0:80:8e:b1:bd:ba:5b:
5d:41:04:4d:52:d7:6e:c2:d7:8c:56:81:38:55:0b:81:62:e3:
fe:68:75:aa:12:36:a7:d5:e2:5e:3d:26:b7:30:b8:09:20:6e:
66:3e:f8:ee:15:4d:d7:a2:72:f2:91:1b:38:66:05:e3:32:48:
57:99:28:b3:17:79:a5:1f:91:04:e0:3c:2c:d4:66:80:5c:77:
6c:ea:dd:14:2d:23:f5:ac:7c:0e:d5:d4:fa:30:bb:75:50:0d:
0d:5a:b6:30:ac:51:bf:b7:51:ad:b5:36:8c:79:e5:0c:29:9b:
34:8e:cd:f1:35:01:76:00:26:7f:3c:b5:a6:90:cf:99:de:83:
f3:a7:bd:ae:b5:6e:e9:7d:77:07:e9:e9:56:ad:ea:6f:3d:5a:
8e:2c:c2:15
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZzxzUEHY6In+U6fIA2//QV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzE1MTQwMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNhNDBlZTIxZDZhN2Q5MjBkZmVhYzY4NWZjMWM2NGUyMTY1YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCCQXsxng/c8M91uLO+2JdNP/Xhl
n8RgOlZRkdWfxqdouJ7LUfn2whJGI+YIle+cILK/NdD4DdiFDoRNA6tynvwRr3Ve
R1fVU2m4of14mCa0F/LmzCR2khdjn7rQqJtvJPOO9txDjUY3Xyqf4MOMC7VYnCpp
uMPsAsy0heJX/c8ibud3RVR0KMvpGJaJeyMUwGPLieIbEgc8bvjDqB5Kz4uPWavo
Qq3nrrJFfpjZdAHXqF3aMNGkbPcRuznuDmm9Lf4d5q2xrGVLVHjznt2wp0qe2h9P
khmWVvfapt86UGAwC0gozSGQhF+Y4oB+zvCjS0+QggXV8LhKAv8Ecq3CmQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAk6QO4h1qfZIN/qxoX8HGTiFlrtMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvQ1RwQTdpSFdwOWtnMy1yR2hmd2NaT0lXV3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAowUuAwQA
owVSAwQAowW+MAwDBACjBfcDBACjBfgwDQYJKoZIhvcNAQELBQADggEBAGgRj5Vw
WQXXRGgTHZIhWc1V4ZrRw++mE5lD2OvmIMwTAcN/qoHn8ldMCkZQ+4M5EvWoMP9N
32bu92bcZke8ce6x0sJytZfccHxpu+jsCDxMBSg07pG5E5MJjc4wPOs1bywghhdr
oICOsb26W11BBE1S127C14xWgThVC4Fi4/5odaoSNqfV4l49JrcwuAkgbmY++O4V
TdeicvKRGzhmBeMySFeZKLMXeaUfkQTgPCzUZoBcd2zq3RQtI/WsfA7V1Powu3VQ
DQ1atjCsUb+3Ua21Nox55QwpmzSOzfE1AXYAJn88taaQz5neg/Onva61bul9dwfp
6Vat6m89Wo4swhU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:52 2026 by rpki-client