Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/a8gaatfXmBw0m8nfL5LNmp8Z7u4.roa
File: a8gaatfXmBw0m8nfL5LNmp8Z7u4.roa (raw, json)
Hash identifier: GPIWQrpa1UaBBvtT+tyP8JdBKwYfiMTeDyr8CPRb+rs=
Subject key identifier: 6B:C8:1A:6A:D7:D7:98:1C:34:9B:C9:DF:2F:92:CD:9A:9F:19:EE:EE
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019CE26FEB8892832AB7EC70690FDA5771EE
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/a8gaatfXmBw0m8nfL5LNmp8Z7u4.roa
Signing time: Thu 12 Mar 2026 14:25:11 +0000
ROA not before: Thu 12 Mar 2026 14:25:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53356
IP address blocks: 163.5.51.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.134.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:6f:eb:88:92:83:2a:b7:ec:70:69:0f:da:57:71:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 12 14:25:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6bc81a6ad7d7981c349bc9df2f92cd9a9f19eeee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a1:80:de:a7:8a:fb:0e:ff:75:7b:65:90:dc:
1f:2d:b3:fe:b2:03:a5:8d:d8:b5:0c:51:01:78:d2:
8f:66:b4:78:c9:07:18:0a:18:61:c2:18:f0:3f:dc:
d2:04:e0:7e:a7:25:4f:24:40:dd:b4:7d:12:90:34:
c8:92:af:a8:ce:74:78:3b:67:24:80:ea:9a:76:ad:
03:a4:a7:a3:b3:d1:ff:a5:49:c4:07:b7:68:4e:22:
ee:e2:fe:bb:1d:f6:74:6c:fa:c6:20:c2:66:30:14:
c1:92:3f:6d:e9:4b:5a:b8:f3:57:ff:fd:e8:eb:cf:
f9:55:f5:74:e9:e9:f6:57:a5:53:64:f1:b7:45:07:
f0:d1:27:8e:0b:81:83:63:8a:cf:10:3e:2b:64:4c:
81:43:71:77:68:93:0b:23:8e:53:08:92:79:6a:43:
03:c2:d6:8b:6d:87:f3:5e:77:93:63:fc:18:ee:ac:
c4:c7:ba:28:16:34:e2:b6:3f:af:61:97:7a:21:2f:
57:93:2c:86:8d:43:d4:45:ab:18:04:89:81:69:8c:
1b:e6:09:37:c5:7a:6e:d5:af:4e:67:c6:41:9b:81:
4e:6c:de:da:74:a9:7c:3a:fd:cb:19:e3:ad:40:2c:
68:c6:b4:ee:18:22:43:85:79:78:8f:1a:3d:8d:0f:
7d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C8:1A:6A:D7:D7:98:1C:34:9B:C9:DF:2F:92:CD:9A:9F:19:EE:EE
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/a8gaatfXmBw0m8nfL5LNmp8Z7u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.51.0/24
163.5.131.0/24
163.5.134.0/24
163.5.173.0/24
163.5.231.0/24
Signature Algorithm: sha256WithRSAEncryption
14:5f:1f:13:13:61:d5:2c:71:22:94:e7:0b:ce:1e:49:05:21:
9b:a3:37:62:b3:a5:a8:3f:c1:67:83:4e:7a:8b:70:8a:49:01:
49:19:c3:42:50:27:8f:d1:9f:b2:52:c3:d5:fc:82:b4:96:51:
69:cb:6d:07:17:a0:71:34:a5:05:df:d9:94:b4:e6:7a:ef:91:
16:cc:dc:7a:c1:e4:b0:24:34:3e:a5:84:3a:d8:fd:e8:a0:f3:
ed:3b:71:9d:cb:8a:f8:ce:b3:4c:ea:eb:f5:88:d3:8a:69:f0:
e4:fe:89:c0:a1:d9:89:17:29:92:31:8d:a1:85:7e:71:44:13:
f7:0d:78:cb:fc:e8:25:b9:43:1c:98:3f:a8:f3:40:88:9e:eb:
f0:8a:cb:5d:0d:59:d6:b6:4f:b1:c7:61:75:e5:d5:4d:a0:20:
07:99:39:fb:da:40:b6:d8:62:59:88:c7:3b:37:68:56:96:29:
68:6c:39:30:1f:63:3f:19:ba:d1:1c:6c:c7:96:47:e1:fb:c8:
6f:98:c7:35:2c:8e:2d:9d:65:45:3e:53:f7:cb:77:e8:06:f7:
64:8f:ed:d2:d9:c2:00:7d:2f:d1:c6:3a:e7:c2:9a:a1:9c:7b:
3d:69:45:23:28:b8:e6:f1:45:0b:b2:eb:61:8f:21:22:24:e9:
9d:db:29:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZzib+uIkoMqt+xwaQ/aV3HuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzEyMTQyNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM4MWE2YWQ3ZDc5ODFjMzQ5YmM5ZGYyZjkyY2Q5YTlmMTllZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6GA3qeK+w7/dXtlkNwfLbP+sgOl
jdi1DFEBeNKPZrR4yQcYChhhwhjwP9zSBOB+pyVPJEDdtH0SkDTIkq+oznR4O2ck
gOqadq0DpKejs9H/pUnEB7doTiLu4v67HfZ0bPrGIMJmMBTBkj9t6UtauPNX//3o
68/5VfV06en2V6VTZPG3RQfw0SeOC4GDY4rPED4rZEyBQ3F3aJMLI45TCJJ5akMD
wtaLbYfzXneTY/wY7qzEx7ooFjTitj+vYZd6IS9XkyyGjUPURasYBImBaYwb5gk3
xXpu1a9OZ8ZBm4FObN7adKl8Ov3LGeOtQCxoxrTuGCJDhXl4jxo9jQ99zQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGvIGmrX15gcNJvJ3y+SzZqfGe7uMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYThnYWF0ZlhtQncwbThuZkw1TE5tcDhaN3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAowUzAwQA
owWDAwQAowWGAwQAowWtAwQAowXnMA0GCSqGSIb3DQEBCwUAA4IBAQAUXx8TE2HV
LHEilOcLzh5JBSGbozdis6WoP8Fng056i3CKSQFJGcNCUCeP0Z+yUsPV/IK0llFp
y20HF6BxNKUF39mUtOZ675EWzNx6weSwJDQ+pYQ62P3ooPPtO3Gdy4r4zrNM6uv1
iNOKafDk/onAodmJFymSMY2hhX5xRBP3DXjL/OgluUMcmD+o80CInuvwistdDVnW
tk+xx2F15dVNoCAHmTn72kC22GJZiMc7N2hWlilobDkwH2M/GbrRHGzHlkfh+8hv
mMc1LI4tnWVFPlP3y3foBvdkj+3S2cIAfS/RxjrnwpqhnHs9aUUjKLjm8UULsuth
jyEiJOmd2ylS
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:31:45 2026 by rpki-client