Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hWFLZUq38oSHisQ3Ckv-0cQhlDQ.roa
File: hWFLZUq38oSHisQ3Ckv-0cQhlDQ.roa (raw, json)
Hash identifier: 1ubheu54MrNZiMq2DbxB2a1HWvEMdF12BlsJjr7MqqI=
Subject key identifier: 85:61:4B:65:4A:B7:F2:84:87:8A:C4:37:0A:4B:FE:D1:C4:21:94:34
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019E1AFBE8F168248A09CC8ECCEDCD5C0921
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hWFLZUq38oSHisQ3Ckv-0cQhlDQ.roa
Signing time: Tue 12 May 2026 06:59:37 +0000
ROA not before: Tue 12 May 2026 06:59:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1a:fb:e8:f1:68:24:8a:09:cc:8e:cc:ed:cd:5c:09:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 12 06:59:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=85614b654ab7f284878ac4370a4bfed1c4219434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:16:af:60:31:86:74:34:0e:1e:f5:1e:af:b4:
2f:b3:70:8e:ac:40:20:4b:b8:65:ea:61:d1:08:d2:
14:26:63:bf:81:c0:f6:37:78:e9:56:13:cc:6f:11:
cb:ad:7e:00:83:56:dd:d8:17:bf:da:80:bd:c4:68:
03:36:25:4a:d9:e6:d7:0c:c4:0c:27:22:d5:8f:8e:
4f:06:7c:16:4b:b3:df:b6:f2:d6:80:e2:72:0e:87:
a9:d4:35:78:8f:f0:c3:64:03:fb:0f:ad:35:81:40:
09:06:b6:a5:95:a8:36:2d:94:db:af:8f:6a:93:00:
8a:c6:0b:b5:a2:23:a5:71:f7:3e:27:65:9e:c0:d6:
42:5c:41:5d:f5:c5:5a:e5:88:b7:c5:42:33:6e:46:
37:32:93:29:06:51:ab:48:97:44:8e:12:e8:b3:e6:
9d:17:ea:78:8a:10:bb:85:a2:78:41:24:2a:fe:f5:
e7:54:97:66:a0:dc:09:1a:ca:c2:b2:9a:70:d0:da:
0b:a4:b1:16:a7:34:4e:ba:0a:2d:cd:b6:32:81:67:
52:f3:ea:de:1b:75:ba:90:c2:99:2a:83:3f:9c:f0:
13:33:50:1f:22:c7:02:61:1f:04:6c:16:ad:62:5d:
17:c2:b2:e9:7e:aa:ff:54:09:4a:a1:78:cf:9b:8b:
8c:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:61:4B:65:4A:B7:F2:84:87:8A:C4:37:0A:4B:FE:D1:C4:21:94:34
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/hWFLZUq38oSHisQ3Ckv-0cQhlDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.59.0/24
163.5.66.0/24
163.5.91.0/24
163.5.112.0/24
163.5.121.0/24
163.5.129.0/24
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.167.0/24
163.5.173.0/24
163.5.178.0/24
163.5.196.0/24
163.5.218.0/24
163.5.223.0-163.5.224.255
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
61:b4:8d:02:05:4d:5f:4e:81:d4:7d:3a:0a:ee:6a:2a:60:5d:
94:fa:81:d7:c6:e6:91:f0:07:3d:77:cd:64:7b:b9:8b:0c:b8:
56:ca:16:de:d5:f1:6e:2b:9b:d6:42:57:b5:cc:5a:fa:fa:cd:
18:04:eb:57:a2:00:d5:79:c3:d7:1c:29:f3:91:6d:c0:5d:06:
30:b6:5a:a0:79:c8:1b:15:1e:fe:ba:41:32:86:f3:2c:44:1b:
57:46:be:a3:ac:1f:ae:80:cd:f6:2e:bf:30:7f:2d:68:d0:56:
cb:e6:7d:1f:59:2f:c7:1d:00:ac:74:7c:d3:64:69:82:21:df:
e2:7f:e7:a9:26:11:4d:cd:15:d9:91:1d:7f:1b:f0:74:7d:a5:
c5:47:11:a0:b0:23:44:3d:26:26:d0:dc:83:4a:62:41:6e:1c:
34:a8:ae:8d:e3:9c:ef:57:04:30:e5:dd:1c:d6:bd:77:14:09:
d9:f0:11:88:f8:74:f5:a5:91:29:e2:e0:9e:fc:03:ec:98:f0:
a1:d1:69:60:98:22:17:21:5b:01:3d:ec:b8:06:21:83:5f:37:
0d:f7:09:5a:83:53:de:3a:61:5a:8f:c9:71:c3:c8:fd:f0:34:
2d:71:72:de:de:24:16:d2:5c:94:1a:52:ce:e0:88:bc:bc:3d:
16:2c:b5:4e
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZ4a++jxaCSKCcyOzO3NXAkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNTEyMDY1OTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTYxNGI2NTRhYjdmMjg0ODc4YWM0MzcwYTRiZmVkMWM0MjE5NDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthavYDGGdDQOHvUer7Qvs3COrEAg
S7hl6mHRCNIUJmO/gcD2N3jpVhPMbxHLrX4Ag1bd2Be/2oC9xGgDNiVK2ebXDMQM
JyLVj45PBnwWS7PftvLWgOJyDoep1DV4j/DDZAP7D601gUAJBrallag2LZTbr49q
kwCKxgu1oiOlcfc+J2WewNZCXEFd9cVa5Yi3xUIzbkY3MpMpBlGrSJdEjhLos+ad
F+p4ihC7haJ4QSQq/vXnVJdmoNwJGsrCsppw0NoLpLEWpzROugotzbYygWdS8+re
G3W6kMKZKoM/nPATM1AfIscCYR8EbBatYl0XwrLpfqr/VAlKoXjPm4uMywIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFIVhS2VKt/KEh4rENwpL/tHEIZQ0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvaFdGTFpVcTM4b1NIaXNRM0Nrdi0wY1FobERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBACj
BSkDBACjBTsDBACjBUIDBACjBVsDBACjBXADBACjBXkDBACjBYEDBACjBYQDBACj
BYsDBACjBY8DBACjBZIDBACjBZQDBACjBZcDBACjBZ0DBACjBaADBACjBacDBACj
Ba0DBACjBbIDBACjBcQDBACjBdowDAMEAKMF3wMEAKMF4AMEAKMF5AMEAKMF6QME
AKMF8TANBgkqhkiG9w0BAQsFAAOCAQEAYbSNAgVNX06B1H06Cu5qKmBdlPqB18bm
kfAHPXfNZHu5iwy4VsoW3tXxbiub1kJXtcxa+vrNGATrV6IA1XnD1xwp85FtwF0G
MLZaoHnIGxUe/rpBMobzLEQbV0a+o6wfroDN9i6/MH8taNBWy+Z9H1kvxx0ArHR8
02RpgiHf4n/nqSYRTc0V2ZEdfxvwdH2lxUcRoLAjRD0mJtDcg0piQW4cNKiujeOc
71cEMOXdHNa9dxQJ2fARiPh09aWRKeLgnvwD7JjwodFpYJgiFyFbAT3suAYhg183
DfcJWoNT3jphWo/JccPI/fA0LXFy3t4kFtJclBpSzuCIvLw9Fiy1Tg==
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:28 2026 by rpki-client