Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pkTIGBks2KpWX4xPaa3f8IjFuE4.roa
File: pkTIGBks2KpWX4xPaa3f8IjFuE4.roa (raw, json)
Hash identifier: OOaeVwVe/zQMW84iuqXPnxkRJNi2ceouZkr//KdsDV4=
Subject key identifier: A6:44:C8:18:19:2C:D8:AA:56:5F:8C:4F:69:AD:DF:F0:88:C5:B8:4E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D1B3AEB695620A88D181C405A04FEBEC8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pkTIGBks2KpWX4xPaa3f8IjFuE4.roa
Signing time: Mon 23 Mar 2026 15:05:39 +0000
ROA not before: Mon 23 Mar 2026 15:05:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137517
IP address blocks: 163.5.118.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:3a:eb:69:56:20:a8:8d:18:1c:40:5a:04:fe:be:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 23 15:05:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a644c818192cd8aa565f8c4f69addff088c5b84e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:28:25:a1:f6:d0:f5:48:07:eb:34:c2:b8:
ed:e1:7a:8f:0f:90:bd:6c:56:8a:7a:00:16:e3:f8:
6e:c9:7a:30:1e:4a:a1:d5:89:f1:86:5d:1e:5a:1e:
e7:f9:cc:e9:9a:80:64:d2:ee:67:d1:f3:7b:74:15:
8c:4e:b1:58:f8:36:56:e3:7f:2b:f5:b9:5b:9e:cb:
29:6a:ac:97:99:1a:ef:e2:80:f6:1d:ad:58:1c:ce:
64:86:e5:84:c9:73:90:3d:f7:0b:eb:36:bc:1c:18:
b8:85:ed:89:eb:1e:bf:ce:52:8e:8d:68:a6:02:d5:
ed:34:7c:ed:8b:ba:73:4b:42:5f:72:6a:bd:73:b4:
31:22:8e:62:f2:0b:69:3b:89:e9:4a:a4:2b:06:ca:
ee:d8:e8:8d:e8:62:db:e3:ea:20:7e:77:d4:e5:ed:
98:8f:32:ec:11:47:aa:53:7d:04:01:aa:d1:2d:29:
12:a3:d6:15:e6:f9:34:4e:64:4a:88:2c:56:a5:e4:
10:02:66:29:9a:55:e5:c9:44:ac:f6:b8:93:e6:c5:
ed:6a:a5:11:47:11:eb:c3:47:15:4b:5b:ef:16:55:
11:fe:18:c7:c9:1d:42:28:be:fc:7c:72:22:04:f5:
ae:a1:46:f5:fd:0b:f4:42:74:83:9f:63:01:3d:9e:
c6:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:44:C8:18:19:2C:D8:AA:56:5F:8C:4F:69:AD:DF:F0:88:C5:B8:4E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pkTIGBks2KpWX4xPaa3f8IjFuE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.118.0/24
163.5.144.0/24
Signature Algorithm: sha256WithRSAEncryption
42:80:29:c2:6a:82:66:5f:fc:37:b6:ae:d8:71:40:6c:3a:66:
0f:14:3c:02:10:49:8f:1f:55:54:18:d4:e3:55:c3:0a:58:31:
29:e1:64:d4:02:e5:4c:13:eb:a1:19:95:87:1d:d6:87:8d:7a:
13:48:e1:2a:68:9b:81:30:0c:72:e6:bd:99:b0:f8:3e:73:50:
59:b1:8a:93:eb:bb:9a:5a:75:cf:f9:5a:98:fb:36:73:b5:82:
29:d8:94:1f:e1:b2:8a:bf:77:bd:da:c8:3a:e1:b9:2b:aa:ec:
1e:f0:aa:17:68:9a:44:02:09:8a:a5:40:e1:1c:8b:9f:ef:e7:
00:01:ba:4a:9d:ba:63:95:d7:25:bf:b7:74:cb:54:34:fe:6b:
49:d7:d8:ec:9d:18:d9:47:b7:37:7e:ba:df:85:f5:9f:a6:2d:
bd:c6:8b:a4:06:29:0a:19:2a:ae:19:e4:1f:b3:1e:26:5f:ad:
39:c8:93:23:d8:29:8a:89:b9:7e:4f:2e:64:34:91:c4:72:74:
07:65:7d:1f:fc:0d:97:33:7b:b7:31:eb:19:04:e6:68:ca:16:
a5:42:27:32:df:74:2f:f7:a6:1b:5a:f6:54:f3:70:c3:f6:86:
c2:63:d0:0f:85:f1:7b:2e:d2:a7:20:6e:6d:0a:66:3b:a3:5e:
36:b5:75:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0bOutpViCojRgcQFoE/r7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzIzMTUwNTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjQ0YzgxODE5MmNkOGFhNTY1ZjhjNGY2OWFkZGZmMDg4YzViODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCsoJaH20PVIB+s0wrjt4XqPD5C9
bFaKegAW4/huyXowHkqh1Ynxhl0eWh7n+czpmoBk0u5n0fN7dBWMTrFY+DZW438r
9blbnsspaqyXmRrv4oD2Ha1YHM5khuWEyXOQPfcL6za8HBi4he2J6x6/zlKOjWim
AtXtNHzti7pzS0Jfcmq9c7QxIo5i8gtpO4npSqQrBsru2OiN6GLb4+ogfnfU5e2Y
jzLsEUeqU30EAarRLSkSo9YV5vk0TmRKiCxWpeQQAmYpmlXlyUSs9riT5sXtaqUR
RxHrw0cVS1vvFlUR/hjHyR1CKL78fHIiBPWuoUb1/Qv0QnSDn2MBPZ7GAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKZEyBgZLNiqVl+MT2mt3/CIxbhOMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcGtUSUdCa3MyS3BXWDR4UGFhM2Y4SWpGdUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowV2AwQA
owWQMA0GCSqGSIb3DQEBCwUAA4IBAQBCgCnCaoJmX/w3tq7YcUBsOmYPFDwCEEmP
H1VUGNTjVcMKWDEp4WTUAuVME+uhGZWHHdaHjXoTSOEqaJuBMAxy5r2ZsPg+c1BZ
sYqT67uaWnXP+VqY+zZztYIp2JQf4bKKv3e92sg64bkrquwe8KoXaJpEAgmKpUDh
HIuf7+cAAbpKnbpjldclv7d0y1Q0/mtJ19jsnRjZR7c3frrfhfWfpi29xoukBikK
GSquGeQfsx4mX605yJMj2CmKibl+Ty5kNJHEcnQHZX0f/A2XM3u3MesZBOZoyhal
Qicy33Qv96YbWvZU83DD9obCY9APhfF7LtKnIG5tCmY7o142tXUd
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:37:20 2026 by rpki-client