Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3gzU0wDdkb2ZzliU-bZWlRPo5g.roa
File: q3gzU0wDdkb2ZzliU-bZWlRPo5g.roa (raw, json)
Hash identifier: EMRUqOAfJvntZgSs//iLd6NPyLC4XfYrBLlduafZKJw=
Subject key identifier: AB:78:33:53:4C:03:76:46:F6:67:39:62:53:E6:D9:5A:54:4F:A3:98
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019DF8B56D2173FBE6CDADC4A77B75701455
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3gzU0wDdkb2ZzliU-bZWlRPo5g.roa
Signing time: Tue 05 May 2026 15:15:32 +0000
ROA not before: Tue 05 May 2026 15:15:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:b5:6d:21:73:fb:e6:cd:ad:c4:a7:7b:75:70:14:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 5 15:15:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab7833534c037646f667396253e6d95a544fa398
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:68:81:a2:74:24:83:88:e4:74:5f:5f:dc:a1:
ba:e0:53:12:51:e8:25:6a:09:46:a9:37:85:d0:5a:
b0:d1:2b:37:e3:42:ce:11:bf:2a:56:3c:f1:89:90:
65:69:63:65:13:02:c8:e2:cb:49:7b:7d:3d:74:bf:
07:39:ef:05:5c:58:30:33:f0:3f:e1:0e:91:80:8d:
fb:b4:6f:81:8a:16:62:13:9c:14:28:3e:4b:20:ca:
ac:42:0c:d6:c8:8f:de:65:3f:ae:bb:34:4b:6d:54:
9e:d2:e4:4e:8d:79:a1:9a:5e:77:41:0a:13:ef:85:
67:4a:66:01:43:d9:5b:01:9f:48:a1:72:8f:04:3d:
9a:9e:7c:67:f3:79:80:4e:6e:8b:c0:4f:d9:50:57:
a0:2f:f9:97:ee:3e:0f:16:16:45:6c:24:db:1e:d3:
8d:80:68:2f:ce:b5:f9:26:db:2b:66:97:c6:26:94:
e7:84:b1:56:9d:b7:b7:66:3e:64:80:e7:e3:86:e2:
11:e0:a8:46:90:b6:4b:7d:ae:b8:db:97:de:91:c0:
bd:4b:0d:92:02:c0:1c:dc:5a:3b:73:e3:a4:29:9d:
ba:b3:a9:ee:41:f4:89:8a:54:7a:cb:97:a1:6a:94:
50:6a:97:e6:44:e7:2b:f4:ef:e6:51:30:27:22:6a:
5b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:78:33:53:4C:03:76:46:F6:67:39:62:53:E6:D9:5A:54:4F:A3:98
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/q3gzU0wDdkb2ZzliU-bZWlRPo5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.39.0/24
163.5.60.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0/23
163.5.108.0/24
163.5.116.0/23
163.5.130.0/24
163.5.174.0/24
163.5.189.0/24
163.5.225.0/24
163.5.227.0-163.5.228.255
163.5.240.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ac:36:38:62:c0:2b:33:c0:95:b7:a3:87:80:ad:2b:1f:a2:
cd:8c:6a:99:e7:3c:11:d6:6c:d6:b5:b4:6f:6e:3c:c0:16:50:
87:7d:e0:bf:5e:4c:3b:3d:5e:a0:fd:ff:63:16:bd:dc:9a:8d:
b2:8a:8f:75:f5:07:6b:ab:b7:81:db:6c:e3:2c:94:4c:15:b4:
51:c2:1b:ce:61:06:a2:ed:c2:a2:f5:ff:6e:9d:b5:94:58:09:
4a:c6:d0:a8:f6:1c:5c:5e:64:7f:7f:48:d1:82:a5:26:23:3a:
89:94:93:64:3a:fd:36:80:9e:a5:5a:62:95:64:ab:83:a9:01:
a8:66:2c:50:57:04:0a:85:85:a8:b1:7d:91:82:7f:19:ff:91:
36:49:25:61:24:71:29:10:a0:ad:c0:78:21:58:24:54:c4:32:
d1:82:cb:0b:34:db:8d:db:b6:2f:aa:96:ea:72:ee:e3:5d:7e:
2e:90:ca:10:04:23:7e:44:b7:9e:47:74:5d:a6:b8:52:45:e1:
7f:9a:01:c1:6c:89:38:33:d7:e7:b4:14:0e:55:2b:08:a4:ff:
50:9b:98:1f:9a:35:ba:6c:b5:a6:37:da:75:93:8f:67:06:68:
2b:2d:49:f7:a4:2c:db:d3:21:8a:94:bb:f5:55:85:33:26:70:
06:e7:d9:71
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZ34tW0hc/vmza3Ep3t1cBRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNTA1MTUxNTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjc4MzM1MzRjMDM3NjQ2ZjY2NzM5NjI1M2U2ZDk1YTU0NGZhMzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmiBonQkg4jkdF9f3KG64FMSUegl
aglGqTeF0Fqw0Ss340LOEb8qVjzxiZBlaWNlEwLI4stJe309dL8HOe8FXFgwM/A/
4Q6RgI37tG+BihZiE5wUKD5LIMqsQgzWyI/eZT+uuzRLbVSe0uROjXmhml53QQoT
74VnSmYBQ9lbAZ9IoXKPBD2annxn83mATm6LwE/ZUFegL/mX7j4PFhZFbCTbHtON
gGgvzrX5JtsrZpfGJpTnhLFWnbe3Zj5kgOfjhuIR4KhGkLZLfa6425fekcC9Sw2S
AsAc3Fo7c+OkKZ26s6nuQfSJilR6y5ehapRQapfmROcr9O/mUTAnImpb7wIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFKt4M1NMA3ZG9mc5YlPm2VpUT6OYMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcTNnelUwd0Rka2IyWnpsaVUtYlpXbFJQbzVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAKMFIgME
AKMFJwMEAKMFPAMEAKMFWAMEAKMFWgMEAKMFXQMEAaMFZAMEAKMFbAMEAaMFdAME
AKMFggMEAKMFrgMEAKMFvQMEAKMF4TAMAwQAowXjAwQAowXkAwQAowXwAwQAowXz
MA0GCSqGSIb3DQEBCwUAA4IBAQCxrDY4YsArM8CVt6OHgK0rH6LNjGqZ5zwR1mzW
tbRvbjzAFlCHfeC/Xkw7PV6g/f9jFr3cmo2yio919Qdrq7eB22zjLJRMFbRRwhvO
YQai7cKi9f9unbWUWAlKxtCo9hxcXmR/f0jRgqUmIzqJlJNkOv02gJ6lWmKVZKuD
qQGoZixQVwQKhYWosX2Rgn8Z/5E2SSVhJHEpEKCtwHghWCRUxDLRgssLNNuN27Yv
qpbqcu7jXX4ukMoQBCN+RLeeR3RdprhSReF/mgHBbIk4M9fntBQOVSsIpP9Qm5gf
mjW6bLWmN9p1k49nBmgrLUn3pCzb0yGKlLv1VYUzJnAG59lx
-----END CERTIFICATE-----
Generated at Wed May 13 03:48:42 2026 by rpki-client