Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roamCsznRM4hfjnNSKWHdaWL05w.roa
File: roamCsznRM4hfjnNSKWHdaWL05w.roa (raw, json)
Hash identifier: azQtWEnp5C2NGlX3S2j/wlWJJeBphQkD3fSOvwf2T5s=
Subject key identifier: AE:86:A6:0A:CC:E7:44:CE:21:7E:39:CD:48:A5:87:75:A5:8B:D3:9C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019CE7EF5EF71D8288E4039D51C5557F690F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roamCsznRM4hfjnNSKWHdaWL05w.roa
Signing time: Fri 13 Mar 2026 16:02:30 +0000
ROA not before: Fri 13 Mar 2026 16:02:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.1.0/24 maxlen: 24
163.5.2.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.6.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e7:ef:5e:f7:1d:82:88:e4:03:9d:51:c5:55:7f:69:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 13 16:02:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae86a60acce744ce217e39cd48a58775a58bd39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ff:a2:c3:a0:0a:de:85:6d:f7:27:0b:e0:20:
30:54:33:70:37:2d:a7:11:34:1a:c6:73:33:d1:e0:
83:5e:6d:12:ca:33:30:5f:66:dc:91:51:a4:a9:3e:
f2:93:48:63:4d:74:3e:94:5c:f0:a0:6e:a4:c8:c6:
74:77:c7:cb:5f:2a:56:cb:fe:22:f5:13:ee:a0:f5:
d1:7d:ef:53:a5:04:65:4b:55:b3:12:0a:8f:2f:5d:
c2:e0:55:23:f9:9c:df:28:20:7d:ba:2b:e7:4c:af:
b7:68:3b:3b:db:bb:25:58:95:b2:28:95:19:be:1b:
19:31:84:51:b0:46:4c:b9:04:2a:18:8c:ca:5c:cd:
8a:a0:cd:fd:c2:60:70:a6:ca:ef:52:f5:57:fb:77:
a7:80:4e:14:40:13:ae:22:da:57:6e:30:96:7f:e4:
be:aa:df:ad:26:cc:ec:f7:f2:35:2b:2e:e4:12:1c:
a6:49:f6:01:73:f7:0a:4a:49:b2:24:aa:ae:56:41:
08:94:a8:dd:85:5a:38:c4:15:25:93:b6:26:33:0d:
19:95:48:93:e4:ea:54:57:21:47:17:6d:ad:1b:15:
b3:1f:d5:51:f8:ea:c1:91:5c:e8:7b:cc:79:62:18:
70:d8:36:78:09:3c:3a:dc:25:a2:60:83:9e:af:73:
ff:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:86:A6:0A:CC:E7:44:CE:21:7E:39:CD:48:A5:87:75:A5:8B:D3:9C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/roamCsznRM4hfjnNSKWHdaWL05w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0-163.5.6.255
163.5.10.0/23
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/24
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.55.0/24
163.5.68.0/23
163.5.80.0/24
Signature Algorithm: sha256WithRSAEncryption
77:36:20:66:18:6d:fe:8f:63:41:31:99:8b:c8:ee:53:c4:15:
b9:0b:55:1b:07:6e:a8:19:d8:c0:b0:2f:d6:91:b3:53:81:9c:
d0:bc:81:ac:30:dc:93:69:95:2c:4d:10:e8:5c:c8:ed:81:2a:
9a:69:47:30:fd:e1:95:c7:79:01:b5:58:1e:2c:19:23:23:ba:
10:43:51:93:68:86:d4:ab:0a:bf:32:38:ab:b6:af:68:d5:6e:
4a:e6:e7:53:05:6f:1d:7d:68:b2:0c:59:21:ae:f4:c1:44:a0:
37:97:e2:71:5b:b0:4f:e1:21:63:14:c7:05:a5:43:c0:9b:06:
71:56:eb:c7:9c:ac:69:1a:a4:16:27:4e:83:81:68:f5:33:7c:
42:7c:c6:c4:dd:3e:f1:5d:90:a0:2d:dc:2d:0e:f3:29:2b:d7:
3b:24:a0:f2:a7:12:a7:db:05:a6:6c:f9:43:3c:4e:85:a3:cf:
59:ed:d2:c7:f2:ac:04:09:18:27:eb:84:9e:67:a7:0c:0b:06:
c8:3d:ef:08:fb:3d:e8:30:4e:ce:fd:ba:3b:51:39:77:a4:c4:
b5:28:d8:4e:6a:0d:9e:8b:c2:05:65:d1:20:58:14:21:cd:ea:
f7:6a:90:22:e6:94:76:bd:d7:11:cb:74:bf:8b:84:ea:52:96:
78:c8:83:a0
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZzn7173HYKI5AOdUcVVf2kPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzEzMTYwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTg2YTYwYWNjZTc0NGNlMjE3ZTM5Y2Q0OGE1ODc3NWE1OGJkMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP+iw6AK3oVt9ycL4CAwVDNwNy2n
ETQaxnMz0eCDXm0SyjMwX2bckVGkqT7yk0hjTXQ+lFzwoG6kyMZ0d8fLXypWy/4i
9RPuoPXRfe9TpQRlS1WzEgqPL13C4FUj+ZzfKCB9uivnTK+3aDs727slWJWyKJUZ
vhsZMYRRsEZMuQQqGIzKXM2KoM39wmBwpsrvUvVX+3engE4UQBOuItpXbjCWf+S+
qt+tJszs9/I1Ky7kEhymSfYBc/cKSkmyJKquVkEIlKjdhVo4xBUlk7YmMw0ZlUiT
5OpUVyFHF22tGxWzH9VR+OrBkVzoe8x5Yhhw2DZ4CTw63CWiYIOer3P/0wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFK6GpgrM50TOIX45zUilh3Wli9OcMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcm9hbUNzem5STTRoZmpuTlNLV0hkYVdMMDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAATBRMAsDAwCjBQME
AKMFBgMEAaMFCgMEAaMFFDAMAwQAowUXAwQAowUYAwQAowUqAwQAowUtAwQAowUw
AwQAowUyAwQAowU3AwQBowVEAwQAowVQMA0GCSqGSIb3DQEBCwUAA4IBAQB3NiBm
GG3+j2NBMZmLyO5TxBW5C1UbB26oGdjAsC/WkbNTgZzQvIGsMNyTaZUsTRDoXMjt
gSqaaUcw/eGVx3kBtVgeLBkjI7oQQ1GTaIbUqwq/Mjirtq9o1W5K5udTBW8dfWiy
DFkhrvTBRKA3l+JxW7BP4SFjFMcFpUPAmwZxVuvHnKxpGqQWJ06DgWj1M3xCfMbE
3T7xXZCgLdwtDvMpK9c7JKDypxKn2wWmbPlDPE6Fo89Z7dLH8qwECRgn64SeZ6cM
CwbIPe8I+z3oME7O/bo7UTl3pMS1KNhOag2ei8IFZdEgWBQhzer3apAi5pR2vdcR
y3S/i4TqUpZ4yIOg
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:23 2026 by rpki-client