Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tYTQqAPNjDAxM5CfAeihewYV7S0.roa
File: tYTQqAPNjDAxM5CfAeihewYV7S0.roa (raw, json)
Hash identifier: 7yLFEkmZd+LNdq2hNlJVmWit6eQhDOgeLUmwuLVeyk4=
Subject key identifier: B5:84:D0:A8:03:CD:8C:30:31:33:90:9F:01:E8:A1:7B:06:15:ED:2D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D25B47EDE941A8AF382A5663ECFD697C8
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tYTQqAPNjDAxM5CfAeihewYV7S0.roa
Signing time: Wed 25 Mar 2026 15:54:39 +0000
ROA not before: Wed 25 Mar 2026 15:54:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.14.0/24 maxlen: 24
163.5.29.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:b4:7e:de:94:1a:8a:f3:82:a5:66:3e:cf:d6:97:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 25 15:54:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b584d0a803cd8c303133909f01e8a17b0615ed2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0f:bb:c1:74:f3:b2:cf:36:2b:e7:5d:4b:28:
4c:db:a9:1b:8d:99:01:70:12:0d:5b:1e:88:ce:ba:
07:01:4b:35:24:09:a7:7a:f4:fd:4f:ae:28:4a:50:
ed:da:b1:5f:0b:6b:a4:fe:0b:21:07:c4:bd:47:9e:
68:d5:c2:4b:80:c0:f6:22:87:2e:81:f3:ac:66:3f:
f0:b1:b5:58:78:7b:ca:ec:d8:07:5a:1d:c5:59:d6:
53:c5:4e:fa:9a:5b:3c:ce:7e:ca:4b:56:2a:4d:11:
df:64:38:83:30:c6:ed:b2:f4:d2:dd:91:f4:09:fd:
f5:a3:7a:a9:23:93:18:14:fc:9c:df:34:e6:2e:84:
93:1a:05:fe:39:10:9c:41:2d:d1:a4:10:1f:65:dc:
19:07:15:23:f5:fe:b0:37:df:d4:29:4e:78:2b:3d:
2b:0a:0a:a3:82:3e:f3:c6:d3:8b:c6:b3:f9:6c:6e:
4c:56:93:1b:97:9a:19:b3:7e:59:f0:e1:f3:79:b7:
94:d0:65:70:92:22:0d:4e:90:d7:19:cf:7c:4f:43:
14:46:8d:70:d9:50:97:65:68:7c:1d:9d:8c:3f:ab:
cd:9b:30:f1:3d:20:f4:36:4d:45:d1:9b:40:3d:f8:
79:f3:86:1f:f6:2c:d3:5d:c3:f7:78:23:10:a5:df:
96:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:D0:A8:03:CD:8C:30:31:33:90:9F:01:E8:A1:7B:06:15:ED:2D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/tYTQqAPNjDAxM5CfAeihewYV7S0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.14.0/24
163.5.29.0-163.5.31.255
163.5.59.0/24
163.5.112.0/24
163.5.121.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.149.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/23
163.5.186.0/24
163.5.192.0/24
163.5.195.0-163.5.196.255
163.5.202.0/23
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:77:f1:14:01:e9:de:ad:44:7f:f2:30:6e:c0:9f:d0:34:61:
36:85:00:48:56:83:54:1c:ad:df:37:d5:11:32:4f:c4:e0:4b:
df:aa:b1:54:50:2c:86:68:9d:b4:93:29:62:22:20:80:f0:dc:
f1:2a:c5:79:20:16:fc:af:c3:b2:8a:e2:45:d1:61:5d:d5:b8:
c5:6a:c6:e1:e4:2c:d7:69:cd:41:77:1a:75:23:f1:16:06:e6:
a9:c3:86:1a:09:8f:dc:18:04:88:73:ba:9c:6f:91:d4:0d:cb:
5f:9d:2b:b0:ed:9f:d7:6d:d1:93:fb:e6:6b:47:7b:ac:0d:59:
3f:c1:24:f8:37:8d:b1:92:95:bc:bc:9a:32:76:9e:f4:e2:30:
1c:dd:4a:46:9b:d1:d2:5c:c8:69:87:e9:0c:5e:58:50:87:e6:
ae:09:29:68:27:09:54:7f:26:cc:26:31:c8:38:c9:ec:78:e9:
0c:07:f0:1d:0f:ad:ae:ec:ef:4e:b3:bb:40:98:20:9c:64:41:
3a:d1:fb:ce:14:d3:fc:a5:94:45:80:b9:26:61:a0:1c:aa:d9:
82:89:78:50:93:8b:b2:e1:85:e2:d2:e9:f6:bc:23:5d:26:44:
89:42:41:16:6e:34:69:c2:60:86:af:ae:d4:ce:63:a2:82:77:
2a:fd:67:a9
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZ0ltH7elBqK84KlZj7P1pfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzI1MTU1NDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTg0ZDBhODAzY2Q4YzMwMzEzMzkwOWYwMWU4YTE3YjA2MTVlZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0g+7wXTzss82K+ddSyhM26kbjZkB
cBINWx6IzroHAUs1JAmnevT9T64oSlDt2rFfC2uk/gshB8S9R55o1cJLgMD2Iocu
gfOsZj/wsbVYeHvK7NgHWh3FWdZTxU76mls8zn7KS1YqTRHfZDiDMMbtsvTS3ZH0
Cf31o3qpI5MYFPyc3zTmLoSTGgX+ORCcQS3RpBAfZdwZBxUj9f6wN9/UKU54Kz0r
Cgqjgj7zxtOLxrP5bG5MVpMbl5oZs35Z8OHzebeU0GVwkiINTpDXGc98T0MURo1w
2VCXZWh8HZ2MP6vNmzDxPSD0Nk1F0ZtAPfh584Yf9izTXcP3eCMQpd+W2wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFLWE0KgDzYwwMTOQnwHooXsGFe0tMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdFlUUXFBUE5qREF4TTVDZkFlaWhld1lWN1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZoDBACj
BQ4wDAMEAKMFHQMEBaMFAAMEAKMFOwMEAKMFcAMEAKMFeQMEAKMFgQMEAKMFiwME
AKMFjwMEAKMFkgMEAKMFlQMEAKMFlwMEAKMFoAMEAKMFpwMEAaMFsgMEAKMFugME
AKMFwDAMAwQAowXDAwQAowXEAwQBowXKAwQAowXaAwQAowXgAwQAowXkAwQAowXp
AwQAowXxMA0GCSqGSIb3DQEBCwUAA4IBAQCPd/EUAenerUR/8jBuwJ/QNGE2hQBI
VoNUHK3fN9URMk/E4EvfqrFUUCyGaJ20kyliIiCA8NzxKsV5IBb8r8OyiuJF0WFd
1bjFasbh5CzXac1Bdxp1I/EWBuapw4YaCY/cGASIc7qcb5HUDctfnSuw7Z/XbdGT
++ZrR3usDVk/wST4N42xkpW8vJoydp704jAc3UpGm9HSXMhph+kMXlhQh+auCSlo
JwlUfybMJjHIOMnseOkMB/AdD62u7O9Os7tAmCCcZEE60fvOFNP8pZRFgLkmYaAc
qtmCiXhQk4uy4YXi0un2vCNdJkSJQkEWbjRpwmCGr67UzmOigncq/Wep
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:36:43 2026 by rpki-client