Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pW5M3H2fmgajvjWuscyHhKu6PCo.roa
File: pW5M3H2fmgajvjWuscyHhKu6PCo.roa (raw, json)
Hash identifier: Oe96psXoIlIIxYaHKLyPfRfaIDHRCl70SH/e9a9X8pA=
Subject key identifier: A5:6E:4C:DC:7D:9F:9A:06:A3:BE:35:AE:B1:CC:87:84:AB:BA:3C:2A
Certificate issuer: /CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Certificate serial: 019DEC6EAD8C87801767D8977D29CF8ADC2A
Authority key identifier: 6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pW5M3H2fmgajvjWuscyHhKu6PCo.roa
Signing time: Sun 03 May 2026 06:02:49 +0000
ROA not before: Sun 03 May 2026 06:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62513
IP address blocks: 153.76.4.0/24 maxlen: 24
2a0f:b240::/46 maxlen: 48
2a0f:b240:60::/44 maxlen: 48
2a0f:b240:70::/44 maxlen: 48
2a0f:b240:80::/44 maxlen: 48
2a0f:b240:5800::/40 maxlen: 48
2a0f:b245::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:51:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ec:6e:ad:8c:87:80:17:67:d8:97:7d:29:cf:8a:dc:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e87104a4db4c46371a7f8b6a441fc30ecdfe20f
Validity
Not Before: May 3 06:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a56e4cdc7d9f9a06a3be35aeb1cc8784abba3c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:a6:f9:e1:d3:d7:f3:3d:ea:d9:59:66:d5:
67:6f:34:68:9a:af:58:d9:68:6b:00:e8:b2:43:10:
bf:2f:3d:9c:27:a6:58:36:b2:61:5a:23:58:c2:15:
56:51:c1:53:82:25:3e:a1:bb:a4:1f:26:e4:ff:31:
05:d1:14:09:21:8d:55:3a:b3:30:dc:ba:3b:1d:99:
a9:d1:e5:6a:f6:a3:6c:e4:cd:d1:25:4f:df:57:ef:
da:94:6e:0d:5f:c2:60:e9:72:b3:31:8d:a1:de:d6:
c8:02:bf:98:04:83:27:d7:89:9c:98:ee:fc:a1:f3:
4b:d4:35:b2:9b:57:3a:aa:48:d7:7f:57:74:c3:60:
8a:84:51:f0:2a:85:af:19:68:02:83:67:06:8f:8a:
33:ba:ad:97:08:7b:e0:83:33:45:7d:5a:3b:29:3d:
bd:fd:ef:b0:0d:c3:ad:b0:82:5f:42:36:f2:4c:a9:
40:ef:ae:2b:a8:54:d6:1e:ad:02:c4:0a:ce:d8:4c:
09:dd:71:38:3a:32:92:a9:ff:52:89:8b:ac:af:b0:
ef:37:b9:4c:95:be:eb:da:c9:ee:1a:c9:5a:c3:49:
74:d3:aa:64:95:1b:4c:a4:6f:9f:1c:27:80:10:26:
69:2a:59:5e:75:6e:ce:5a:ed:87:fc:d9:72:0d:7d:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:6E:4C:DC:7D:9F:9A:06:A3:BE:35:AE:B1:CC:87:84:AB:BA:3C:2A
X509v3 Authority Key Identifier:
keyid:6E:87:10:4A:4D:B4:C4:63:71:A7:F8:B6:A4:41:FC:30:EC:DF:E2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bocQSk20xGNxp_i2pEH8MOzf4g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/pW5M3H2fmgajvjWuscyHhKu6PCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/b87ec0-f75a-4bbe-b067-b717980e4ad6/1/bocQSk20xGNxp_i2pEH8MOzf4g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.76.4.0/24
IPv6:
2a0f:b240::/46
2a0f:b240:60::-2a0f:b240:8f:ffff:ffff:ffff:ffff:ffff
2a0f:b240:5800::/40
2a0f:b245::/32
Signature Algorithm: sha256WithRSAEncryption
68:57:58:b4:b8:15:e1:94:a7:ab:b6:40:a4:4c:5f:db:49:a3:
32:02:00:dc:fd:82:f4:84:73:2c:62:7d:81:69:5e:6a:83:f7:
83:65:1e:82:bd:74:6b:1a:0a:02:56:3e:f9:ce:b8:63:11:24:
3d:ab:94:f2:76:2b:af:c0:8c:b1:8b:1c:a5:dd:0b:44:c9:72:
a5:91:65:ac:3e:c2:ce:10:9b:b7:82:04:78:62:14:6b:a1:69:
06:d8:0f:7e:57:14:67:71:17:55:90:a2:1f:d9:3a:ca:80:08:
f1:16:e6:fb:6b:24:84:27:2d:95:24:43:92:a4:4d:77:cc:a2:
38:4f:5c:27:6b:53:74:75:95:1d:f8:1b:06:14:b7:eb:7c:40:
e1:ee:be:e0:b1:1d:80:df:c0:f0:9b:01:0b:f1:86:c2:8f:e7:
a8:22:45:7b:12:62:84:e8:04:c0:2e:ae:3b:76:0f:e0:9d:bf:
5f:28:c9:73:77:28:04:7e:a2:12:ac:4d:ef:6b:2b:5c:a0:d3:
b2:ae:e9:63:81:63:ee:82:cd:ea:5c:54:e5:3d:c2:d6:11:8e:
d0:f5:99:42:6b:8c:8f:e1:59:1b:42:c6:76:27:34:d1:bb:df:
af:cc:f1:b5:d7:7b:fa:a8:1e:48:74:46:d8:bf:b3:02:e6:b7:
e2:bb:0a:6d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ3sbq2Mh4AXZ9iXfSnPitwqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlODcxMDRhNGRiNGM0NjM3MWE3ZjhiNmE0NDFmYzMwZWNk
ZmUyMGYwHhcNMjYwNTAzMDYwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTZlNGNkYzdkOWY5YTA2YTNiZTM1YWViMWNjODc4NGFiYmEzYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR6m+eHT1/M96tlZZtVnbzRomq9Y
2WhrAOiyQxC/Lz2cJ6ZYNrJhWiNYwhVWUcFTgiU+obukHybk/zEF0RQJIY1VOrMw
3Lo7HZmp0eVq9qNs5M3RJU/fV+/alG4NX8Jg6XKzMY2h3tbIAr+YBIMn14mcmO78
ofNL1DWym1c6qkjXf1d0w2CKhFHwKoWvGWgCg2cGj4ozuq2XCHvggzNFfVo7KT29
/e+wDcOtsIJfQjbyTKlA764rqFTWHq0CxArO2EwJ3XE4OjKSqf9SiYusr7DvN7lM
lb7r2snuGslaw0l006pklRtMpG+fHCeAECZpKlledW7OWu2H/NlyDX3RFQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFKVuTNx9n5oGo741rrHMh4SrujwqMB8GA1UdIwQY
MBaAFG6HEEpNtMRjcaf4tqRB/DDs3+IPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjct
YjcxNzk4MGU0YWQ2LzEvcFc1TTNIMmZtZ2FqdmpXdXNjeUhoS3U2UENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9iODdlYzAtZjc1YS00YmJlLWIwNjctYjcxNzk4MGU0YWQ2
LzEvYm9jUVNrMjB4R054cF9pMnBFSDhNT3pmNGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAMBAIAATAGAwQAmUwEMDIE
AgACMCwDBwIqD7JAAAAwEgMHBSoPskAAYAMHBCoPskAAgAMGACoPskBYAwUAKg+y
RTANBgkqhkiG9w0BAQsFAAOCAQEAaFdYtLgV4ZSnq7ZApExf20mjMgIA3P2C9IRz
LGJ9gWleaoP3g2Uegr10axoKAlY++c64YxEkPauU8nYrr8CMsYscpd0LRMlypZFl
rD7CzhCbt4IEeGIUa6FpBtgPflcUZ3EXVZCiH9k6yoAI8Rbm+2skhCctlSRDkqRN
d8yiOE9cJ2tTdHWVHfgbBhS363xA4e6+4LEdgN/A8JsBC/GGwo/nqCJFexJihOgE
wC6uO3YP4J2/XyjJc3coBH6iEqxN72srXKDTsq7pY4Fj7oLN6lxU5T3C1hGO0PWZ
QmuMj+FZG0LGdic00bvfr8zxtdd7+qgeSHRG2L+zAua34rsKbQ==
-----END CERTIFICATE-----
Generated at Wed May 13 04:09:17 2026 by rpki-client