Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/chZPH4ZC4M2DAOIIjqvske79NxY.roa
File: chZPH4ZC4M2DAOIIjqvske79NxY.roa (raw, json)
Hash identifier: Da9ZVR4WFGTaF/DxkypPXhAW8yz4gKHy/MICLQjoEXA=
Subject key identifier: 72:16:4F:1F:86:42:E0:CD:83:00:E2:08:8E:AB:EC:91:EE:FD:37:16
Certificate issuer: /CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Certificate serial: 019DBCCD55E41D28DB58C245C33C4DAF44A2
Authority key identifier: 2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/chZPH4ZC4M2DAOIIjqvske79NxY.roa
Signing time: Fri 24 Apr 2026 00:04:26 +0000
ROA not before: Fri 24 Apr 2026 00:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51791
IP address blocks: 153.56.128.0/24 maxlen: 24
153.56.129.0/24 maxlen: 24
153.56.130.0/24 maxlen: 24
2a11:1fc0::/32 maxlen: 32
2a11:1fc0::/48 maxlen: 48
2a11:1fc0:2::/48 maxlen: 48
2a11:1fc0:3::/48 maxlen: 48
2a11:1fc1::/32 maxlen: 32
2a11:1fc2::/32 maxlen: 32
2a11:1fc3::/32 maxlen: 32
2a11:1fc4::/32 maxlen: 32
2a11:1fc5::/32 maxlen: 32
2a11:1fc6::/32 maxlen: 32
2a11:1fc7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 18:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bc:cd:55:e4:1d:28:db:58:c2:45:c3:3c:4d:af:44:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1c16f7ea710af45e2b3a11e628a38ce67bc7a5
Validity
Not Before: Apr 24 00:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72164f1f8642e0cd8300e2088eabec91eefd3716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b4:1c:13:1d:34:08:27:68:a1:a0:61:63:d6:
71:d7:31:09:0e:e3:23:ad:26:63:0e:29:56:84:82:
85:95:ac:31:95:04:c5:28:60:a7:f9:7c:9f:d0:2a:
a2:ad:f6:60:ae:b9:3f:fb:76:56:49:5c:01:fc:f2:
5f:66:7d:b1:26:9a:d8:17:74:9f:84:54:50:b6:93:
6e:a4:ef:a8:94:1e:f1:2b:64:3d:29:4b:5d:8b:09:
9d:b1:38:d9:67:19:39:8b:e2:e4:8f:15:25:19:9d:
1a:c7:6b:6e:00:4d:89:e2:e9:d7:bc:d8:8a:1a:46:
ea:c1:2c:6d:de:ad:18:f2:a7:52:57:13:e4:0c:43:
38:6d:fe:66:9f:27:4f:34:35:27:47:ef:ad:df:c5:
6f:a8:ac:62:78:84:56:db:20:77:63:81:a8:6b:7f:
85:95:45:0d:e2:49:67:7d:e9:d3:ad:0c:d0:3e:42:
02:7c:02:b5:e1:de:54:40:be:c4:ae:af:f5:26:26:
c3:01:b9:3d:f9:fe:52:27:01:d0:43:76:2f:c0:22:
a6:e4:42:60:28:61:f8:ad:81:2b:fb:06:97:4a:0c:
3e:40:e2:93:8d:fa:79:78:c8:8f:75:c2:ca:e5:6b:
0f:5a:9b:c7:bb:fb:50:90:e7:78:91:96:8a:5d:58:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:16:4F:1F:86:42:E0:CD:83:00:E2:08:8E:AB:EC:91:EE:FD:37:16
X509v3 Authority Key Identifier:
keyid:2D:1C:16:F7:EA:71:0A:F4:5E:2B:3A:11:E6:28:A3:8C:E6:7B:C7:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRwW9-pxCvReKzoR5iijjOZ7x6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/chZPH4ZC4M2DAOIIjqvske79NxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/5eb212-46f5-438c-8672-1fa78018a6e9/1/LRwW9-pxCvReKzoR5iijjOZ7x6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.56.128.0-153.56.130.255
IPv6:
2a11:1fc0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:2d:e9:cc:53:72:7e:bd:29:9c:26:ba:c6:7a:5c:10:cf:18:
1a:51:51:bb:96:6a:30:c4:7a:ad:da:82:0e:ca:c7:ec:c0:62:
ee:aa:c8:95:fc:93:07:83:7c:51:94:21:e7:39:63:b9:ec:cb:
cc:e1:2e:67:75:e1:77:5e:59:c6:7b:16:4a:83:8c:24:24:2e:
fe:a6:37:08:fe:34:39:b4:72:8b:6f:8f:77:b6:d8:e4:36:66:
eb:bb:87:0f:99:61:1f:37:51:34:8b:ce:a1:45:fb:6d:37:3d:
15:4a:d1:67:79:dd:9d:9b:3f:b9:b5:0a:8e:8a:2d:88:e5:c8:
5c:ef:97:22:53:4e:7b:4b:e6:ab:ef:a7:57:db:2c:4c:66:40:
df:9a:b1:c5:12:13:26:d8:66:41:f1:bd:6e:72:55:02:3c:64:
10:e3:a0:f8:c3:f0:ca:70:f0:42:df:50:54:68:aa:8c:87:90:
a6:ee:3f:96:91:b7:7b:2b:d1:1e:9b:d3:36:0d:90:fb:cb:52:
77:51:77:76:40:33:ca:d9:c4:96:d4:53:e5:e8:11:e9:1f:09:
95:1b:b6:ae:8c:ab:6f:80:0c:ac:92:ed:e5:fa:97:4a:fe:db:
f3:ee:78:75:d2:1c:e5:a2:b6:8e:cc:b5:47:da:57:c3:08:41:
b6:e8:ef:85
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ28zVXkHSjbWMJFwzxNr0SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWMxNmY3ZWE3MTBhZjQ1ZTJiM2ExMWU2MjhhMzhjZTY3
YmM3YTUwHhcNMjYwNDI0MDAwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE2NGYxZjg2NDJlMGNkODMwMGUyMDg4ZWFiZWM5MWVlZmQzNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrQcEx00CCdooaBhY9Zx1zEJDuMj
rSZjDilWhIKFlawxlQTFKGCn+Xyf0CqirfZgrrk/+3ZWSVwB/PJfZn2xJprYF3Sf
hFRQtpNupO+olB7xK2Q9KUtdiwmdsTjZZxk5i+LkjxUlGZ0ax2tuAE2J4unXvNiK
GkbqwSxt3q0Y8qdSVxPkDEM4bf5mnydPNDUnR++t38VvqKxieIRW2yB3Y4Goa3+F
lUUN4klnfenTrQzQPkICfAK14d5UQL7Erq/1JibDAbk9+f5SJwHQQ3YvwCKm5EJg
KGH4rYEr+waXSgw+QOKTjfp5eMiPdcLK5WsPWpvHu/tQkOd4kZaKXVhONQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHIWTx+GQuDNgwDiCI6r7JHu/TcWMB8GA1UdIwQY
MBaAFC0cFvfqcQr0Xis6EeYoo4zme8elMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzIt
MWZhNzgwMThhNmU5LzEvY2haUEg0WkM0TTJEQU9JSWpxdnNrZTc5TnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy81ZWIyMTItNDZmNS00MzhjLTg2NzItMWZhNzgwMThhNmU5
LzEvTFJ3VzktcHhDdlJlS3pvUjVpaWpqT1o3eDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAeZOIAD
BACZOIIwDQQCAAIwBwMFAyoRH8AwDQYJKoZIhvcNAQELBQADggEBAF4t6cxTcn69
KZwmusZ6XBDPGBpRUbuWajDEeq3agg7Kx+zAYu6qyJX8kweDfFGUIec5Y7nsy8zh
Lmd14XdeWcZ7FkqDjCQkLv6mNwj+NDm0cotvj3e22OQ2Zuu7hw+ZYR83UTSLzqFF
+203PRVK0Wd53Z2bP7m1Co6KLYjlyFzvlyJTTntL5qvvp1fbLExmQN+ascUSEybY
ZkHxvW5yVQI8ZBDjoPjD8Mpw8ELfUFRoqoyHkKbuP5aRt3sr0R6b0zYNkPvLUndR
d3ZAM8rZxJbUU+XoEekfCZUbtq6Mq2+ADKyS7eX6l0r+2/PueHXSHOWito7MtUfa
V8MIQbbo74U=
-----END CERTIFICATE-----
Generated at Wed May 13 03:49:01 2026 by rpki-client