Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JF9afBkKBOcNR1vdi6rlbo8KqvA.roa
File: JF9afBkKBOcNR1vdi6rlbo8KqvA.roa (raw, json)
Hash identifier: lJZTpHt57HxQMIaTBFALsdxYeepu9+ZK3ihpeiYUH4I=
Subject key identifier: 24:5F:5A:7C:19:0A:04:E7:0D:47:5B:DD:8B:AA:E5:6E:8F:0A:AA:F0
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D4990969665EE06B78AD0FA3E3B70EA01
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JF9afBkKBOcNR1vdi6rlbo8KqvA.roa
Signing time: Wed 01 Apr 2026 15:01:45 +0000
ROA not before: Wed 01 Apr 2026 15:01:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 163.5.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 00:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:49:90:96:96:65:ee:06:b7:8a:d0:fa:3e:3b:70:ea:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 1 15:01:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=245f5a7c190a04e70d475bdd8baae56e8f0aaaf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e3:ab:f2:0e:3f:9c:56:0b:f7:9c:0c:cb:05:
2b:06:98:fc:0d:b5:d7:43:a7:9d:a2:14:88:e7:fe:
ab:85:90:8c:2d:70:d9:fb:99:39:64:f3:3f:1d:38:
58:c5:64:d4:f5:fb:1c:ee:d1:18:6f:57:cb:3c:f6:
88:12:ae:6b:d1:f9:0b:dc:69:80:9f:9a:9c:f3:99:
ea:5d:8e:af:d3:17:61:6c:04:03:ff:ac:3c:2e:ca:
87:11:78:a6:4b:43:f3:20:c7:49:d6:ab:dc:ac:f5:
6a:65:2c:5e:d0:97:94:6e:3f:41:cd:80:66:a1:e2:
cb:3e:3f:a1:46:c6:7c:ba:63:1a:53:bf:07:ae:e8:
bc:74:20:06:72:9e:52:6c:30:b7:56:1e:61:c4:8e:
8b:a9:da:93:37:d2:e7:92:f1:94:ae:cb:d7:48:12:
93:10:ce:e1:99:d3:cd:37:aa:37:60:dd:e4:79:7e:
23:45:76:ff:80:14:25:12:cf:d8:55:32:6d:a8:b3:
dc:87:9f:b7:c2:62:01:6a:22:96:a3:91:07:2b:2a:
55:a3:cd:21:15:8f:54:c6:10:18:fa:d9:fc:12:fe:
7c:85:0a:eb:e7:69:b7:bc:cd:e8:38:e6:1b:d1:91:
fe:e1:1a:b7:97:44:b2:22:a9:3a:f4:f7:25:d0:93:
0c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5F:5A:7C:19:0A:04:E7:0D:47:5B:DD:8B:AA:E5:6E:8F:0A:AA:F0
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/JF9afBkKBOcNR1vdi6rlbo8KqvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.140.0/24
Signature Algorithm: sha256WithRSAEncryption
29:03:7c:9d:18:b0:50:6b:c3:d0:6f:a0:9f:d2:cc:7e:0f:93:
61:87:b4:9d:82:43:a1:ca:b8:8d:d7:1a:e4:05:1c:7c:ba:2a:
47:9b:4d:78:d1:2f:b2:e3:09:7b:be:e9:98:d5:53:8a:f8:08:
e1:ab:2d:49:28:3a:29:01:9b:39:dd:1f:aa:5d:bb:c6:6c:6e:
43:ff:2e:3a:aa:34:44:aa:53:7f:06:28:75:20:b4:fe:a9:a6:
30:7e:4c:de:66:71:e4:b9:a7:5d:47:79:ee:b9:87:24:25:d2:
ad:fd:1d:ab:47:e6:a9:e4:ef:9d:31:9f:3d:ae:aa:28:2b:e1:
64:8e:20:9a:f0:d8:5c:59:76:d2:c1:64:99:9c:91:4f:5b:52:
52:a6:91:33:cb:59:e7:8f:08:8d:de:11:f0:6c:28:c4:d4:d0:
aa:c8:8a:d0:9b:a2:50:d6:a6:d1:f6:f5:69:e9:8c:dc:61:09:
58:be:8c:d4:ac:ba:92:c0:bb:10:20:9f:81:92:05:f4:9a:35:
83:19:da:9a:23:d5:9d:f1:d9:bb:00:bc:7f:25:8a:ce:03:fe:
b6:42:2c:c5:5f:cb:00:af:c5:4e:4f:70:8b:18:e7:16:fe:f6:
e3:08:77:35:fb:64:3a:2b:dc:3e:17:20:5a:f5:78:55:10:07:
e1:f7:b0:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1JkJaWZe4Gt4rQ+j47cOoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNDAxMTUwMTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDVmNWE3YzE5MGEwNGU3MGQ0NzViZGQ4YmFhZTU2ZThmMGFhYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuOr8g4/nFYL95wMywUrBpj8DbXX
Q6edohSI5/6rhZCMLXDZ+5k5ZPM/HThYxWTU9fsc7tEYb1fLPPaIEq5r0fkL3GmA
n5qc85nqXY6v0xdhbAQD/6w8LsqHEXimS0PzIMdJ1qvcrPVqZSxe0JeUbj9BzYBm
oeLLPj+hRsZ8umMaU78Hrui8dCAGcp5SbDC3Vh5hxI6LqdqTN9LnkvGUrsvXSBKT
EM7hmdPNN6o3YN3keX4jRXb/gBQlEs/YVTJtqLPch5+3wmIBaiKWo5EHKypVo80h
FY9UxhAY+tn8Ev58hQrr52m3vM3oOOYb0ZH+4Rq3l0SyIqk69Pcl0JMMTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRfWnwZCgTnDUdb3Yuq5W6PCqrwMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSkY5YWZCa0tCT2NOUjF2ZGk2cmxibzhLcXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWMMA0G
CSqGSIb3DQEBCwUAA4IBAQApA3ydGLBQa8PQb6Cf0sx+D5Nhh7SdgkOhyriN1xrk
BRx8uipHm0140S+y4wl7vumY1VOK+Ajhqy1JKDopAZs53R+qXbvGbG5D/y46qjRE
qlN/Bih1ILT+qaYwfkzeZnHkuaddR3nuuYckJdKt/R2rR+ap5O+dMZ89rqooK+Fk
jiCa8NhcWXbSwWSZnJFPW1JSppEzy1nnjwiN3hHwbCjE1NCqyIrQm6JQ1qbR9vVp
6YzcYQlYvozUrLqSwLsQIJ+BkgX0mjWDGdqaI9Wd8dm7ALx/JYrOA/62QizFX8sA
r8VOT3CLGOcW/vbjCHc1+2Q6K9w+FyBa9XhVEAfh97AJ
-----END CERTIFICATE-----
Generated at Tue Apr 7 10:31:20 2026 by rpki-client