Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PWU-7iSp0DjtcRIjofmCETxOOD4.roa
File: PWU-7iSp0DjtcRIjofmCETxOOD4.roa (raw, json)
Hash identifier: FpHEMGsDiPq4B1vbnazeNYsFTOOY8r8w4QBeTnhvcvg=
Subject key identifier: 3D:65:3E:EE:24:A9:D0:38:ED:71:12:23:A1:F9:82:11:3C:4E:38:3E
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D536516DB6DF725EEEC10A05D599DDB7F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PWU-7iSp0DjtcRIjofmCETxOOD4.roa
Signing time: Fri 03 Apr 2026 12:50:27 +0000
ROA not before: Fri 03 Apr 2026 12:50:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 163.5.34.0/24 maxlen: 24
163.5.39.0/24 maxlen: 24
163.5.60.0/24 maxlen: 24
163.5.88.0/24 maxlen: 24
163.5.90.0/24 maxlen: 24
163.5.93.0/24 maxlen: 24
163.5.100.0/24 maxlen: 24
163.5.101.0/24 maxlen: 24
163.5.108.0/24 maxlen: 24
163.5.114.0/24 maxlen: 24
163.5.116.0/24 maxlen: 24
163.5.117.0/24 maxlen: 24
163.5.130.0/24 maxlen: 24
163.5.174.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.227.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.240.0/24 maxlen: 24
163.5.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Apr 2026 15:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:65:16:db:6d:f7:25:ee:ec:10:a0:5d:59:9d:db:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 3 12:50:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3d653eee24a9d038ed711223a1f982113c4e383e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c4:5e:aa:34:af:eb:65:14:ac:a0:ae:d8:5e:
ed:ad:71:65:2d:9c:53:fa:73:9f:cb:87:5c:4c:c1:
91:70:f1:f6:00:ad:71:db:be:47:8b:55:a9:42:2f:
74:11:2b:b3:a1:a7:7a:e5:f6:cc:e3:b0:b3:d3:3a:
5b:ca:be:51:0a:b1:2b:6c:a3:1d:ce:7b:4d:61:40:
a2:ed:f9:b8:0e:0d:1f:ad:6a:39:77:bd:75:7a:da:
b3:45:47:a1:a8:a1:dc:3e:fa:02:22:a4:a1:9f:9f:
35:ca:39:ca:7a:c9:a8:d8:b9:a6:e4:a9:cb:d1:15:
2e:67:08:7d:29:52:26:1c:53:31:9a:b1:f3:c8:ca:
be:69:84:fd:65:5d:b7:6a:ce:60:fe:74:e0:52:a8:
f8:79:92:91:03:9e:1b:b4:7f:4d:60:95:0e:c2:9d:
08:d3:db:9c:a5:bf:c6:71:5a:68:29:c4:b3:7f:f6:
f6:f2:94:b8:bf:12:56:55:e4:79:38:15:43:97:c8:
84:8c:ff:6f:16:fe:a3:b5:ac:fc:61:c4:44:3a:a4:
66:ae:f9:3b:11:3c:d3:c8:21:da:6a:65:cc:1d:65:
69:85:4a:6f:bf:26:1c:e2:dd:40:58:0d:fc:2c:64:
d0:43:9b:73:e3:33:6b:10:0b:be:b4:b7:5a:54:86:
68:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:65:3E:EE:24:A9:D0:38:ED:71:12:23:A1:F9:82:11:3C:4E:38:3E
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/PWU-7iSp0DjtcRIjofmCETxOOD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.34.0/24
163.5.39.0/24
163.5.60.0/24
163.5.88.0/24
163.5.90.0/24
163.5.93.0/24
163.5.100.0/23
163.5.108.0/24
163.5.114.0/24
163.5.116.0/23
163.5.130.0/24
163.5.174.0/24
163.5.189.0/24
163.5.225.0-163.5.228.255
163.5.240.0/24
163.5.243.0/24
Signature Algorithm: sha256WithRSAEncryption
47:9d:61:17:a0:66:8b:34:9f:b0:55:7b:ff:35:b2:f2:a1:53:
66:53:7a:14:3b:b3:a9:7d:7f:b2:0f:81:39:87:42:66:13:f4:
91:2c:f5:56:71:fe:71:ed:88:bd:04:23:62:bd:a0:87:52:4d:
05:13:8f:91:a6:f0:b1:d2:a0:80:33:ed:fe:50:d0:b4:80:fc:
ff:d9:96:9d:6a:98:80:18:66:3c:90:10:e2:3c:2e:f3:c0:85:
f6:c9:62:36:82:d8:4d:c2:23:d7:58:b8:72:0f:23:44:c6:db:
c3:04:46:9b:21:35:d4:0c:63:e2:0e:ba:a1:c3:6a:e7:2c:f2:
cb:5d:0f:0f:c8:e2:97:6e:db:7f:e3:8b:43:fb:ca:ad:61:d1:
3c:a5:96:ae:43:52:9b:1c:e1:40:5a:64:76:bf:a8:ab:35:fd:
81:f1:4e:6d:3f:22:29:41:ab:a4:09:13:d4:e0:24:e4:43:7b:
1a:b7:4f:ab:f1:6e:38:78:55:52:5a:f4:4c:39:50:13:a2:fb:
7c:b5:d6:4f:26:e2:27:17:b9:a5:2d:34:7e:3d:cb:de:07:04:
c7:bc:d0:b7:85:a0:e3:f3:76:d5:24:b5:95:3b:b6:c5:fd:5d:
8a:26:0b:6a:00:cc:16:ac:7e:d7:3c:54:7e:b1:9f:e9:65:22:
08:e8:4e:ce
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZ1TZRbbbfcl7uwQoF1Zndt/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNDAzMTI1MDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDY1M2VlZTI0YTlkMDM4ZWQ3MTEyMjNhMWY5ODIxMTNjNGUzODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosReqjSv62UUrKCu2F7trXFlLZxT
+nOfy4dcTMGRcPH2AK1x275Hi1WpQi90ESuzoad65fbM47Cz0zpbyr5RCrErbKMd
zntNYUCi7fm4Dg0frWo5d711etqzRUehqKHcPvoCIqShn581yjnKesmo2Lmm5KnL
0RUuZwh9KVImHFMxmrHzyMq+aYT9ZV23as5g/nTgUqj4eZKRA54btH9NYJUOwp0I
09ucpb/GcVpoKcSzf/b28pS4vxJWVeR5OBVDl8iEjP9vFv6jtaz8YcREOqRmrvk7
ETzTyCHaamXMHWVphUpvvyYc4t1AWA38LGTQQ5tz4zNrEAu+tLdaVIZoCQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFD1lPu4kqdA47XESI6H5ghE8Tjg+MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvUFdVLTdpU3AwRGp0Y1JJam9mbUNFVHhPT0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAKMFIgME
AKMFJwMEAKMFPAMEAKMFWAMEAKMFWgMEAKMFXQMEAaMFZAMEAKMFbAMEAKMFcgME
AaMFdAMEAKMFggMEAKMFrgMEAKMFvTAMAwQAowXhAwQAowXkAwQAowXwAwQAowXz
MA0GCSqGSIb3DQEBCwUAA4IBAQBHnWEXoGaLNJ+wVXv/NbLyoVNmU3oUO7OpfX+y
D4E5h0JmE/SRLPVWcf5x7Yi9BCNivaCHUk0FE4+RpvCx0qCAM+3+UNC0gPz/2Zad
apiAGGY8kBDiPC7zwIX2yWI2gthNwiPXWLhyDyNExtvDBEabITXUDGPiDrqhw2rn
LPLLXQ8PyOKXbtt/44tD+8qtYdE8pZauQ1KbHOFAWmR2v6irNf2B8U5tPyIpQauk
CRPU4CTkQ3sat0+r8W44eFVSWvRMOVATovt8tdZPJuInF7mlLTR+PcveBwTHvNC3
haDj83bVJLWVO7bF/V2KJgtqAMwWrH7XPFR+sZ/pZSII6E7O
-----END CERTIFICATE-----
Generated at Wed Apr 8 23:05:28 2026 by rpki-client