Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/saxBhB5iIsj-qtCE-fe90xXgHzc.roa
File: saxBhB5iIsj-qtCE-fe90xXgHzc.roa (raw, json)
Hash identifier: 0GBMbDY4KzsuDSY2C+PoQvPLfc+cGC76YZoJtCPmub0=
Subject key identifier: B1:AC:41:84:1E:62:22:C8:FE:AA:D0:84:F9:F7:BD:D3:15:E0:1F:37
Certificate issuer: /CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Certificate serial: 019DF78DF6E6749C65160CE22C4548BF405B
Authority key identifier: 6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/saxBhB5iIsj-qtCE-fe90xXgHzc.roa
Signing time: Tue 05 May 2026 09:52:49 +0000
ROA not before: Tue 05 May 2026 09:52:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213705
IP address blocks: 153.51.160.0/22 maxlen: 22
153.51.168.0/24 maxlen: 24
153.51.169.0/24 maxlen: 24
153.51.171.0/24 maxlen: 24
153.51.172.0/22 maxlen: 22
153.51.176.0/24 maxlen: 24
153.51.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f7:8d:f6:e6:74:9c:65:16:0c:e2:2c:45:48:bf:40:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b104f1e4abaec1eff80f262c62f96c25438c8e1
Validity
Not Before: May 5 09:52:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1ac41841e6222c8feaad084f9f7bdd315e01f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:7d:4f:8d:28:7d:8a:58:46:3f:d6:1a:eb:
03:69:4c:4a:b5:c6:7b:07:99:16:f1:96:9b:5b:f0:
95:08:16:88:d8:6a:f9:b3:37:a8:e4:ee:b9:87:b3:
68:66:d4:a8:43:d1:22:6d:9a:9e:11:52:94:51:06:
01:4c:e9:37:1f:16:ad:67:6b:d8:6c:71:e8:fd:0e:
8a:90:1b:aa:b0:29:5f:18:ae:d0:91:d3:8c:e6:5f:
2e:bd:0e:4b:65:a3:0c:79:2a:4d:18:3e:a7:38:69:
14:1c:14:0d:7e:59:32:2e:62:4f:b0:48:6c:a7:4b:
a7:c6:40:23:01:6c:b1:21:f9:d3:1d:24:79:0d:c8:
eb:be:be:19:c4:e2:11:14:61:7e:9d:d8:20:39:f4:
e2:5c:16:c5:9c:6e:4d:57:05:43:14:ac:6a:56:8f:
c6:d4:a1:12:8f:98:a9:be:c2:59:47:2e:4d:60:d2:
3f:5b:cc:d7:ba:c1:d4:e6:82:29:7a:af:29:82:89:
54:14:e9:26:a6:0f:4a:c0:54:72:5c:a1:02:c0:89:
55:5c:cc:84:a5:9e:21:a8:f4:44:11:2f:58:eb:85:
7c:47:98:24:64:9e:3b:b0:34:31:6f:a0:13:c1:0a:
82:1d:cb:62:24:69:99:1a:02:ce:b2:32:3d:a7:c8:
f1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:AC:41:84:1E:62:22:C8:FE:AA:D0:84:F9:F7:BD:D3:15:E0:1F:37
X509v3 Authority Key Identifier:
keyid:6B:10:4F:1E:4A:BA:EC:1E:FF:80:F2:62:C6:2F:96:C2:54:38:C8:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/axBPHkq67B7_gPJixi-WwlQ4yOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/saxBhB5iIsj-qtCE-fe90xXgHzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/653c24-68e5-4ad8-b763-30c9de205afc/1/axBPHkq67B7_gPJixi-WwlQ4yOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.160.0/22
153.51.168.0/23
153.51.171.0-153.51.176.255
153.51.191.0/24
Signature Algorithm: sha256WithRSAEncryption
67:f2:bb:f4:3b:a3:2f:48:ae:14:1c:fc:b2:25:18:82:45:2d:
e9:87:0b:63:0f:e1:f5:93:2f:ec:88:bf:e1:4f:c7:be:cd:66:
a6:eb:04:db:51:63:08:94:7b:18:f0:01:e5:c0:a6:fd:4f:5e:
d8:ee:6d:f5:83:b0:ed:8a:b7:e0:1a:84:25:78:4f:70:0f:35:
52:47:df:7e:45:23:33:51:49:4d:14:78:f8:90:c0:19:e3:d6:
59:35:44:72:cb:17:2f:b5:98:8d:cf:41:f1:a5:c1:73:04:0a:
fc:87:2f:cc:04:13:9c:92:27:2c:8d:48:05:5d:29:7a:64:c2:
70:62:12:db:50:fe:2c:3f:76:8d:9d:d1:2f:00:b5:d1:4f:a1:
a8:ef:cc:0a:cb:2d:98:de:50:a4:46:f6:aa:17:6b:25:14:47:
85:3f:e1:11:ec:df:b7:34:fe:8a:26:6b:57:26:57:02:c2:55:
8c:06:59:d7:84:bb:ba:42:28:a4:6d:d2:cf:a7:ac:52:04:10:
20:f1:c2:0b:24:3f:14:00:0d:d1:7b:a9:06:30:26:a5:09:96:
64:34:9a:b3:66:b5:85:11:c6:3f:0b:c1:c8:c9:1d:c1:45:93:
59:f3:3e:30:3a:1d:95:31:45:3f:0e:9f:e2:e3:7f:f4:3e:54:
4a:a6:de:56
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ33jfbmdJxlFgziLEVIv0BbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMTA0ZjFlNGFiYWVjMWVmZjgwZjI2MmM2MmY5NmMyNTQz
OGM4ZTEwHhcNMjYwNTA1MDk1MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWFjNDE4NDFlNjIyMmM4ZmVhYWQwODRmOWY3YmRkMzE1ZTAxZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGN9T40ofYpYRj/WGusDaUxKtcZ7
B5kW8ZabW/CVCBaI2Gr5szeo5O65h7NoZtSoQ9EibZqeEVKUUQYBTOk3HxatZ2vY
bHHo/Q6KkBuqsClfGK7QkdOM5l8uvQ5LZaMMeSpNGD6nOGkUHBQNflkyLmJPsEhs
p0unxkAjAWyxIfnTHSR5Dcjrvr4ZxOIRFGF+ndggOfTiXBbFnG5NVwVDFKxqVo/G
1KESj5ipvsJZRy5NYNI/W8zXusHU5oIpeq8pgolUFOkmpg9KwFRyXKECwIlVXMyE
pZ4hqPREES9Y64V8R5gkZJ47sDQxb6ATwQqCHctiJGmZGgLOsjI9p8jxiwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLGsQYQeYiLI/qrQhPn3vdMV4B83MB8GA1UdIwQY
MBaAFGsQTx5Kuuwe/4DyYsYvlsJUOMjhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMt
MzBjOWRlMjA1YWZjLzEvc2F4QmhCNWlJc2otcXRDRS1mZTkweFhnSHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82NTNjMjQtNjhlNS00YWQ4LWI3NjMtMzBjOWRlMjA1YWZj
LzEvYXhCUEhrcTY3QjdfZ1BKaXhpLVd3bFE0eU9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCmTOgAwQB
mTOoMAwDBACZM6sDBACZM7ADBACZM78wDQYJKoZIhvcNAQELBQADggEBAGfyu/Q7
oy9IrhQc/LIlGIJFLemHC2MP4fWTL+yIv+FPx77NZqbrBNtRYwiUexjwAeXApv1P
XtjubfWDsO2Kt+AahCV4T3APNVJH335FIzNRSU0UePiQwBnj1lk1RHLLFy+1mI3P
QfGlwXMECvyHL8wEE5ySJyyNSAVdKXpkwnBiEttQ/iw/do2d0S8AtdFPoajvzArL
LZjeUKRG9qoXayUUR4U/4RHs37c0/ooma1cmVwLCVYwGWdeEu7pCKKRt0s+nrFIE
ECDxwgskPxQADdF7qQYwJqUJlmQ0mrNmtYURxj8LwcjJHcFFk1nzPjA6HZUxRT8O
n+Ljf/Q+VEqm3lY=
-----END CERTIFICATE-----
Generated at Wed May 6 01:19:43 2026 by rpki-client