Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4fIqKrz5_6o3ODM4BU7kRDCXRnQ.roa
File: 4fIqKrz5_6o3ODM4BU7kRDCXRnQ.roa (raw, json)
Hash identifier: bjWyukMEtGP7LZCYGGBiSChmW+2c9+z4X598sczKUGg=
Subject key identifier: E1:F2:2A:2A:BC:F9:FF:AA:37:38:33:38:05:4E:E4:44:30:97:46:74
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019E2854A8F3CCAC98D7A400663ABC16C555
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4fIqKrz5_6o3ODM4BU7kRDCXRnQ.roa
Signing time: Thu 14 May 2026 21:11:37 +0000
ROA not before: Thu 14 May 2026 21:11:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.46.0/24 maxlen: 24
163.5.82.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.223.0/24 maxlen: 24
163.5.226.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 01:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:54:a8:f3:cc:ac:98:d7:a4:00:66:3a:bc:16:c5:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 14 21:11:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1f22a2abcf9ffaa37383338054ee44430974674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:25:a5:1b:a8:cb:6a:8c:47:5a:79:91:70:b8:
01:63:a3:62:2a:ab:99:e1:8a:a6:ca:2f:16:f2:10:
e3:a1:45:6e:d2:de:96:4a:cf:fc:a4:5e:cd:a8:e4:
a0:40:82:a8:ca:73:41:d2:f3:7e:0c:e7:9b:c2:a1:
81:ef:63:c8:e9:a4:16:b6:23:87:fc:b9:da:3e:66:
dc:05:e4:14:6f:32:3b:72:ea:6c:ec:7d:ff:3c:65:
27:ac:49:60:a6:cf:85:b6:98:c5:55:a5:76:69:3b:
e5:57:61:b8:84:f4:73:b9:a5:c3:45:db:5a:34:e8:
3d:bb:b7:cd:f4:ac:82:3b:b9:ed:cc:57:3e:46:a0:
0b:9d:d5:7a:09:ab:3a:40:83:6d:bb:41:3b:5e:11:
ae:b5:f6:f3:10:c6:f6:7d:c0:dc:07:2d:69:de:4d:
33:a0:cb:80:59:25:f3:21:5b:2b:17:bf:ce:dd:cf:
fe:a1:47:88:ef:bf:79:51:c3:6d:80:fd:5a:a9:10:
02:51:77:23:f4:ad:3a:53:5d:d2:5f:7a:0f:75:d1:
93:38:e9:11:36:e3:d4:cd:4e:93:84:56:05:4e:52:
2b:b5:da:68:52:1c:e9:b7:cd:15:15:b6:99:1f:6c:
a8:81:a6:23:72:63:54:e4:13:15:38:cb:40:11:b5:
a4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:F2:2A:2A:BC:F9:FF:AA:37:38:33:38:05:4E:E4:44:30:97:46:74
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/4fIqKrz5_6o3ODM4BU7kRDCXRnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.46.0/24
163.5.82.0/24
163.5.119.0/24
163.5.223.0/24
163.5.226.0/24
163.5.247.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
94:bd:94:13:9e:e9:5b:6c:14:8d:db:a4:76:c0:a6:e8:c6:3a:
16:b1:d1:6e:69:64:e6:68:92:ee:bb:8b:ca:df:eb:55:76:17:
d6:e6:3b:ca:25:bd:03:22:17:65:4b:13:66:c2:e4:7a:59:22:
99:78:0a:84:81:29:c6:81:48:ed:d0:d5:f6:4c:5a:f2:9a:64:
55:29:95:75:60:fb:e1:cb:8a:39:75:eb:2f:b7:38:8a:62:0f:
4f:20:3b:ca:55:3c:38:47:13:87:7e:2d:5c:a2:ad:e3:05:b2:
85:03:2f:42:c4:0f:8f:cf:49:7a:51:0c:58:6b:d9:57:f8:ae:
9e:58:3c:21:8f:0a:cc:85:92:e9:68:c7:54:af:02:46:6d:01:
ec:ba:06:b8:1b:0b:af:f4:01:70:3e:32:9b:93:60:b8:28:ad:
3a:32:e0:be:e8:10:c2:00:13:df:ac:86:5d:a1:63:83:b8:86:
06:55:1d:8c:e5:8f:ca:12:a3:c2:fb:33:dc:4f:cc:51:dd:c2:
0b:be:e9:7b:85:85:5c:35:9b:49:03:fd:57:ff:bd:38:a1:b5:
59:cc:3d:e3:cf:f2:c2:31:68:ce:a3:6e:d3:ae:ed:2f:d1:3c:
7f:d1:9d:22:b1:db:3f:b9:e7:34:f3:49:d3:f1:97:92:c9:4e:
ec:1a:1b:37
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ4oVKjzzKyY16QAZjq8FsVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNTE0MjExMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWYyMmEyYWJjZjlmZmFhMzczODMzMzgwNTRlZTQ0NDMwOTc0Njc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyWlG6jLaoxHWnmRcLgBY6NiKquZ
4Yqmyi8W8hDjoUVu0t6WSs/8pF7NqOSgQIKoynNB0vN+DOebwqGB72PI6aQWtiOH
/LnaPmbcBeQUbzI7cups7H3/PGUnrElgps+FtpjFVaV2aTvlV2G4hPRzuaXDRdta
NOg9u7fN9KyCO7ntzFc+RqALndV6Cas6QINtu0E7XhGutfbzEMb2fcDcBy1p3k0z
oMuAWSXzIVsrF7/O3c/+oUeI7795UcNtgP1aqRACUXcj9K06U13SX3oPddGTOOkR
NuPUzU6ThFYFTlIrtdpoUhzpt80VFbaZH2yogaYjcmNU5BMVOMtAEbWkkwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOHyKiq8+f+qNzgzOAVO5EQwl0Z0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNGZJcUtyejVfNm8zT0RNNEJVN2tSRENYUm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAowUuAwQA
owVSAwQAowV3AwQAowXfAwQAowXiMAwDBACjBfcDBACjBfgwDQYJKoZIhvcNAQEL
BQADggEBAJS9lBOe6VtsFI3bpHbApujGOhax0W5pZOZoku67i8rf61V2F9bmO8ol
vQMiF2VLE2bC5HpZIpl4CoSBKcaBSO3Q1fZMWvKaZFUplXVg++HLijl16y+3OIpi
D08gO8pVPDhHE4d+LVyireMFsoUDL0LED4/PSXpRDFhr2Vf4rp5YPCGPCsyFkulo
x1SvAkZtAey6BrgbC6/0AXA+MpuTYLgorToy4L7oEMIAE9+shl2hY4O4hgZVHYzl
j8oSo8L7M9xPzFHdwgu+6XuFhVw1m0kD/Vf/vTihtVnMPePP8sIxaM6jbtOu7S/R
PH/RnSKx2z+55zTzSdPxl5LJTuwaGzc=
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:09 2026 by rpki-client