Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HNk1DS2aiL96dTODSWvY9YOZ16M.roa
File: HNk1DS2aiL96dTODSWvY9YOZ16M.roa (raw, json)
Hash identifier: ueaG3IoD7hyE8urRW/H+b+iF/G0sMNiyuY/Qbg2T++w=
Subject key identifier: 1C:D9:35:0D:2D:9A:88:BF:7A:75:33:83:49:6B:D8:F5:83:99:D7:A3
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019F08BB3E9D87AE4AC40F1A798194ECFE90
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HNk1DS2aiL96dTODSWvY9YOZ16M.roa
Signing time: Sat 27 Jun 2026 10:58:36 +0000
ROA not before: Sat 27 Jun 2026 10:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.49.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:08:bb:3e:9d:87:ae:4a:c4:0f:1a:79:81:94:ec:fe:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 27 10:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cd9350d2d9a88bf7a753383496bd8f58399d7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:89:f0:21:eb:e0:2f:e0:7c:9d:38:35:b8:
33:32:02:a4:a9:6b:5b:59:45:db:9b:fb:1f:10:b8:
6d:d7:4c:53:0a:f4:ce:9a:9f:fd:3d:f3:5b:ef:4b:
d2:26:97:1b:dc:54:26:35:3e:a4:21:bb:fe:2e:f3:
fc:06:c5:01:93:27:00:be:45:3b:2c:9f:54:90:c8:
29:0b:fa:e0:e1:b4:ad:ce:e8:ae:7c:80:82:18:ff:
ee:18:49:d5:ef:31:08:3a:2f:38:b7:a5:8e:1c:f6:
f3:87:ff:fc:41:a6:74:b2:ba:38:03:34:85:4c:6f:
d4:b4:f8:a8:4d:6f:12:70:a0:53:e9:9e:b5:20:a0:
9b:e6:d9:80:c0:e4:ff:82:f2:50:03:e2:59:5a:07:
22:c2:fc:bc:d2:9c:8a:ac:20:08:6d:d7:d1:17:7f:
f4:b0:48:c4:a9:d8:bd:2d:52:ea:bf:9a:3f:f5:25:
4a:7d:0b:26:c1:43:8d:86:8d:7b:d6:bd:44:48:bb:
76:78:84:7d:46:7a:cc:c5:ab:64:7d:f3:bb:5a:ab:
64:f4:cc:7d:63:e9:0c:05:e9:f3:f7:8b:6b:08:ec:
1e:cb:b9:e1:a5:97:8f:4a:a6:f1:4c:e2:83:42:be:
e3:2e:03:4a:a2:33:b5:af:3d:93:b0:bb:03:0b:c7:
85:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D9:35:0D:2D:9A:88:BF:7A:75:33:83:49:6B:D8:F5:83:99:D7:A3
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HNk1DS2aiL96dTODSWvY9YOZ16M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.49.0/24
163.5.59.0/24
163.5.97.0/24
163.5.112.0/24
163.5.120.0/23
163.5.125.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.148.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.196.0/24
163.5.212.0/24
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:56:6e:06:31:cb:15:e7:98:0f:68:4b:aa:c1:6e:8d:bc:2c:
85:3d:30:c8:d8:e7:2a:83:a1:85:4a:c6:e6:94:55:00:f8:dc:
9d:bc:fd:3b:28:50:6a:25:fe:98:fa:5a:ef:72:fe:2b:00:16:
53:f8:93:9e:e6:5b:d1:7b:db:1d:48:9a:7b:c3:c8:c8:2d:b5:
cc:be:d9:fe:58:e1:d4:7f:f1:f3:b2:2f:c8:80:b0:75:ba:ac:
c2:9b:9f:3c:80:1b:05:df:d1:91:44:8e:2a:2a:e0:9e:3c:e6:
b4:20:46:81:10:0e:2c:6f:49:33:e2:20:2c:c3:01:c1:26:ba:
6c:ad:f6:99:d8:63:04:5f:b9:23:1b:15:0c:b0:5f:be:db:60:
b9:22:fc:94:79:05:86:e3:64:77:2a:49:9b:51:a5:e3:98:1e:
e8:ce:19:62:5f:3e:9a:c3:33:e0:57:38:cd:d2:a1:26:c5:75:
ef:e5:d9:a6:91:60:42:9e:8a:66:3f:63:96:48:9c:49:fa:bf:
58:f0:fe:3e:fc:df:b6:0c:32:94:e6:a3:97:be:0e:af:13:20:
eb:3e:e3:da:30:10:f4:ad:51:3c:eb:d6:e4:11:39:49:9f:54:
0f:9f:fb:fa:00:e1:0b:79:39:d1:76:46:79:41:b7:bd:ac:4b:
75:0c:a9:d1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ8Iuz6dh65KxA8aeYGU7P6QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjI3MTA1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q5MzUwZDJkOWE4OGJmN2E3NTMzODM0OTZiZDhmNTgzOTlkN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/SJ8CHr4C/gfJ04NbgzMgKkqWtb
WUXbm/sfELht10xTCvTOmp/9PfNb70vSJpcb3FQmNT6kIbv+LvP8BsUBkycAvkU7
LJ9UkMgpC/rg4bStzuiufICCGP/uGEnV7zEIOi84t6WOHPbzh//8QaZ0sro4AzSF
TG/UtPioTW8ScKBT6Z61IKCb5tmAwOT/gvJQA+JZWgciwvy80pyKrCAIbdfRF3/0
sEjEqdi9LVLqv5o/9SVKfQsmwUONho171r1ESLt2eIR9RnrMxatkffO7Wqtk9Mx9
Y+kMBenz94trCOwey7nhpZePSqbxTOKDQr7jLgNKojO1rz2TsLsDC8eFpwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBzZNQ0tmoi/enUzg0lr2PWDmdejMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSE5rMURTMmFpTDk2ZFRPRFNXdlk5WU9aMTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBACj
BTEDBACjBTsDBACjBWEDBACjBXADBAGjBXgDBACjBX0DBACjBYEDBACjBYsDBACj
BY8DBACjBZIDBACjBZQDBACjBZcDBACjBaADBACjBacDBACjBbIDBACjBcQDBACj
BdQDBACjBdcDBACjBdoDBACjBeADBACjBeQDBACjBekDBACjBfEwDQYJKoZIhvcN
AQELBQADggEBALNWbgYxyxXnmA9oS6rBbo28LIU9MMjY5yqDoYVKxuaUVQD43J28
/TsoUGol/pj6Wu9y/isAFlP4k57mW9F72x1ImnvDyMgttcy+2f5Y4dR/8fOyL8iA
sHW6rMKbnzyAGwXf0ZFEjioq4J485rQgRoEQDixvSTPiICzDAcEmumyt9pnYYwRf
uSMbFQywX77bYLki/JR5BYbjZHcqSZtRpeOYHujOGWJfPprDM+BXOM3SoSbFde/l
2aaRYEKeimY/Y5ZInEn6v1jw/j7837YMMpTmo5e+Dq8TIOs+49owEPStUTzr1uQR
OUmfVA+f+/oA4Qt5OdF2RnlBt72sS3UMqdE=
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:53 2026 by rpki-client