Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ntgy-Fa7pZHqzv6hsjxIJTaMWTo.roa
File: Ntgy-Fa7pZHqzv6hsjxIJTaMWTo.roa (raw, json)
Hash identifier: 54R1qr2H2qgmCw1fgwtczMRj1JpVYP5N1NGh2vklbyU=
Subject key identifier: 36:D8:32:F8:56:BB:A5:91:EA:CE:FE:A1:B2:3C:48:25:36:8C:59:3A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019E28501430B41AB50C7683C0F4C279F397
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ntgy-Fa7pZHqzv6hsjxIJTaMWTo.roa
Signing time: Thu 14 May 2026 21:06:37 +0000
ROA not before: Thu 14 May 2026 21:06:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.147.0/24 maxlen: 24
163.5.148.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.157.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.190.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:28:50:14:30:b4:1a:b5:0c:76:83:c0:f4:c2:79:f3:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: May 14 21:06:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=36d832f856bba591eacefea1b23c4825368c593a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b4:c9:bc:80:b3:31:47:18:01:1f:40:0e:27:
e8:1f:c7:28:01:d4:a1:1e:52:25:47:4d:8d:48:3e:
58:7e:8b:b3:3c:2d:0c:b8:fc:30:b5:40:90:49:ab:
8e:3e:b8:a3:d9:13:85:e2:e2:24:12:d7:46:77:a1:
b2:ba:b5:c8:2b:67:ab:38:ff:c3:16:15:63:b7:b3:
11:65:e9:a1:86:77:c4:48:af:d6:c4:c1:32:59:28:
06:bd:58:6f:e2:76:d9:cc:76:6e:82:8b:50:59:27:
9d:f0:eb:cf:4d:2e:8e:57:56:a5:00:0c:62:1f:a8:
f4:8b:d9:69:25:f9:0d:07:96:a5:e6:06:73:4f:92:
20:32:18:9f:8c:dc:91:b1:13:04:da:47:76:2b:b9:
a8:a8:91:82:42:7f:00:23:98:f6:b1:6b:18:63:6b:
a1:0c:17:a3:bc:87:30:c7:e8:78:fa:bc:59:a6:f4:
26:32:e0:62:32:eb:30:b0:dc:42:06:5c:4f:08:99:
a1:f9:35:30:6c:4c:e7:d9:9f:7e:32:9d:7c:4b:ee:
89:f9:c1:bb:5e:1f:17:ff:8e:4e:7d:37:65:b8:27:
4f:b9:fc:10:e8:90:a6:44:33:a9:dd:f9:d5:6e:da:
74:3a:c1:a2:0e:3a:cc:24:03:37:72:05:f4:a6:ae:
74:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D8:32:F8:56:BB:A5:91:EA:CE:FE:A1:B2:3C:48:25:36:8C:59:3A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Ntgy-Fa7pZHqzv6hsjxIJTaMWTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.59.0/24
163.5.66.0/24
163.5.91.0/24
163.5.112.0/24
163.5.121.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0-163.5.148.255
163.5.151.0/24
163.5.157.0/24
163.5.160.0/24
163.5.167.0/24
163.5.173.0/24
163.5.178.0/24
163.5.190.0/24
163.5.196.0/24
163.5.212.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:1c:8d:3d:f8:33:1d:55:9a:09:5d:76:c8:e8:ce:fc:cb:0a:
cf:48:84:1c:6a:52:32:fa:33:5b:9d:72:a9:51:5f:76:c9:57:
06:74:31:4e:53:b5:b7:04:f3:93:45:bf:f6:1a:37:a7:44:8a:
96:00:75:b7:f0:37:14:9f:e0:e2:a7:59:6c:59:86:e7:80:8f:
b1:3b:e0:4c:74:b7:ce:d4:6e:3f:3e:ff:1f:c5:13:0d:3c:7a:
86:1b:07:ad:27:b0:f7:13:b6:80:6f:f6:ab:16:22:8c:73:9e:
e6:b9:cd:ad:de:f2:1b:43:7f:49:57:2d:d5:67:4b:73:30:1c:
99:2f:e3:66:94:b7:1f:ab:4b:5d:a7:c3:a4:80:22:11:a3:7f:
e2:cf:f5:a9:47:c5:2c:6e:47:ac:2c:7b:8b:ff:ca:4b:19:af:
fc:33:4c:f7:26:05:73:f5:d1:36:ba:95:94:44:21:5c:80:36:
cf:9b:5b:a2:22:40:81:4b:8b:42:f4:65:18:74:5c:20:b8:8d:
68:e2:38:f9:9c:59:b6:29:c5:f0:a0:23:ce:94:a7:2f:1f:c6:
0d:e0:6f:cb:d0:d2:00:29:d5:34:22:e2:89:76:a1:2c:af:ae:
2a:0f:df:18:54:8b:f0:b3:6f:c8:1b:1a:fb:2f:b1:a6:96:7e:
74:15:ac:4b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZ4oUBQwtBq1DHaDwPTCefOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNTE0MjEwNjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQ4MzJmODU2YmJhNTkxZWFjZWZlYTFiMjNjNDgyNTM2OGM1OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrTJvICzMUcYAR9ADifoH8coAdSh
HlIlR02NSD5YfouzPC0MuPwwtUCQSauOPrij2ROF4uIkEtdGd6GyurXIK2erOP/D
FhVjt7MRZemhhnfESK/WxMEyWSgGvVhv4nbZzHZugotQWSed8OvPTS6OV1alAAxi
H6j0i9lpJfkNB5al5gZzT5IgMhifjNyRsRME2kd2K7moqJGCQn8AI5j2sWsYY2uh
DBejvIcwx+h4+rxZpvQmMuBiMuswsNxCBlxPCJmh+TUwbEzn2Z9+Mp18S+6J+cG7
Xh8X/45OfTdluCdPufwQ6JCmRDOp3fnVbtp0OsGiDjrMJAM3cgX0pq50fQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDbYMvhWu6WR6s7+obI8SCU2jFk6MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTnRneS1GYTdwWkhxenY2aHNqeElKVGFNV1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBACj
BSkDBACjBTsDBACjBUIDBACjBVsDBACjBXADBACjBXkDBACjBYEDBACjBYsDBACj
BY8wDAMEAaMFkgMEAKMFlAMEAKMFlwMEAKMFnQMEAKMFoAMEAKMFpwMEAKMFrQME
AKMFsgMEAKMFvgMEAKMFxAMEAKMF1AMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6QME
AKMF8TANBgkqhkiG9w0BAQsFAAOCAQEArhyNPfgzHVWaCV12yOjO/MsKz0iEHGpS
MvozW51yqVFfdslXBnQxTlO1twTzk0W/9ho3p0SKlgB1t/A3FJ/g4qdZbFmG54CP
sTvgTHS3ztRuPz7/H8UTDTx6hhsHrSew9xO2gG/2qxYijHOe5rnNrd7yG0N/SVct
1WdLczAcmS/jZpS3H6tLXafDpIAiEaN/4s/1qUfFLG5HrCx7i//KSxmv/DNM9yYF
c/XRNrqVlEQhXIA2z5tboiJAgUuLQvRlGHRcILiNaOI4+ZxZtinF8KAjzpSnLx/G
DeBvy9DSACnVNCLiiXahLK+uKg/fGFSL8LNvyBsa+y+xppZ+dBWsSw==
-----END CERTIFICATE-----
Generated at Fri May 15 08:18:03 2026 by rpki-client