Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Twdebnvgpc-BbEUZaCJcdTsYuO0.roa
File: Twdebnvgpc-BbEUZaCJcdTsYuO0.roa (raw, json)
Hash identifier: faLKQhi58OZjt36XPfjO8o6raoODgZDCdeAjWasPfig=
Subject key identifier: 4F:07:5E:6E:7B:E0:A5:CF:81:6C:45:19:68:22:5C:75:3B:18:B8:ED
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019EA5CF5B6A01CA2C1E89F2C228BB01C11D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Twdebnvgpc-BbEUZaCJcdTsYuO0.roa
Signing time: Mon 08 Jun 2026 05:58:10 +0000
ROA not before: Mon 08 Jun 2026 05:58:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198566
IP address blocks: 163.5.50.0/24 maxlen: 24
163.5.51.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.190.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a5:cf:5b:6a:01:ca:2c:1e:89:f2:c2:28:bb:01:c1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 8 05:58:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f075e6e7be0a5cf816c451968225c753b18b8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ec:58:26:2a:48:2c:93:5d:89:c0:09:3f:3d:
0f:a9:40:41:a0:ba:7c:69:1d:70:46:3c:58:f5:8a:
c6:a7:a6:87:3b:0a:9c:a0:b9:3c:1b:fe:3a:d1:b6:
6b:88:d9:96:71:f4:61:a0:b8:92:4d:ac:08:1c:4f:
ca:29:3e:ff:fe:3e:0b:d9:6e:ed:c0:b4:cf:e2:be:
25:7c:b4:7a:ae:75:e6:d7:38:cc:21:ec:25:32:4a:
ee:b3:96:df:0f:14:27:c9:25:d2:81:bb:a6:ac:28:
ba:dc:c8:b2:11:a2:96:cb:e1:e3:da:ee:bc:b2:cf:
94:7e:f1:fa:c2:a5:5e:b9:51:62:8c:b3:cb:66:09:
1a:64:60:f5:62:94:05:75:c5:8d:23:3b:ff:0c:83:
79:95:a5:b9:03:fe:19:8b:d0:19:99:3c:d2:39:7c:
46:7a:3a:e6:3b:11:53:0c:c9:59:9f:59:1b:a6:11:
72:7f:77:70:5c:b2:7d:5b:cd:1b:71:e0:cc:ad:29:
60:db:20:8d:10:bb:bd:be:f4:14:45:96:5b:de:d6:
68:fa:fa:8d:1b:88:1c:9a:2d:16:22:34:31:7e:60:
81:90:eb:42:1f:85:46:94:ac:a6:3b:9f:33:10:c8:
eb:d6:10:88:04:cd:6f:c9:69:d2:13:41:6a:54:cf:
1e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:07:5E:6E:7B:E0:A5:CF:81:6C:45:19:68:22:5C:75:3B:18:B8:ED
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/Twdebnvgpc-BbEUZaCJcdTsYuO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.50.0/23
163.5.135.0/24
163.5.190.0/24
163.5.192.0/24
Signature Algorithm: sha256WithRSAEncryption
30:18:8d:fe:ac:61:72:eb:f1:a3:99:86:8b:35:7c:36:a9:4f:
14:d5:ae:20:4e:18:f5:03:a5:2a:61:da:9a:cd:8a:1f:2c:2e:
61:3b:ba:da:2c:a1:92:66:08:1b:66:23:97:5f:d2:db:ab:ed:
9e:f7:82:6b:53:de:36:bd:1b:ee:c5:a0:52:ff:07:19:79:cd:
fd:82:3b:c1:cb:e6:58:44:0c:80:14:73:67:6b:72:8a:47:b3:
3a:85:1b:d1:44:14:9a:c2:9a:b6:78:1d:f5:2c:82:2a:e3:34:
61:df:81:bb:4b:43:06:06:97:a6:a9:be:f0:d7:b1:c9:a9:4e:
f6:04:72:25:aa:a0:dc:22:cf:ff:b6:3b:1c:55:9f:2d:6e:00:
18:b8:4d:f6:34:5e:91:4d:b3:90:fd:ae:36:bc:3a:f9:31:d9:
6f:11:66:f0:52:0e:05:01:94:61:d7:a9:84:a3:26:32:2e:df:
8e:81:82:60:d5:57:8a:81:35:1b:72:77:f0:7e:91:d1:7c:74:
ff:9b:f9:11:62:b8:8d:91:8f:fc:15:dc:c8:c4:76:5b:16:33:
0f:1e:5a:9e:d3:48:f4:e9:1f:6c:e8:ab:68:2d:b5:a1:35:d3:
e6:43:d4:b4:5b:4d:58:be:04:ab:11:ee:c9:bc:de:ca:45:77:
22:2a:b6:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6lz1tqAcosHonywii7AcEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjA4MDU1ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA3NWU2ZTdiZTBhNWNmODE2YzQ1MTk2ODIyNWM3NTNiMThiOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OxYJipILJNdicAJPz0PqUBBoLp8
aR1wRjxY9YrGp6aHOwqcoLk8G/460bZriNmWcfRhoLiSTawIHE/KKT7//j4L2W7t
wLTP4r4lfLR6rnXm1zjMIewlMkrus5bfDxQnySXSgbumrCi63MiyEaKWy+Hj2u68
ss+UfvH6wqVeuVFijLPLZgkaZGD1YpQFdcWNIzv/DIN5laW5A/4Zi9AZmTzSOXxG
ejrmOxFTDMlZn1kbphFyf3dwXLJ9W80bceDMrSlg2yCNELu9vvQURZZb3tZo+vqN
G4gcmi0WIjQxfmCBkOtCH4VGlKymO58zEMjr1hCIBM1vyWnSE0FqVM8eJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE8HXm574KXPgWxFGWgiXHU7GLjtMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvVHdkZWJudmdwYy1CYkVVWmFDSmNkVHNZdU8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBowUyAwQA
owWHAwQAowW+AwQAowXAMA0GCSqGSIb3DQEBCwUAA4IBAQAwGI3+rGFy6/GjmYaL
NXw2qU8U1a4gThj1A6UqYdqazYofLC5hO7raLKGSZggbZiOXX9Lbq+2e94JrU942
vRvuxaBS/wcZec39gjvBy+ZYRAyAFHNna3KKR7M6hRvRRBSawpq2eB31LIIq4zRh
34G7S0MGBpemqb7w17HJqU72BHIlqqDcIs//tjscVZ8tbgAYuE32NF6RTbOQ/a42
vDr5MdlvEWbwUg4FAZRh16mEoyYyLt+OgYJg1VeKgTUbcnfwfpHRfHT/m/kRYriN
kY/8FdzIxHZbFjMPHlqe00j06R9s6KtoLbWhNdPmQ9S0W01YvgSrEe7JvN7KRXci
KrYq
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:42 2026 by rpki-client