Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_O28e0R--RzHEawXFipmAXFbXGQ.roa
File: _O28e0R--RzHEawXFipmAXFbXGQ.roa (raw, json)
Hash identifier: zrkyCl6tt0/JRToHdAMFRyf/2nmWc0g4N5xnJRW/EYo=
Subject key identifier: FC:ED:BC:7B:44:7E:F9:1C:C7:11:AC:17:16:2A:66:01:71:5B:5C:64
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019D3EE55BEF9D2220EFA8A4BB1BB280D4AD
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_O28e0R--RzHEawXFipmAXFbXGQ.roa
Signing time: Mon 30 Mar 2026 13:18:31 +0000
ROA not before: Mon 30 Mar 2026 13:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.29.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.132.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.202.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 13:18:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:e5:5b:ef:9d:22:20:ef:a8:a4:bb:1b:b2:80:d4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 30 13:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fcedbc7b447ef91cc711ac17162a6601715b5c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:e6:37:f1:fb:19:af:4b:22:34:57:51:63:
d6:02:dc:e6:ca:12:34:5c:73:96:23:f4:bb:ad:f7:
8a:6e:f6:f6:73:6a:75:1b:b8:21:eb:d1:36:54:e7:
4a:56:d9:1d:43:14:cf:3b:92:4c:aa:b4:1a:b7:24:
4c:16:ed:94:d2:64:b9:96:a3:d2:bb:e6:fb:6b:a2:
e9:0c:1d:b6:b6:b0:28:a9:66:d6:da:3c:d1:6a:51:
8d:82:f4:6e:fa:14:ba:51:cd:eb:59:db:e9:78:96:
9b:a8:df:28:22:33:90:d7:3a:00:7b:62:c8:51:6d:
46:c2:51:13:4b:8d:17:f0:ed:bc:21:b9:1b:2e:7f:
64:cb:eb:82:45:42:64:fe:42:aa:81:55:4a:f6:d1:
69:fb:cf:72:b5:50:ea:43:5a:9c:65:b2:d4:a8:89:
a6:bd:5d:21:cc:d7:5e:77:2a:7a:bf:17:0c:36:9f:
0f:c8:ea:75:e7:d5:5e:8c:94:df:5e:6f:f8:86:79:
a0:92:b6:4c:e9:9a:5b:db:da:92:10:47:eb:a5:3e:
75:ec:91:69:58:98:50:8a:e7:40:23:6f:3a:b6:f8:
c5:eb:bc:8b:26:71:62:4d:20:83:40:83:57:fc:4d:
bb:c2:46:fb:f3:ca:ef:98:dc:39:13:e9:3b:73:29:
a8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:ED:BC:7B:44:7E:F9:1C:C7:11:AC:17:16:2A:66:01:71:5B:5C:64
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_O28e0R--RzHEawXFipmAXFbXGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.29.0-163.5.30.255
163.5.59.0/24
163.5.112.0/24
163.5.121.0/24
163.5.129.0/24
163.5.132.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.186.0/24
163.5.196.0/24
163.5.202.0/24
163.5.204.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
76:64:ab:83:37:1d:32:24:0a:87:53:dc:69:57:72:e3:42:18:
2d:bb:43:b1:41:bb:63:33:14:f8:16:be:5f:86:52:a6:ea:b3:
59:08:13:bc:fa:9e:db:95:ce:ef:84:76:1a:56:a7:c0:f9:d9:
cc:cc:9c:78:ca:1b:8d:84:e1:73:bc:a3:72:45:4c:b4:88:d3:
3f:d9:94:8e:7d:ba:a4:c5:f9:5a:7f:9b:3a:7f:37:23:04:68:
21:c4:01:4e:a6:50:7e:e1:13:20:f9:e0:70:99:0b:68:9e:37:
55:cc:6b:ee:46:d9:c7:4d:f3:f3:d1:e9:68:d2:35:6c:2d:59:
8e:2e:1f:c3:41:fb:c5:50:dc:ab:01:dd:ea:0f:68:cb:8a:02:
a8:5c:0a:15:7d:cb:a1:90:8e:a9:01:22:52:34:e3:79:35:0e:
a5:7f:9f:f6:69:66:56:8c:4d:9d:a2:82:65:b9:74:0c:ef:ca:
e0:47:25:18:ea:0a:f8:10:33:e3:82:1c:e5:17:e2:03:51:72:
60:b2:25:eb:d3:66:aa:48:ed:8b:b3:f1:9f:da:c0:7e:6b:a8:
a7:6c:9e:d3:ce:6d:96:8a:d5:4c:dd:fc:66:7a:71:9a:b3:ce:
2c:06:f0:d0:12:94:28:ef:1e:fd:d6:5a:e4:66:31:d9:62:99:
e5:33:13:7e
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ0+5VvvnSIg76ikuxuygNStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzMwMTMxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2VkYmM3YjQ0N2VmOTFjYzcxMWFjMTcxNjJhNjYwMTcxNWI1YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu17mN/H7Ga9LIjRXUWPWAtzmyhI0
XHOWI/S7rfeKbvb2c2p1G7gh69E2VOdKVtkdQxTPO5JMqrQatyRMFu2U0mS5lqPS
u+b7a6LpDB22trAoqWbW2jzRalGNgvRu+hS6Uc3rWdvpeJabqN8oIjOQ1zoAe2LI
UW1GwlETS40X8O28IbkbLn9ky+uCRUJk/kKqgVVK9tFp+89ytVDqQ1qcZbLUqImm
vV0hzNdedyp6vxcMNp8PyOp159VejJTfXm/4hnmgkrZM6Zpb29qSEEfrpT517JFp
WJhQiudAI286tvjF67yLJnFiTSCDQINX/E27wkb788rvmNw5E+k7cymonQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFPztvHtEfvkcxxGsFxYqZgFxW1xkMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvX08yOGUwUi0tUnpIRWF3WEZpcG1BWEZiWEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AKMFHQMEAKMFHgMEAKMFOwMEAKMFcAMEAKMFeQMEAKMFgQMEAKMFhAMEAKMFiwME
AKMFjwMEAKMFkgMEAKMFlwMEAKMFoAMEAKMFpwMEAKMFsgMEAKMFugMEAKMFxAME
AKMFygMEAKMFzAMEAKMF2gMEAKMF4AMEAKMF5AMEAKMF6QMEAKMF8TANBgkqhkiG
9w0BAQsFAAOCAQEAdmSrgzcdMiQKh1PcaVdy40IYLbtDsUG7YzMU+Ba+X4ZSpuqz
WQgTvPqe25XO74R2GlanwPnZzMyceMobjYThc7yjckVMtIjTP9mUjn26pMX5Wn+b
On83IwRoIcQBTqZQfuETIPngcJkLaJ43Vcxr7kbZx03z89HpaNI1bC1Zji4fw0H7
xVDcqwHd6g9oy4oCqFwKFX3LoZCOqQEiUjTjeTUOpX+f9mlmVoxNnaKCZbl0DO/K
4EclGOoK+BAz44Ic5RfiA1FyYLIl69Nmqkjti7Pxn9rAfmuop2ye085tlorVTN38
ZnpxmrPOLAbw0BKUKO8e/dZa5GYx2WKZ5TMTfg==
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:18:13 2026 by rpki-client