Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dExblJXUgffLdiO89flK4CrlJIU.roa
File: dExblJXUgffLdiO89flK4CrlJIU.roa (raw, json)
Hash identifier: m8eltzh0kjld5UC7T6s+Z1DixO3tcV7GSnRpwh0NCxY=
Subject key identifier: 74:4C:5B:94:95:D4:81:F7:CB:76:23:BC:F5:F9:4A:E0:2A:E5:24:85
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019E89C40D5F944807AD366A913306ECE355
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dExblJXUgffLdiO89flK4CrlJIU.roa
Signing time: Tue 02 Jun 2026 19:16:27 +0000
ROA not before: Tue 02 Jun 2026 19:16:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.120.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.135.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.215.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 01:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:c4:0d:5f:94:48:07:ad:36:6a:91:33:06:ec:e3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jun 2 19:16:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=744c5b9495d481f7cb7623bcf5f94ae02ae52485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:45:0a:ec:15:82:fa:2b:7c:55:8f:33:dc:
2c:ab:47:7c:c8:1c:19:1f:1f:50:2c:09:2c:94:27:
c8:ab:a7:4a:45:88:d6:20:67:15:b0:31:b3:93:63:
5b:17:f3:aa:0f:09:89:7d:00:1f:b5:f3:6c:b2:7b:
a0:31:c2:d3:5a:e9:8e:c9:dc:84:5f:5c:f1:10:5e:
54:d2:49:cb:93:b2:91:c6:fb:7f:74:80:d3:fa:f3:
e3:74:d4:50:80:b6:53:00:bb:b5:6e:62:ba:13:3e:
dc:5d:95:25:9e:94:89:e7:ad:cf:78:ba:8c:88:11:
dc:49:a2:36:12:32:16:07:ba:69:07:8a:51:68:88:
d8:92:ee:1a:81:40:5b:b0:dc:5a:88:a7:1a:4b:f1:
44:31:f1:4e:be:d6:49:06:82:af:54:a9:7c:e6:62:
b4:13:ad:09:ad:0e:5b:30:2d:3d:57:3f:4b:4e:67:
3e:bb:f3:63:09:0b:a8:2f:37:7f:fd:34:dc:71:1a:
11:4c:26:68:a1:5c:a4:30:b5:f4:1c:37:61:dd:cc:
11:b8:36:cd:d1:2e:8e:51:1f:68:2e:62:9d:5c:25:
3d:b5:cf:4a:b6:c1:7f:36:cf:d8:4c:5d:33:67:06:
b5:21:8c:99:d6:53:8c:a5:38:2f:cd:c3:67:42:a9:
fd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:4C:5B:94:95:D4:81:F7:CB:76:23:BC:F5:F9:4A:E0:2A:E5:24:85
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/dExblJXUgffLdiO89flK4CrlJIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.59.0/24
163.5.66.0/24
163.5.112.0/24
163.5.120.0/23
163.5.125.0/24
163.5.129.0/24
163.5.135.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.167.0/24
163.5.178.0/24
163.5.182.0/24
163.5.196.0/24
163.5.215.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
72:65:30:dc:9d:64:b8:af:33:1f:47:6f:e4:a1:ec:7a:e9:6a:
90:5f:ec:76:49:79:f3:02:39:b5:44:b4:b2:7e:9e:5d:f6:53:
08:5d:78:6f:54:19:35:a0:e8:a7:24:ef:de:26:22:89:08:f1:
2d:41:a0:ce:c6:3a:3d:01:ae:50:12:1a:41:c2:3d:79:90:08:
a1:c6:26:e8:42:84:f0:ee:ab:3c:1a:32:9c:53:7d:29:dc:a8:
fe:44:11:cf:72:b1:bb:f3:3b:5f:b6:b5:69:67:29:c2:06:52:
7b:b4:1f:f2:b4:ea:77:53:42:83:46:da:cf:00:26:f2:49:ac:
30:0e:3c:c7:bb:24:f5:93:ac:4a:b7:70:21:89:f5:3b:62:f5:
da:5d:20:d3:d5:46:d6:35:8b:05:93:2b:e6:f0:e1:57:e2:e9:
bf:3e:71:f1:06:d7:56:e0:64:30:47:33:14:c4:15:37:33:e7:
fe:d4:a4:30:ea:cb:24:50:40:76:1b:35:71:82:c5:2a:1f:ec:
e7:2e:4b:18:70:e3:96:64:e6:9c:0b:21:bd:79:41:ca:c8:c8:
66:e3:93:e8:c0:35:a2:e6:d5:93:cf:3e:fa:a8:40:9e:8d:d1:
60:b8:ba:5c:1d:18:5c:f4:8f:80:2c:a6:5c:46:8b:2f:da:72:
e7:5d:0a:bd
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ6JxA1flEgHrTZqkTMG7ONVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwNjAyMTkxNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDRjNWI5NDk1ZDQ4MWY3Y2I3NjIzYmNmNWY5NGFlMDJhZTUyNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6xFCuwVgvorfFWPM9wsq0d8yBwZ
Hx9QLAkslCfIq6dKRYjWIGcVsDGzk2NbF/OqDwmJfQAftfNssnugMcLTWumOydyE
X1zxEF5U0knLk7KRxvt/dIDT+vPjdNRQgLZTALu1bmK6Ez7cXZUlnpSJ563PeLqM
iBHcSaI2EjIWB7ppB4pRaIjYku4agUBbsNxaiKcaS/FEMfFOvtZJBoKvVKl85mK0
E60JrQ5bMC09Vz9LTmc+u/NjCQuoLzd//TTccRoRTCZooVykMLX0HDdh3cwRuDbN
0S6OUR9oLmKdXCU9tc9KtsF/Ns/YTF0zZwa1IYyZ1lOMpTgvzcNnQqn96QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHRMW5SV1IH3y3YjvPX5SuAq5SSFMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZEV4YmxKWFVnZmZMZGlPODlmbEs0Q3JsSklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBACj
BSkDBACjBTsDBACjBUIDBACjBXADBAGjBXgDBACjBX0DBACjBYEDBACjBYcDBACj
BYsDBACjBY8DBACjBZIDBACjBZcDBACjBaADBACjBacDBACjBbIDBACjBbYDBACj
BcQDBACjBdcDBACjBdoDBACjBeADBACjBeQDBACjBekDBACjBfEwDQYJKoZIhvcN
AQELBQADggEBAHJlMNydZLivMx9Hb+Sh7HrpapBf7HZJefMCObVEtLJ+nl32Uwhd
eG9UGTWg6Kck794mIokI8S1BoM7GOj0BrlASGkHCPXmQCKHGJuhChPDuqzwaMpxT
fSncqP5EEc9ysbvzO1+2tWlnKcIGUnu0H/K06ndTQoNG2s8AJvJJrDAOPMe7JPWT
rEq3cCGJ9Tti9dpdINPVRtY1iwWTK+bw4Vfi6b8+cfEG11bgZDBHMxTEFTcz5/7U
pDDqyyRQQHYbNXGCxSof7OcuSxhw45Zk5pwLIb15QcrIyGbjk+jANaLm1ZPPPvqo
QJ6N0WC4ulwdGFz0j4AsplxGiy/acuddCr0=
-----END CERTIFICATE-----
Generated at Thu Jun 4 09:59:16 2026 by rpki-client