Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pJybTlcl-Gp8Q9VaqtOsSCtrYB0.roa
File: pJybTlcl-Gp8Q9VaqtOsSCtrYB0.roa (raw, json)
Hash identifier: LyHa+5WL+38pMqs8B1+f7yTqDnDIP2qfxyfzP4XU+5Q=
Subject key identifier: A4:9C:9B:4E:57:25:F8:6A:7C:43:D5:5A:AA:D3:AC:48:2B:6B:60:1D
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019CAF059F4BABE904FC661324956F712468
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pJybTlcl-Gp8Q9VaqtOsSCtrYB0.roa
Signing time: Mon 02 Mar 2026 14:48:27 +0000
ROA not before: Mon 02 Mar 2026 14:48:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 163.5.14.0/24 maxlen: 24
163.5.28.0/24 maxlen: 24
163.5.29.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.54.0/24 maxlen: 24
163.5.58.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.91.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.102.0/24 maxlen: 24
163.5.104.0/24 maxlen: 24
163.5.109.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.125.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.150.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.180.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.195.0/24 maxlen: 24
163.5.196.0/24 maxlen: 24
163.5.197.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.237.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 14:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:05:9f:4b:ab:e9:04:fc:66:13:24:95:6f:71:24:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 2 14:48:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a49c9b4e5725f86a7c43d55aaad3ac482b6b601d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bf:e6:52:c9:a6:d1:9c:f6:00:a5:df:4c:d1:
19:e3:45:d2:c7:5f:ba:fd:69:22:37:4c:80:b2:0a:
5f:1a:e9:7c:ae:9c:f3:5d:cf:c8:ab:66:42:30:3d:
12:b2:98:dc:85:32:b6:07:38:1d:4c:3f:e5:87:2e:
74:44:e7:ff:ac:ff:19:2d:d6:93:3a:0a:aa:8c:cb:
dc:62:e1:c3:34:88:a7:67:ea:36:51:c6:15:ee:62:
3e:22:dc:c9:70:1e:a6:b2:b9:bf:5e:dc:0a:4e:4c:
f9:ca:e2:f5:1c:96:91:30:39:71:f2:b4:5c:1b:62:
e3:dd:14:8a:53:38:17:01:8e:07:1b:02:db:68:57:
ab:6d:a0:27:8a:e8:e6:31:da:7b:3a:4f:dd:a5:44:
db:e2:50:cf:8a:6c:f6:82:0e:f6:86:88:67:47:ac:
41:b1:77:c2:74:d3:02:61:5b:f3:7c:91:7c:a5:16:
85:23:9c:a1:4f:12:82:45:d4:c7:2b:af:d4:0f:57:
d5:b5:0e:17:68:cd:ef:ae:b7:dd:e0:5d:a3:5f:cc:
cd:94:f3:8f:b7:33:83:74:ab:f9:f4:de:9f:1e:5f:
aa:4d:6f:e1:32:39:3e:fd:6e:8a:72:9e:4e:16:e5:
78:bd:dd:39:90:11:42:48:42:a5:2e:11:e1:21:8e:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9C:9B:4E:57:25:F8:6A:7C:43:D5:5A:AA:D3:AC:48:2B:6B:60:1D
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/pJybTlcl-Gp8Q9VaqtOsSCtrYB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.14.0/24
163.5.28.0/22
163.5.54.0/24
163.5.58.0/23
163.5.91.0/24
163.5.97.0/24
163.5.102.0/24
163.5.104.0/24
163.5.109.0/24
163.5.112.0/24
163.5.118.0/23
163.5.121.0/24
163.5.125.0/24
163.5.129.0/24
163.5.139.0/24
163.5.143.0/24
163.5.146.0/24
163.5.150.0/23
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.180.0/24
163.5.186.0/24
163.5.192.0/24
163.5.195.0-163.5.197.255
163.5.201.0/24
163.5.203.0/24
163.5.205.0/24
163.5.216.0/24
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.237.0/24
163.5.241.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:94:52:c0:0c:f0:d2:0a:de:ed:5a:67:4d:f0:63:f9:ba:80:
4b:92:37:7e:1a:77:dc:29:72:c9:16:e2:20:b4:9e:e2:f9:6e:
2d:05:46:33:5b:f9:93:e8:23:24:bd:7d:c0:19:e8:ca:6f:64:
17:2d:fb:d7:b5:ab:e4:bf:e8:60:bd:e9:85:70:b9:32:d6:16:
79:16:15:54:3b:99:f6:7f:ca:8b:25:08:07:85:3d:f9:9f:a9:
0e:fc:b9:87:d8:a1:b8:27:9a:60:c1:87:39:69:9f:62:27:38:
15:a7:fb:75:64:43:8b:31:ed:63:2c:52:68:96:8b:63:b9:c1:
e7:9e:5a:f7:7f:00:db:2d:38:9c:e0:ba:50:12:ba:32:0c:0e:
2d:b0:52:74:95:7d:e1:12:14:c1:cf:10:cc:41:d0:1e:23:6a:
61:3f:2c:05:1a:10:e5:9c:ea:16:9f:2d:5b:39:8d:d0:dc:8e:
4b:f2:1c:1f:e3:39:ba:43:73:50:f8:c9:49:a1:ce:de:49:15:
94:a1:0a:8b:60:4d:7a:33:4b:bb:57:6f:73:09:d6:39:af:22:
4c:05:67:6b:c5:6d:3a:ea:b0:8c:a3:38:bf:38:74:99:51:88:
77:31:80:61:0a:2a:fa:d4:31:a9:76:a3:88:1f:c3:fe:34:a7:
a5:5b:48:81
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZyvBZ9Lq+kE/GYTJJVvcSRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjYwMzAyMTQ0ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDljOWI0ZTU3MjVmODZhN2M0M2Q1NWFhYWQzYWM0ODJiNmI2MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlb/mUsmm0Zz2AKXfTNEZ40XSx1+6
/WkiN0yAsgpfGul8rpzzXc/Iq2ZCMD0SspjchTK2BzgdTD/lhy50ROf/rP8ZLdaT
OgqqjMvcYuHDNIinZ+o2UcYV7mI+ItzJcB6msrm/XtwKTkz5yuL1HJaRMDlx8rRc
G2Lj3RSKUzgXAY4HGwLbaFerbaAniujmMdp7Ok/dpUTb4lDPimz2gg72hohnR6xB
sXfCdNMCYVvzfJF8pRaFI5yhTxKCRdTHK6/UD1fVtQ4XaM3vrrfd4F2jX8zNlPOP
tzODdKv59N6fHl+qTW/hMjk+/W6Kcp5OFuV4vd05kBFCSEKlLhHhIY62WQIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFKScm05XJfhqfEPVWqrTrEgra2AdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcEp5YlRsY2wtR3A4UTlWYXF0T3NTQ3RyWUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCB5wQCAAEwgeADBACj
BQ4DBAKjBRwDBACjBTYDBAGjBToDBACjBVsDBACjBWEDBACjBWYDBACjBWgDBACj
BW0DBACjBXADBAGjBXYDBACjBXkDBACjBX0DBACjBYEDBACjBYsDBACjBY8DBACj
BZIDBAGjBZYDBACjBaADBACjBacDBACjBa8DBACjBbIDBACjBbQDBACjBboDBACj
BcAwDAMEAKMFwwMEAaMFxAMEAKMFyQMEAKMFywMEAKMFzQMEAKMF2AMEAKMF2gME
AKMF4AMEAKMF5AMEAKMF6QMEAKMF7QMEAKMF8TANBgkqhkiG9w0BAQsFAAOCAQEA
s5RSwAzw0gre7VpnTfBj+bqAS5I3fhp33ClyyRbiILSe4vluLQVGM1v5k+gjJL19
wBnoym9kFy3717Wr5L/oYL3phXC5MtYWeRYVVDuZ9n/KiyUIB4U9+Z+pDvy5h9ih
uCeaYMGHOWmfYic4Faf7dWRDizHtYyxSaJaLY7nB555a938A2y04nOC6UBK6MgwO
LbBSdJV94RIUwc8QzEHQHiNqYT8sBRoQ5ZzqFp8tWzmN0NyOS/IcH+M5ukNzUPjJ
SaHO3kkVlKEKi2BNejNLu1dvcwnWOa8iTAVna8VtOuqwjKM4vzh0mVGIdzGAYQoq
+tQxqXajiB/D/jSnpVtIgQ==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:39:20 2026 by rpki-client