Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/p2oqcrVTplHu4mo_lRPqrhkXin0.roa
File: p2oqcrVTplHu4mo_lRPqrhkXin0.roa (raw, json)
Hash identifier: HnueGy98kJdrZiLw6MwMnbOvXwxCTg0BkoU4RdrjPQ8=
Subject key identifier: A7:6A:2A:72:B5:53:A6:51:EE:E2:6A:3F:95:13:EA:AE:19:17:8A:7D
Certificate issuer: /CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Certificate serial: 019CBD9B2353DEF107DBC798E8509C268DEB
Authority key identifier: 2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/p2oqcrVTplHu4mo_lRPqrhkXin0.roa
Signing time: Thu 05 Mar 2026 10:46:26 +0000
ROA not before: Thu 05 Mar 2026 10:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213705
IP address blocks: 153.51.32.0/22 maxlen: 24
153.51.36.0/22 maxlen: 24
153.51.40.0/24 maxlen: 24
153.51.42.0/24 maxlen: 24
153.51.47.0/24 maxlen: 24
153.51.48.0/24 maxlen: 24
153.51.49.0/24 maxlen: 24
153.51.51.0/24 maxlen: 24
153.51.52.0/22 maxlen: 24
153.51.56.0/22 maxlen: 24
153.51.60.0/22 maxlen: 24
153.51.96.0/22 maxlen: 22
153.51.100.0/22 maxlen: 22
153.51.104.0/22 maxlen: 22
153.51.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:9b:23:53:de:f1:07:db:c7:98:e8:50:9c:26:8d:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Validity
Not Before: Mar 5 10:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a76a2a72b553a651eee26a3f9513eaae19178a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:64:9e:11:42:50:a2:35:71:d3:cf:fe:8b:cf:
d2:93:b8:d1:96:c0:2f:96:fc:f6:43:49:8f:6c:30:
5e:d5:0c:7c:ee:d8:34:00:93:c7:f8:86:db:80:6b:
e2:2a:b4:3f:75:49:fe:f4:43:2b:2e:8a:2f:c7:db:
f9:ec:7a:75:95:aa:e7:4a:d0:9a:fa:9e:d3:be:8d:
a7:d7:63:39:9e:74:db:b2:60:95:b3:32:1f:bc:ab:
2c:da:9b:b0:e7:cb:07:6f:b0:f7:db:94:40:59:ab:
f5:81:af:4c:68:41:af:0d:b6:91:aa:3b:62:f5:24:
8f:91:9e:da:ed:18:5c:75:22:c0:4a:d9:ac:15:8c:
99:07:d6:28:35:fe:08:27:55:f4:d5:f3:64:6b:06:
d2:c8:ae:fc:bc:0b:0f:ab:15:b9:ba:11:b0:ec:4a:
0e:1d:fe:b5:2d:55:db:9a:84:e2:fa:fd:98:79:a2:
86:70:77:b8:da:81:93:fb:2e:17:9c:74:dd:cf:6d:
fa:b9:0c:95:ed:13:38:b9:09:65:0a:53:ac:42:82:
1f:dd:dd:c8:44:85:b4:d5:b4:d3:ff:f0:51:28:66:
66:d0:f1:fd:71:a5:ed:e5:66:4c:1b:3f:a1:c2:43:
65:07:1d:a3:29:68:b5:a1:87:bf:ca:0b:b6:97:24:
ba:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6A:2A:72:B5:53:A6:51:EE:E2:6A:3F:95:13:EA:AE:19:17:8A:7D
X509v3 Authority Key Identifier:
keyid:2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/p2oqcrVTplHu4mo_lRPqrhkXin0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.32.0-153.51.40.255
153.51.42.0/24
153.51.47.0-153.51.49.255
153.51.51.0-153.51.63.255
153.51.96.0/20
Signature Algorithm: sha256WithRSAEncryption
52:75:67:46:25:99:fe:63:6c:1f:0a:52:77:ac:5e:58:56:df:
c6:6c:9c:38:bd:6f:8e:19:1a:66:5c:bd:50:9e:54:ca:36:45:
27:11:26:9c:23:0f:3b:a4:a2:f8:82:f5:bf:6a:eb:41:ae:e6:
5b:d4:1c:9b:e1:17:1c:df:77:10:49:7f:9b:91:2c:72:de:30:
5b:23:58:2e:62:8c:a0:24:12:10:43:cd:7a:3b:30:4a:29:ff:
e2:9e:2a:dd:38:7c:d5:37:36:fc:dd:ad:7e:01:c4:95:08:3a:
98:d3:ad:b0:f0:5d:ab:b7:86:35:f3:63:bb:ab:ef:98:70:aa:
e3:0a:d4:ac:a4:b9:5b:a2:42:29:e0:65:96:be:c9:43:7c:36:
54:63:2e:fd:8e:cf:54:98:4e:8f:e9:6f:46:6a:c4:b8:1d:58:
d0:3a:4c:2b:4f:77:1d:8c:2c:2d:b7:28:a7:12:69:5a:c7:9a:
fa:4c:12:f5:82:14:35:d8:a4:29:4a:b9:4d:05:ce:9a:0e:80:
4e:12:54:47:25:7c:5f:28:50:4d:35:0c:b2:26:b5:e3:5d:af:
ce:9b:67:94:db:4d:4b:06:5d:6e:d3:97:11:84:9b:62:7e:82:
ce:2f:ed:17:26:e5:fa:2e:94:71:6e:ff:01:3c:46:eb:37:55:
13:d6:57:24
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZy9myNT3vEH28eY6FCcJo3rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMDdiZjNiNzMzYTVjM2E3MWQ5Y2E4YzM2MjY5NDhkZjcx
MjcwNWIwHhcNMjYwMzA1MTA0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzZhMmE3MmI1NTNhNjUxZWVlMjZhM2Y5NTEzZWFhZTE5MTc4YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2SeEUJQojVx08/+i8/Sk7jRlsAv
lvz2Q0mPbDBe1Qx87tg0AJPH+IbbgGviKrQ/dUn+9EMrLoovx9v57Hp1larnStCa
+p7Tvo2n12M5nnTbsmCVszIfvKss2puw58sHb7D325RAWav1ga9MaEGvDbaRqjti
9SSPkZ7a7RhcdSLAStmsFYyZB9YoNf4IJ1X01fNkawbSyK78vAsPqxW5uhGw7EoO
Hf61LVXbmoTi+v2YeaKGcHe42oGT+y4XnHTdz236uQyV7RM4uQllClOsQoIf3d3I
RIW01bTT//BRKGZm0PH9caXt5WZMGz+hwkNlBx2jKWi1oYe/ygu2lyS6kwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKdqKnK1U6ZR7uJqP5UT6q4ZF4p9MB8GA1UdIwQY
MBaAFCwHvztzOlw6cdnKjDYmlI33EnBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTkt
MTE5OWJiOTc5ZDVhLzEvcDJvcWNyVlRwbEh1NG1vX2xSUHFyaGtYaW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTktMTE5OWJiOTc5ZDVh
LzEvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAWZMyAD
BACZMygDBACZMyowDAMEAJkzLwMEAZkzMDAMAwQAmTMzAwQGmTMAAwQEmTNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSdWdGJZn+Y2wfClJ3rF5YVt/GbJw4vW+OGRpmXL1Q
nlTKNkUnESacIw87pKL4gvW/autBruZb1Byb4Rcc33cQSX+bkSxy3jBbI1guYoyg
JBIQQ816OzBKKf/inirdOHzVNzb83a1+AcSVCDqY062w8F2rt4Y182O7q++YcKrj
CtSspLlbokIp4GWWvslDfDZUYy79js9UmE6P6W9GasS4HVjQOkwrT3cdjCwttyin
Emlax5r6TBL1ghQ12KQpSrlNBc6aDoBOElRHJXxfKFBNNQyyJrXjXa/Om2eU201L
Bl1u05cRhJtifoLOL+0XJuX6LpRxbv8BPEbrN1UT1lck
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:17:16 2026 by rpki-client