Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/0Hi1ARM6YdHR635BjkbmQXIIeaY.roa
File: 0Hi1ARM6YdHR635BjkbmQXIIeaY.roa (raw, json)
Hash identifier: uqdk5JESW21KQoxuuRx7U0sUvzVO/rEE1MEj4EEFx0M=
Subject key identifier: D0:78:B5:01:13:3A:61:D1:D1:EB:7E:41:8E:46:E6:41:72:08:79:A6
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019A05429F290D5099306E30BC5E59477324
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/0Hi1ARM6YdHR635BjkbmQXIIeaY.roa
Signing time: Tue 21 Oct 2025 05:34:03 +0000
ROA not before: Tue 21 Oct 2025 05:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 144.56.37.0/24 maxlen: 24
144.56.86.0/24 maxlen: 24
144.56.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:42:9f:29:0d:50:99:30:6e:30:bc:5e:59:47:73:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Oct 21 05:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d078b501133a61d1d1eb7e418e46e641720879a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:73:31:d9:7b:e2:db:b7:d6:b4:d7:a2:66:
f5:72:e0:78:3a:e2:fa:0d:4c:3f:76:d5:5b:ae:a0:
92:b1:07:9d:4c:35:bc:ab:89:5e:d2:d0:4c:8c:a9:
98:c8:03:7e:ec:70:d0:4b:24:10:62:50:bc:6a:b7:
46:47:8e:66:6a:1b:0a:37:50:7e:d0:90:bf:b4:40:
dd:16:1e:f3:49:2f:5b:c2:3e:a9:a5:58:32:90:ca:
27:42:19:49:d6:5d:49:17:55:65:bb:01:6c:4c:ae:
04:0e:1e:b1:f5:c8:ed:ab:af:f4:43:58:be:3e:ed:
6f:0e:03:bb:33:51:20:79:63:d2:7a:2d:27:b3:49:
89:e9:32:c2:fd:ce:06:ec:b3:69:36:a2:2b:79:d9:
95:42:bf:8e:b0:dc:55:d2:34:5b:79:1a:c2:11:dc:
3f:4c:8f:4d:fd:4a:15:b9:2e:7d:82:c1:28:04:23:
8f:94:10:fa:8b:36:a1:f8:77:1b:a1:4d:88:2d:18:
d0:63:6f:5a:26:78:4b:81:1d:fc:5b:d5:d8:38:d4:
eb:d4:d9:c6:6a:17:4c:09:ba:aa:8c:ed:98:59:16:
55:8f:29:a4:ba:d2:f1:d2:c5:6d:b2:27:18:ef:55:
4f:74:21:b9:e8:66:9e:08:a2:56:0d:64:36:4e:74:
60:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:78:B5:01:13:3A:61:D1:D1:EB:7E:41:8E:46:E6:41:72:08:79:A6
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/0Hi1ARM6YdHR635BjkbmQXIIeaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.37.0/24
144.56.86.0/24
144.56.107.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:8f:ac:6f:2e:8d:26:30:b7:8e:8e:1d:a6:87:48:a7:ea:93:
7a:11:a3:63:ec:c2:1e:7b:44:7f:0c:1a:8e:06:91:2a:5c:5d:
95:2b:27:6b:8b:ef:d3:e8:6b:3b:66:f5:b1:9f:1e:f6:be:66:
63:1d:ac:54:c5:90:9c:16:95:90:2a:6d:3f:89:ca:7a:a7:6b:
41:2c:ed:2d:c9:28:ef:ee:95:a0:1b:67:7a:b7:60:43:61:60:
ce:c2:a5:0d:39:b3:7b:67:a7:41:32:c5:be:dc:c0:88:a0:7c:
75:cb:2d:e5:c4:85:a0:c4:ec:01:4c:b6:85:18:80:6f:ec:6c:
f0:73:bc:d0:fa:69:89:f8:cc:3e:46:ce:91:1b:6c:e3:49:f6:
2f:65:1e:57:96:f0:fd:44:b5:64:49:b5:44:d4:c5:e5:03:b6:
3f:e4:fd:07:fb:04:eb:f0:8b:42:a1:55:51:67:e1:e5:85:63:
1b:d4:c6:3e:de:71:31:9a:79:51:b5:77:04:76:48:38:f3:2b:
4e:ce:d1:63:46:18:e7:ac:5e:f3:8d:15:4c:db:59:56:c9:35:
7c:d8:8e:cf:ad:e9:26:31:1b:6a:06:df:0a:4c:67:3d:30:b3:
64:bd:a9:d7:cc:d3:ac:ef:dd:83:31:aa:80:68:15:c4:e6:64:
82:7d:d9:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoFQp8pDVCZMG4wvF5ZR3MkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUxMDIxMDUzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc4YjUwMTEzM2E2MWQxZDFlYjdlNDE4ZTQ2ZTY0MTcyMDg3OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF9zMdl74tu31rTXomb1cuB4OuL6
DUw/dtVbrqCSsQedTDW8q4le0tBMjKmYyAN+7HDQSyQQYlC8ardGR45mahsKN1B+
0JC/tEDdFh7zSS9bwj6ppVgykMonQhlJ1l1JF1VluwFsTK4EDh6x9cjtq6/0Q1i+
Pu1vDgO7M1EgeWPSei0ns0mJ6TLC/c4G7LNpNqIredmVQr+OsNxV0jRbeRrCEdw/
TI9N/UoVuS59gsEoBCOPlBD6izah+HcboU2ILRjQY29aJnhLgR38W9XYONTr1NnG
ahdMCbqqjO2YWRZVjymkutLx0sVtsicY71VPdCG56GaeCKJWDWQ2TnRgYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNB4tQETOmHR0et+QY5G5kFyCHmmMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvMEhpMUFSTTZZZEhSNjM1QmprYm1RWElJZWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkDglAwQA
kDhWAwQAkDhrMA0GCSqGSIb3DQEBCwUAA4IBAQCzj6xvLo0mMLeOjh2mh0in6pN6
EaNj7MIee0R/DBqOBpEqXF2VKydri+/T6Gs7ZvWxnx72vmZjHaxUxZCcFpWQKm0/
icp6p2tBLO0tySjv7pWgG2d6t2BDYWDOwqUNObN7Z6dBMsW+3MCIoHx1yy3lxIWg
xOwBTLaFGIBv7Gzwc7zQ+mmJ+Mw+Rs6RG2zjSfYvZR5XlvD9RLVkSbVE1MXlA7Y/
5P0H+wTr8ItCoVVRZ+HlhWMb1MY+3nExmnlRtXcEdkg48ytOztFjRhjnrF7zjRVM
21lWyTV82I7PrekmMRtqBt8KTGc9MLNkvanXzNOs792DMaqAaBXE5mSCfdna
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:02:30 2025 by rpki-client