Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Vi0tQBHwoMxUWkvZJQOXAjvua3g.roa
File: Vi0tQBHwoMxUWkvZJQOXAjvua3g.roa (raw, json)
Hash identifier: XVR5Vh1TDH7ai92z29/FWQoF7PE/ZxcAaFQCZWHNaDY=
Subject key identifier: 56:2D:2D:40:11:F0:A0:CC:54:5A:4B:D9:25:03:97:02:3B:EE:6B:78
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019739F0E439196A9AC49827734158FEA229
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Vi0tQBHwoMxUWkvZJQOXAjvua3g.roa
Signing time: Wed 04 Jun 2025 07:56:17 +0000
ROA not before: Wed 04 Jun 2025 07:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.40.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:39:f0:e4:39:19:6a:9a:c4:98:27:73:41:58:fe:a2:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 4 07:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=562d2d4011f0a0cc545a4bd9250397023bee6b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:04:35:11:df:ef:31:83:98:d9:af:aa:7f:64:
bc:6f:47:29:fb:ed:26:1b:29:8e:78:39:75:a4:34:
3f:5b:47:83:dc:a6:c2:fe:95:a4:dc:15:0d:60:a0:
0f:c5:e2:aa:e0:a4:fe:f6:bd:10:c7:62:fb:ab:67:
ef:e9:af:b9:0e:d4:0a:83:94:4f:84:6d:e9:4b:00:
82:67:e8:98:99:a8:e1:5b:eb:ae:eb:7f:33:00:9d:
43:ec:93:23:a5:2a:e3:7c:9d:10:43:ef:7b:61:3b:
5d:2b:83:6a:10:c9:80:39:9f:03:9c:96:8c:89:1e:
df:5f:57:97:dc:17:f5:f7:7e:3b:27:c6:dc:52:e0:
a3:8e:34:4a:61:55:d6:a6:e0:ec:e4:18:0c:b8:ae:
7b:54:fe:83:9a:bf:20:0f:a4:31:ad:a4:f3:e7:10:
2b:ff:2a:4b:c6:c3:c5:70:f7:66:bd:f8:f1:f9:9e:
d7:ca:69:e4:0b:59:ff:1f:2c:53:a2:e1:b0:c1:69:
d9:63:b6:59:01:65:a1:49:cb:93:21:4a:c3:37:ee:
b5:05:65:25:cf:62:81:13:9c:53:b4:63:a0:ee:55:
9e:0d:1c:37:85:73:19:25:20:7e:9e:19:a4:97:2c:
93:2a:84:ad:89:3f:d4:37:e0:63:6d:70:f6:c0:11:
a7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:2D:2D:40:11:F0:A0:CC:54:5A:4B:D9:25:03:97:02:3B:EE:6B:78
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Vi0tQBHwoMxUWkvZJQOXAjvua3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.23.0/24
144.56.36.0/24
144.56.38.0/24
144.56.40.0/24
144.56.76.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:63:4f:c5:7f:c7:fd:eb:85:c1:37:c5:e3:9f:42:e9:7c:d7:
02:f8:a8:ce:49:01:d1:97:db:89:9c:03:28:72:05:b1:04:b9:
ae:d1:25:6e:c3:20:83:85:94:19:cf:f7:fd:fd:e1:16:b2:39:
fc:d3:3f:81:70:c7:5c:b6:da:cd:17:ee:e3:c3:73:3e:b6:70:
aa:51:74:bf:3c:c8:d9:21:b7:ef:bf:0f:76:d6:82:df:43:b7:
13:5b:17:6b:78:aa:ba:91:f7:24:ad:f6:ba:eb:4c:b4:10:4e:
f5:fe:18:ff:04:a6:e6:59:be:55:a5:ce:d5:9d:77:e8:81:21:
2f:ff:6a:90:d9:58:74:64:22:2f:4d:cc:b7:0a:61:13:70:9e:
9f:cf:ea:cc:ae:bb:18:9c:61:5d:d6:f5:b0:fd:35:08:ab:88:
d1:dd:5b:59:d2:69:b7:b3:1b:8b:28:5e:d8:e7:64:2d:b1:6c:
f7:fb:7f:a1:7a:c5:fa:bd:6e:c1:e7:14:ba:72:db:22:65:c0:
ef:5a:06:4e:93:33:58:63:01:06:21:d0:39:aa:d6:57:25:99:
6e:21:06:ec:ab:91:a0:1a:af:de:be:95:5c:66:70:13:63:ef:
40:16:58:4c:c4:75:61:de:af:b9:51:b5:77:09:37:ad:18:5a:
e1:9d:b0:be
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZc58OQ5GWqaxJgnc0FY/qIpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjA0MDc1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjJkMmQ0MDExZjBhMGNjNTQ1YTRiZDkyNTAzOTcwMjNiZWU2Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQQ1Ed/vMYOY2a+qf2S8b0cp++0m
GymOeDl1pDQ/W0eD3KbC/pWk3BUNYKAPxeKq4KT+9r0Qx2L7q2fv6a+5DtQKg5RP
hG3pSwCCZ+iYmajhW+uu638zAJ1D7JMjpSrjfJ0QQ+97YTtdK4NqEMmAOZ8DnJaM
iR7fX1eX3Bf19347J8bcUuCjjjRKYVXWpuDs5BgMuK57VP6Dmr8gD6QxraTz5xAr
/ypLxsPFcPdmvfjx+Z7XymnkC1n/HyxTouGwwWnZY7ZZAWWhScuTIUrDN+61BWUl
z2KBE5xTtGOg7lWeDRw3hXMZJSB+nhmklyyTKoStiT/UN+BjbXD2wBGnswIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFYtLUAR8KDMVFpL2SUDlwI77mt4MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvVmkwdFFCSHdvTXhVV2t2WkpRT1hBanZ1YTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAkDgNAwQA
kDgXAwQAkDgkAwQAkDgmAwQAkDgoAwQAkDhMMA0GCSqGSIb3DQEBCwUAA4IBAQBq
Y0/Ff8f964XBN8Xjn0LpfNcC+KjOSQHRl9uJnAMocgWxBLmu0SVuwyCDhZQZz/f9
/eEWsjn80z+BcMdcttrNF+7jw3M+tnCqUXS/PMjZIbfvvw921oLfQ7cTWxdreKq6
kfckrfa660y0EE71/hj/BKbmWb5Vpc7VnXfogSEv/2qQ2Vh0ZCIvTcy3CmETcJ6f
z+rMrrsYnGFd1vWw/TUIq4jR3VtZ0mm3sxuLKF7Y52QtsWz3+3+hesX6vW7B5xS6
ctsiZcDvWgZOkzNYYwEGIdA5qtZXJZluIQbsq5GgGq/evpVcZnATY+9AFlhMxHVh
3q+5UbV3CTetGFrhnbC+
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:27:44 2025 by rpki-client