Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YH8h83c19KVT3GdL58S_CQj6_Bs.roa
File: YH8h83c19KVT3GdL58S_CQj6_Bs.roa (raw, json)
Hash identifier: 4W1Ma1sJOKiLHsC3QdTpmToJSK7AF3R+k0D++E9soNg=
Subject key identifier: 60:7F:21:F3:77:35:F4:A5:53:DC:67:4B:E7:C4:BF:09:08:FA:FC:1B
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019670E61F32914CA0276915BB2820D6CF74
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YH8h83c19KVT3GdL58S_CQj6_Bs.roa
Signing time: Sat 26 Apr 2025 07:00:51 +0000
ROA not before: Sat 26 Apr 2025 07:00:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.0.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 07:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:70:e6:1f:32:91:4c:a0:27:69:15:bb:28:20:d6:cf:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 26 07:00:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=607f21f37735f4a553dc674be7c4bf0908fafc1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:59:52:30:b6:89:7f:7d:43:06:91:a7:52:5f:
3c:1d:54:18:f5:cc:bc:36:02:5b:97:65:4a:99:0e:
d1:b5:8b:52:d7:d4:ad:72:89:a1:0f:2b:de:94:b3:
f1:8b:0f:f0:e4:3d:c8:52:63:85:15:dc:2a:88:05:
cf:3a:16:57:4c:f7:c0:16:a8:48:27:23:e9:de:f2:
c7:e0:7d:1e:54:35:6b:8f:8f:58:ca:08:4b:5a:94:
bd:bf:d2:1d:02:92:20:4a:b1:ea:76:f0:bd:3c:0d:
06:2b:03:dd:78:e3:d6:b0:29:1f:6d:2c:25:4b:2a:
43:9d:1a:87:15:3b:e9:f4:51:96:ad:94:fe:e0:18:
60:3d:b5:72:a6:c4:07:f6:b7:ef:36:66:83:72:3b:
8a:53:91:5f:e6:51:98:1a:2e:a5:d8:33:7d:25:e3:
aa:9a:ed:3b:58:71:79:0f:cb:82:7b:ee:f3:30:b2:
ad:d1:29:3d:c6:41:39:41:7a:49:38:0d:39:e6:56:
cd:f7:45:d7:40:0a:68:bc:58:4c:1a:cc:d7:d5:7a:
d9:e2:0d:02:57:a5:6b:91:c4:d8:de:55:43:bd:2c:
46:8a:a8:62:a2:d7:4d:fb:aa:25:72:07:e5:b5:eb:
73:6e:3f:23:0e:60:ff:89:a4:24:8c:f1:3c:f7:00:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:7F:21:F3:77:35:F4:A5:53:DC:67:4B:E7:C4:BF:09:08:FA:FC:1B
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/YH8h83c19KVT3GdL58S_CQj6_Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.0.0/24
144.56.13.0/24
144.56.17.0/24
144.56.20.0/24
144.56.24.0/24
144.56.27.0/24
144.56.31.0/24
144.56.33.0-144.56.34.255
Signature Algorithm: sha256WithRSAEncryption
bb:54:d4:15:9c:1e:42:5b:21:76:02:9d:5c:44:7f:07:a9:35:
03:1e:69:cc:d7:30:e9:1f:2c:1b:56:8b:9b:21:e2:cb:23:d7:
ea:ac:12:e3:d9:64:c6:1d:dd:7e:b6:dc:5e:a0:aa:d6:7d:b6:
d5:49:34:bd:e2:07:48:ef:36:7d:65:7e:87:38:89:f6:12:fb:
73:c4:6e:57:9f:7e:9c:a3:fb:44:94:68:23:61:07:6f:a4:99:
e0:08:f5:62:de:c7:7d:8d:77:74:6d:26:1a:8c:63:e7:3a:56:
b6:e7:5f:9e:16:51:ea:51:bc:2b:3f:b0:9d:d1:e4:cd:c8:6a:
e8:27:61:8a:c3:88:ec:34:e9:4a:a3:51:cc:13:3e:c9:dd:76:
70:72:31:7b:ff:94:da:78:bf:fe:9b:dc:10:d2:25:42:b0:91:
8e:4b:c0:e4:f8:a3:8a:38:cf:c2:8a:93:8d:e9:dd:92:93:df:
da:b3:8f:f6:1d:59:33:b0:b8:a8:53:c9:5a:48:98:10:9f:dd:
bb:03:c4:c2:35:54:18:84:95:06:2b:77:64:08:39:21:da:28:
26:6c:12:4b:98:74:c2:4d:73:c2:34:bb:83:21:b5:86:b6:fc:
c4:39:ce:33:d7:89:6f:98:f0:1e:fd:ae:06:cf:75:35:88:b0:
aa:15:66:5a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZZw5h8ykUygJ2kVuygg1s90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNDI2MDcwMDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDdmMjFmMzc3MzVmNGE1NTNkYzY3NGJlN2M0YmYwOTA4ZmFmYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1lSMLaJf31DBpGnUl88HVQY9cy8
NgJbl2VKmQ7RtYtS19StcomhDyvelLPxiw/w5D3IUmOFFdwqiAXPOhZXTPfAFqhI
JyPp3vLH4H0eVDVrj49YyghLWpS9v9IdApIgSrHqdvC9PA0GKwPdeOPWsCkfbSwl
SypDnRqHFTvp9FGWrZT+4BhgPbVypsQH9rfvNmaDcjuKU5Ff5lGYGi6l2DN9JeOq
mu07WHF5D8uCe+7zMLKt0Sk9xkE5QXpJOA055lbN90XXQApovFhMGszX1XrZ4g0C
V6VrkcTY3lVDvSxGiqhiotdN+6olcgfltetzbj8jDmD/iaQkjPE89wD/tQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGB/IfN3NfSlU9xnS+fEvwkI+vwbMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvWUg4aDgzYzE5S1ZUM0dkTDU4U19DUWo2X0JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAkDgAAwQA
kDgNAwQAkDgRAwQAkDgUAwQAkDgYAwQAkDgbAwQAkDgfMAwDBACQOCEDBACQOCIw
DQYJKoZIhvcNAQELBQADggEBALtU1BWcHkJbIXYCnVxEfwepNQMeaczXMOkfLBtW
i5sh4ssj1+qsEuPZZMYd3X623F6gqtZ9ttVJNL3iB0jvNn1lfoc4ifYS+3PEblef
fpyj+0SUaCNhB2+kmeAI9WLex32Nd3RtJhqMY+c6VrbnX54WUepRvCs/sJ3R5M3I
augnYYrDiOw06UqjUcwTPsnddnByMXv/lNp4v/6b3BDSJUKwkY5LwOT4o4o4z8KK
k43p3ZKT39qzj/YdWTOwuKhTyVpImBCf3bsDxMI1VBiElQYrd2QIOSHaKCZsEkuY
dMJNc8I0u4MhtYa2/MQ5zjPXiW+Y8B79rgbPdTWIsKoVZlo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:54:03 2025 by rpki-client