Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/nfwXLaa85PC-1c7VMk7rOkw_-kg.roa
File: nfwXLaa85PC-1c7VMk7rOkw_-kg.roa (raw, json)
Hash identifier: gQAkAYEgr329mA4EnpTCM1JOzdPYMZwZfd+KXQs7Zh4=
Subject key identifier: 9D:FC:17:2D:A6:BC:E4:F0:BE:D5:CE:D5:32:4E:EB:3A:4C:3F:FA:48
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01976B24B84833B7D8AC667D3D4B7BF2EB4D
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/nfwXLaa85PC-1c7VMk7rOkw_-kg.roa
Signing time: Fri 13 Jun 2025 21:14:17 +0000
ROA not before: Fri 13 Jun 2025 21:14:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 144.56.54.0/24 maxlen: 24
144.56.74.0/24 maxlen: 24
144.56.75.0/24 maxlen: 24
144.56.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6b:24:b8:48:33:b7:d8:ac:66:7d:3d:4b:7b:f2:eb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 13 21:14:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dfc172da6bce4f0bed5ced5324eeb3a4c3ffa48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:1a:68:fa:b9:47:e0:89:93:0c:d1:d1:62:
01:b5:22:d4:49:ef:39:26:92:a2:21:19:c1:90:df:
97:02:ff:7b:4d:86:f1:80:b9:cb:d0:26:3a:64:ea:
82:37:a7:f0:a1:6b:c0:bc:36:e1:96:ca:d1:d6:65:
a8:b7:6a:bb:c6:c0:ee:3d:a2:a9:fe:9d:be:f9:0a:
f7:b5:64:7d:b4:4d:7f:d9:ef:34:bf:b7:2e:bb:fc:
43:79:f5:44:bb:dd:dc:38:89:43:2b:3f:78:33:10:
66:4a:e0:52:bb:54:34:ea:05:53:92:0c:87:a6:a1:
32:b5:ef:3d:b7:9f:01:8b:85:72:03:f1:5d:ff:f5:
ca:87:c8:c2:5a:1b:54:f6:fb:fd:0b:51:88:7d:e1:
a9:4e:f0:c3:e7:b3:4a:19:8a:d1:52:86:da:fd:f0:
fa:08:2c:6d:8b:65:b6:df:4d:d9:8b:ad:4b:94:1c:
e4:a9:26:bd:ff:98:f8:1a:83:a3:a1:17:2c:a3:37:
00:2d:e9:cc:31:14:5d:d7:e4:df:ce:ef:b9:11:d3:
74:f7:ec:98:69:d0:7b:0d:32:63:07:ed:4f:73:25:
67:36:dd:2d:d7:96:09:1b:b3:df:c3:f6:04:45:45:
7d:79:e1:d1:89:da:08:bd:61:05:d5:82:ee:b5:6a:
df:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FC:17:2D:A6:BC:E4:F0:BE:D5:CE:D5:32:4E:EB:3A:4C:3F:FA:48
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/nfwXLaa85PC-1c7VMk7rOkw_-kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.54.0/24
144.56.74.0/23
144.56.77.0/24
Signature Algorithm: sha256WithRSAEncryption
90:01:71:5f:4a:aa:04:e7:3b:8c:e3:6f:e3:d6:71:c7:e6:b8:
63:ea:b3:b0:80:9f:8d:3a:a3:f4:6a:40:ab:62:8f:fc:d2:4c:
e5:bb:0a:d8:c2:e0:85:56:aa:3d:af:a0:0e:54:3e:50:e9:86:
ed:ca:b9:40:3e:5d:09:d8:27:0a:1c:f8:ae:a9:8f:4b:2f:44:
8b:96:5e:f8:86:1b:51:df:1c:d9:cb:6a:c3:f9:da:44:b7:fb:
e6:e8:79:fa:56:4f:ee:81:49:6a:21:98:16:e4:64:a5:1c:f7:
89:b7:20:29:8b:d3:be:3f:c0:84:53:e5:0f:ff:09:2a:9f:46:
d3:2e:c2:34:dd:43:50:c0:ad:7a:1a:ef:05:c1:2e:07:e0:18:
5a:e6:d1:89:55:0a:e9:b9:4c:c0:e0:73:4d:48:24:48:7a:af:
0a:04:d5:eb:76:9f:6d:68:73:98:06:ca:01:c6:ed:a2:4e:26:
22:59:97:c0:00:e1:20:ab:a4:5e:0f:59:6d:0b:52:b4:62:9f:
50:5e:5d:95:f7:57:a8:6e:2e:9c:c1:f2:97:a2:8a:c5:3e:d9:
90:61:32:99:c6:60:d3:09:65:9b:8c:f0:45:09:71:a7:54:8d:
4d:78:88:dd:8f:fa:7d:18:07:b0:1c:ce:c6:a3:f5:c9:00:e1:
b3:ca:af:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdrJLhIM7fYrGZ9PUt78utNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjEzMjExNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZjMTcyZGE2YmNlNGYwYmVkNWNlZDUzMjRlZWIzYTRjM2ZmYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmboaaPq5R+CJkwzR0WIBtSLUSe85
JpKiIRnBkN+XAv97TYbxgLnL0CY6ZOqCN6fwoWvAvDbhlsrR1mWot2q7xsDuPaKp
/p2++Qr3tWR9tE1/2e80v7cuu/xDefVEu93cOIlDKz94MxBmSuBSu1Q06gVTkgyH
pqEyte89t58Bi4VyA/Fd//XKh8jCWhtU9vv9C1GIfeGpTvDD57NKGYrRUoba/fD6
CCxti2W2303Zi61LlBzkqSa9/5j4GoOjoRcsozcALenMMRRd1+Tfzu+5EdN09+yY
adB7DTJjB+1PcyVnNt0t15YJG7Pfw/YERUV9eeHRidoIvWEF1YLutWrf9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ38Fy2mvOTwvtXO1TJO6zpMP/pIMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvbmZ3WExhYTg1UEMtMWM3Vk1rN3JPa3dfLWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkDg2AwQB
kDhKAwQAkDhNMA0GCSqGSIb3DQEBCwUAA4IBAQCQAXFfSqoE5zuM42/j1nHH5rhj
6rOwgJ+NOqP0akCrYo/80kzluwrYwuCFVqo9r6AOVD5Q6YbtyrlAPl0J2CcKHPiu
qY9LL0SLll74hhtR3xzZy2rD+dpEt/vm6Hn6Vk/ugUlqIZgW5GSlHPeJtyApi9O+
P8CEU+UP/wkqn0bTLsI03UNQwK16Gu8FwS4H4Bha5tGJVQrpuUzA4HNNSCRIeq8K
BNXrdp9taHOYBsoBxu2iTiYiWZfAAOEgq6ReD1ltC1K0Yp9QXl2V91eobi6cwfKX
oorFPtmQYTKZxmDTCWWbjPBFCXGnVI1NeIjdj/p9GAewHM7Go/XJAOGzyq+4
-----END CERTIFICATE-----
Generated at Thu Jun 19 00:51:37 2025 by rpki-client