Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/oIZkbFh2rYt3XpJYVYkOZH0cDdI.roa
File: oIZkbFh2rYt3XpJYVYkOZH0cDdI.roa (raw, json)
Hash identifier: ij/8lRqxAhYsxBCOQ9wLcin0JCfdPrFZRBiaCoTZFyA=
Subject key identifier: A0:86:64:6C:58:76:AD:8B:77:5E:92:58:55:89:0E:64:7D:1C:0D:D2
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019A248195D0B9C4EB07DE245906E374E992
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/oIZkbFh2rYt3XpJYVYkOZH0cDdI.roa
Signing time: Mon 27 Oct 2025 07:11:03 +0000
ROA not before: Mon 27 Oct 2025 07:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214143
IP address blocks: 144.56.8.0/24 maxlen: 24
144.56.43.0/24 maxlen: 24
144.56.45.0/24 maxlen: 24
144.56.46.0/24 maxlen: 24
144.56.47.0/24 maxlen: 24
144.56.48.0/24 maxlen: 24
144.56.52.0/24 maxlen: 24
144.56.53.0/24 maxlen: 24
144.56.73.0/24 maxlen: 24
144.56.75.0/24 maxlen: 24
144.56.77.0/24 maxlen: 24
144.56.82.0/24 maxlen: 24
144.56.87.0/24 maxlen: 24
144.56.92.0/24 maxlen: 24
144.56.96.0/24 maxlen: 24
144.56.104.0/24 maxlen: 24
144.56.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:81:95:d0:b9:c4:eb:07:de:24:59:06:e3:74:e9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Oct 27 07:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a086646c5876ad8b775e925855890e647d1c0dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a0:0e:4f:73:6f:77:5c:07:83:f1:26:cc:01:
1c:df:4f:2a:25:d8:31:40:8a:30:b6:6b:37:04:85:
b6:30:8b:1c:e9:20:f5:0b:a0:44:3d:aa:9b:cc:d2:
63:f6:41:db:65:f3:eb:e3:97:48:b4:a5:2d:af:a6:
bc:db:a4:d4:6d:bd:7f:fc:8f:47:cb:83:5d:6a:07:
f7:8b:3e:ec:a8:e9:90:d5:ff:42:bf:2d:a2:ee:35:
c1:22:d5:df:87:0f:b0:a3:cf:b3:df:07:0c:bd:64:
ac:16:2b:be:87:9e:29:9f:14:8e:bb:15:b9:8a:1c:
51:51:29:af:c0:0d:6c:fd:13:59:9d:53:47:56:dc:
0d:c2:62:8d:52:3a:e2:1c:58:04:0c:80:8c:44:17:
92:c2:71:b2:75:c3:02:f3:5e:2b:77:9d:22:25:24:
54:fe:75:21:81:e4:65:e6:30:06:c9:7e:ca:d4:4b:
af:4c:9b:12:35:7b:5d:5f:37:ab:d0:69:83:e8:d8:
94:15:d5:a4:20:ab:30:a2:c5:2f:40:bd:8c:d4:59:
f6:7f:3d:7a:8a:7d:22:c2:0a:68:cb:b2:ee:74:55:
de:c6:80:82:f2:63:81:b0:bb:3f:8b:ff:21:c4:4b:
52:6d:3f:9e:5d:76:62:14:19:af:33:ec:54:c6:b5:
45:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:86:64:6C:58:76:AD:8B:77:5E:92:58:55:89:0E:64:7D:1C:0D:D2
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/oIZkbFh2rYt3XpJYVYkOZH0cDdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.8.0/24
144.56.43.0/24
144.56.45.0-144.56.48.255
144.56.52.0/23
144.56.73.0/24
144.56.75.0/24
144.56.77.0/24
144.56.82.0/24
144.56.87.0/24
144.56.92.0/24
144.56.96.0/24
144.56.104.0/24
144.56.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d3:51:53:22:00:9f:3c:75:5a:fd:56:ff:04:4f:12:a5:02:
bd:33:c5:d2:d2:d5:8d:de:45:13:31:f5:03:16:73:ee:ce:62:
c0:c2:39:ad:11:61:4e:7f:f1:48:21:4f:db:40:2c:c2:8f:60:
e7:88:7e:cd:d3:c0:0b:57:d4:fc:d5:3d:f5:46:5b:52:e4:51:
6f:87:a5:8e:f4:f8:d1:9f:7f:e1:04:74:44:d8:77:06:87:07:
31:6d:fa:25:9f:01:2f:fb:90:39:cd:44:ca:3c:e8:52:48:6a:
35:ad:fb:f6:8f:a2:84:da:b7:63:fa:be:44:48:31:04:5d:db:
05:27:91:af:f0:35:c3:b3:11:9e:90:b2:ae:f0:3c:75:73:cc:
8e:06:c2:47:62:84:22:0c:f5:21:0f:56:9a:1f:f6:1e:f1:7b:
9a:30:d8:fa:3e:cc:62:a0:d8:6e:30:4f:49:87:5b:8a:36:bf:
c5:b4:a7:f9:ae:de:74:74:8b:e0:ae:85:48:bc:ac:db:91:af:
db:92:2a:f4:6f:ab:17:87:4c:e2:44:0b:0c:bb:18:f7:1b:0b:
74:a3:5f:20:b7:75:6d:4b:77:6f:06:75:35:d4:74:f1:9c:33:
f3:bb:4b:31:0e:90:c3:7b:1a:0e:0f:07:27:e0:fa:fb:d2:17:
11:4a:d4:e8
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZokgZXQucTrB94kWQbjdOmSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUxMDI3MDcxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg2NjQ2YzU4NzZhZDhiNzc1ZTkyNTg1NTg5MGU2NDdkMWMwZGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KAOT3Nvd1wHg/EmzAEc308qJdgx
QIowtms3BIW2MIsc6SD1C6BEPaqbzNJj9kHbZfPr45dItKUtr6a826TUbb1//I9H
y4Ndagf3iz7sqOmQ1f9Cvy2i7jXBItXfhw+wo8+z3wcMvWSsFiu+h54pnxSOuxW5
ihxRUSmvwA1s/RNZnVNHVtwNwmKNUjriHFgEDICMRBeSwnGydcMC814rd50iJSRU
/nUhgeRl5jAGyX7K1EuvTJsSNXtdXzer0GmD6NiUFdWkIKswosUvQL2M1Fn2fz16
in0iwgpoy7LudFXexoCC8mOBsLs/i/8hxEtSbT+eXXZiFBmvM+xUxrVF3wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKCGZGxYdq2Ld16SWFWJDmR9HA3SMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvb0laa2JGaDJyWXQzWHBKWVZZa09aSDBjRGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAkDgIAwQA
kDgrMAwDBACQOC0DBACQODADBAGQODQDBACQOEkDBACQOEsDBACQOE0DBACQOFID
BACQOFcDBACQOFwDBACQOGADBACQOGgDBACQOHswDQYJKoZIhvcNAQELBQADggEB
AKHTUVMiAJ88dVr9Vv8ETxKlAr0zxdLS1Y3eRRMx9QMWc+7OYsDCOa0RYU5/8Ugh
T9tALMKPYOeIfs3TwAtX1PzVPfVGW1LkUW+HpY70+NGff+EEdETYdwaHBzFt+iWf
AS/7kDnNRMo86FJIajWt+/aPooTat2P6vkRIMQRd2wUnka/wNcOzEZ6Qsq7wPHVz
zI4GwkdihCIM9SEPVpof9h7xe5ow2Po+zGKg2G4wT0mHW4o2v8W0p/mu3nR0i+Cu
hUi8rNuRr9uSKvRvqxeHTOJECwy7GPcbC3SjXyC3dW1Ld28GdTXUdPGcM/O7SzEO
kMN7Gg4PByfg+vvSFxFK1Og=
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:01:13 2025 by rpki-client