Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/ptQmzUzw72uM5_S0AvahL7yeKgY.roa
File: ptQmzUzw72uM5_S0AvahL7yeKgY.roa (raw, json)
Hash identifier: mLkCxJYQafQAYyPYUaQVnHpXAwC2T8cPKb3Og0bw/v0=
Subject key identifier: A6:D4:26:CD:4C:F0:EF:6B:8C:E7:F4:B4:02:F6:A1:2F:BC:9E:2A:06
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019D4D0105F6C40D093393AEAFA6CB13E3ED
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/ptQmzUzw72uM5_S0AvahL7yeKgY.roa
Signing time: Thu 02 Apr 2026 07:03:25 +0000
ROA not before: Thu 02 Apr 2026 07:03:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.95.0/24 maxlen: 24
144.56.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4d:01:05:f6:c4:0d:09:33:93:ae:af:a6:cb:13:e3:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 2 07:03:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6d426cd4cf0ef6b8ce7f4b402f6a12fbc9e2a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0a:aa:e8:8f:fe:64:1c:c3:49:1e:45:a2:0f:
3e:0a:b5:fd:34:d5:8f:cd:fc:f6:c0:ce:ee:1e:da:
64:a1:a7:1a:d8:09:72:f6:8c:09:fc:b4:19:88:f3:
58:5b:7c:8b:d5:1c:51:84:f2:6b:3c:fe:ef:6a:cf:
33:ce:33:97:15:02:86:5f:4a:fa:a5:ee:1f:d3:4c:
08:76:b9:79:d4:3b:d3:26:81:04:1c:c3:e9:42:eb:
f9:66:66:76:ff:3f:02:6c:82:4f:1a:47:36:05:06:
29:12:81:70:59:bc:c2:c6:09:35:6f:89:df:a1:e1:
1d:98:d1:d6:ee:50:99:95:ac:72:23:86:5b:e7:ef:
dd:f5:df:82:45:b6:c4:92:dd:84:53:f0:c7:ef:9e:
95:68:e4:d0:bc:cd:ce:21:d0:4c:a2:c5:a6:bd:2c:
ea:cd:34:0b:90:32:24:4e:9d:5a:11:da:00:66:d4:
e1:13:33:78:5d:fb:1a:6d:b4:de:34:68:e7:80:67:
c4:ca:93:7c:79:93:8f:8f:2a:7a:bf:7a:92:bc:44:
6d:f8:7b:71:99:9b:85:d7:b3:89:14:a2:5d:90:16:
fa:14:f3:de:a5:b5:31:c3:ec:27:bb:93:b9:69:f9:
09:70:b3:cf:ea:c7:99:07:c7:1c:5f:18:1c:24:31:
14:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:D4:26:CD:4C:F0:EF:6B:8C:E7:F4:B4:02:F6:A1:2F:BC:9E:2A:06
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/ptQmzUzw72uM5_S0AvahL7yeKgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0-144.56.36.255
144.56.38.0/24
144.56.95.0/24
144.56.114.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:bf:bd:8b:61:27:90:88:9d:e1:f6:6b:63:ec:01:f5:a5:00:
60:bc:79:a1:4d:b6:55:1b:6b:a8:5e:c5:39:64:49:9f:8a:b4:
fe:f6:a5:6a:ce:e1:a5:7a:7e:71:ba:43:08:45:85:1b:f0:88:
a5:e0:75:8c:57:51:e5:c2:a5:3a:c3:16:4f:2c:ee:4c:d6:cf:
34:f0:40:85:8a:76:ff:35:1c:86:21:95:46:87:25:f6:fe:a2:
8b:db:d4:f4:e5:37:e2:f1:9e:20:94:0f:01:13:c4:a3:39:b1:
25:e3:2e:6a:fd:dd:52:8b:5b:bf:29:c2:3c:31:83:99:32:88:
1f:24:a1:d1:d1:01:c5:fd:16:f6:f8:2c:3f:1b:04:96:96:00:
cf:f1:09:6c:93:30:61:81:ab:e0:20:76:23:07:e9:c7:5a:63:
2a:5c:67:4a:d3:8b:fb:95:64:ec:9f:96:ca:b1:a7:75:46:a0:
67:b5:e2:23:4f:3f:7f:c6:a9:2f:b6:16:53:32:0e:76:83:86:
3b:c0:56:31:cb:35:85:34:f1:81:09:bd:1f:77:74:16:b0:1d:
13:90:63:d1:c3:08:6d:63:f1:a1:b8:24:94:41:8f:53:11:53:
c2:bb:04:9a:b9:43:41:da:7e:f3:54:da:40:cf:2d:73:15:2f:
39:ce:af:1c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ1NAQX2xA0JM5Our6bLE+PtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjYwNDAyMDcwMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmQ0MjZjZDRjZjBlZjZiOGNlN2Y0YjQwMmY2YTEyZmJjOWUyYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAqq6I/+ZBzDSR5Fog8+CrX9NNWP
zfz2wM7uHtpkoaca2Aly9owJ/LQZiPNYW3yL1RxRhPJrPP7vas8zzjOXFQKGX0r6
pe4f00wIdrl51DvTJoEEHMPpQuv5ZmZ2/z8CbIJPGkc2BQYpEoFwWbzCxgk1b4nf
oeEdmNHW7lCZlaxyI4Zb5+/d9d+CRbbEkt2EU/DH756VaOTQvM3OIdBMosWmvSzq
zTQLkDIkTp1aEdoAZtThEzN4XfsabbTeNGjngGfEypN8eZOPjyp6v3qSvERt+Htx
mZuF17OJFKJdkBb6FPPepbUxw+wnu5O5afkJcLPP6seZB8ccXxgcJDEUJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKbUJs1M8O9rjOf0tAL2oS+8nioGMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvcHRRbXpVenc3MnVNNV9TMEF2YWhMN3llS2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBACQOCMD
BACQOCQDBACQOCYDBACQOF8DBACQOHIwDQYJKoZIhvcNAQELBQADggEBAJ+/vYth
J5CIneH2a2PsAfWlAGC8eaFNtlUba6hexTlkSZ+KtP72pWrO4aV6fnG6QwhFhRvw
iKXgdYxXUeXCpTrDFk8s7kzWzzTwQIWKdv81HIYhlUaHJfb+oovb1PTlN+LxniCU
DwETxKM5sSXjLmr93VKLW78pwjwxg5kyiB8kodHRAcX9Fvb4LD8bBJaWAM/xCWyT
MGGBq+AgdiMH6cdaYypcZ0rTi/uVZOyflsqxp3VGoGe14iNPP3/GqS+2FlMyDnaD
hjvAVjHLNYU08YEJvR93dBawHROQY9HDCG1j8aG4JJRBj1MRU8K7BJq5Q0HafvNU
2kDPLXMVLznOrxw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:32:02 2026 by rpki-client