Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yGxT3VcI2quR0RtOu-KHmgw_iSI.roa
File: yGxT3VcI2quR0RtOu-KHmgw_iSI.roa (raw, json)
Hash identifier: 7U61WOOnhm7TQXCYjDcXX/K3dVnujrxrS89EhpP1ZcQ=
Subject key identifier: C8:6C:53:DD:57:08:DA:AB:91:D1:1B:4E:BB:E2:87:9A:0C:3F:89:22
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019A248193E15B6839F4EEED4580A5B518CB
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yGxT3VcI2quR0RtOu-KHmgw_iSI.roa
Signing time: Mon 27 Oct 2025 07:11:03 +0000
ROA not before: Mon 27 Oct 2025 07:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.40.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
144.56.93.0/24 maxlen: 24
144.56.95.0/24 maxlen: 24
144.56.97.0/24 maxlen: 24
144.56.98.0/24 maxlen: 24
144.56.99.0/24 maxlen: 24
144.56.100.0/24 maxlen: 24
144.56.101.0/24 maxlen: 24
144.56.103.0/24 maxlen: 24
144.56.106.0/24 maxlen: 24
144.56.108.0/24 maxlen: 24
144.56.114.0/24 maxlen: 24
144.56.115.0/24 maxlen: 24
144.56.116.0/24 maxlen: 24
144.56.117.0/24 maxlen: 24
144.56.118.0/24 maxlen: 24
144.56.119.0/24 maxlen: 24
144.56.120.0/24 maxlen: 24
144.56.121.0/24 maxlen: 24
144.56.122.0/24 maxlen: 24
144.56.124.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
144.56.126.0/24 maxlen: 24
144.56.127.0/24 maxlen: 24
144.56.128.0/24 maxlen: 24
144.56.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:81:93:e1:5b:68:39:f4:ee:ed:45:80:a5:b5:18:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Oct 27 07:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c86c53dd5708daab91d11b4ebbe2879a0c3f8922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b6:9a:f6:c3:25:12:40:86:a3:7a:ea:3d:cf:
1d:a5:9b:b9:d5:20:eb:4f:cd:7c:f4:01:01:c4:de:
8a:c9:d0:c0:61:83:cc:11:28:fa:5d:ec:a0:1e:ef:
89:51:f6:c6:43:29:0f:fb:28:5a:b9:88:b5:1b:b7:
3f:cd:98:cc:d7:7a:8d:14:b4:45:dd:ac:86:5e:e7:
90:48:d1:62:db:76:7e:c4:f2:c6:20:09:37:da:ef:
fd:e1:22:74:16:68:43:9b:6f:be:2a:f6:40:8a:60:
18:a8:50:22:09:e5:4c:a8:4e:39:56:d0:8f:3d:1b:
13:fd:50:5a:0f:58:24:6e:4f:6d:ba:4b:f2:eb:52:
b8:05:ae:47:17:96:80:6a:7f:0f:c7:2f:0c:10:5b:
a6:5c:4e:4f:7a:d0:ee:b7:72:b7:9f:56:bf:ef:99:
46:60:34:79:b7:2e:8b:2e:23:94:fc:83:74:95:91:
2c:a2:79:55:59:48:b9:63:cf:fe:e9:4a:92:9a:34:
56:c5:d9:a2:0e:a7:7a:b2:9b:55:6b:93:b4:36:49:
a0:6c:0c:9a:95:af:4a:80:7c:f7:a3:78:9a:4f:e8:
f4:95:ad:91:37:48:e1:04:92:d7:55:68:94:c7:46:
d5:78:95:6b:a6:0d:4f:44:55:d7:18:40:60:97:74:
7c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:6C:53:DD:57:08:DA:AB:91:D1:1B:4E:BB:E2:87:9A:0C:3F:89:22
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yGxT3VcI2quR0RtOu-KHmgw_iSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.23.0/24
144.56.36.0/24
144.56.38.0/24
144.56.40.0/24
144.56.76.0/24
144.56.93.0/24
144.56.95.0/24
144.56.97.0-144.56.101.255
144.56.103.0/24
144.56.106.0/24
144.56.108.0/24
144.56.114.0-144.56.122.255
144.56.124.0-144.56.129.255
Signature Algorithm: sha256WithRSAEncryption
b5:6c:8c:a8:07:62:64:fb:91:97:e5:82:2d:af:8e:3e:36:01:
18:61:db:82:3b:1a:9f:e9:5b:07:43:60:32:c1:f8:6e:3d:5c:
ff:20:ca:5b:3e:72:b5:35:2a:87:25:28:9a:4f:d7:c6:3c:74:
8e:c1:95:e0:8c:8c:81:33:ff:21:6b:10:70:af:27:e7:8d:ed:
3a:ff:a5:0c:e7:c4:bc:c9:07:58:c5:01:5b:46:c7:6d:fc:69:
cf:f9:9a:62:b1:40:29:4b:ac:8f:35:2f:8f:f6:f0:09:e2:9f:
2f:72:11:be:b5:b2:b2:f8:d6:b8:e2:60:db:f5:30:30:f4:68:
91:51:1d:69:86:70:a9:b1:35:fb:87:e2:0b:84:8d:d8:82:4a:
52:89:0d:df:57:29:18:15:c2:4b:db:95:ee:d4:ce:df:ff:11:
b0:59:16:79:51:5a:88:fd:07:9c:1d:15:9b:21:fd:ee:bd:e6:
ee:f0:2d:21:b9:96:4a:d1:95:06:e5:96:75:6d:5c:78:c6:43:
52:db:bb:87:d2:50:50:47:31:4b:b2:6e:00:0c:7e:fa:c5:fb:
d1:ae:10:79:05:53:89:3c:e5:67:bb:88:9f:78:bd:87:17:81:
06:6b:a4:09:c7:03:63:e9:fb:d0:7d:b8:7c:ba:4c:5b:35:40:
1d:5d:ae:f3
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZokgZPhW2g59O7tRYCltRjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUxMDI3MDcxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODZjNTNkZDU3MDhkYWFiOTFkMTFiNGViYmUyODc5YTBjM2Y4OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7aa9sMlEkCGo3rqPc8dpZu51SDr
T8189AEBxN6KydDAYYPMESj6XeygHu+JUfbGQykP+yhauYi1G7c/zZjM13qNFLRF
3ayGXueQSNFi23Z+xPLGIAk32u/94SJ0FmhDm2++KvZAimAYqFAiCeVMqE45VtCP
PRsT/VBaD1gkbk9tukvy61K4Ba5HF5aAan8Pxy8MEFumXE5PetDut3K3n1a/75lG
YDR5ty6LLiOU/IN0lZEsonlVWUi5Y8/+6UqSmjRWxdmiDqd6sptVa5O0NkmgbAya
la9KgHz3o3iaT+j0la2RN0jhBJLXVWiUx0bVeJVrpg1PRFXXGEBgl3R8VwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMhsU91XCNqrkdEbTrvih5oMP4kiMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEveUd4VDNWY0kycXVSMFJ0T3UtS0htZ3dfaVNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAJA4DQME
AJA4FwMEAJA4JAMEAJA4JgMEAJA4KAMEAJA4TAMEAJA4XQMEAJA4XzAMAwQAkDhh
AwQBkDhkAwQAkDhnAwQAkDhqAwQAkDhsMAwDBAGQOHIDBACQOHowDAMEApA4fAME
AZA4gDANBgkqhkiG9w0BAQsFAAOCAQEAtWyMqAdiZPuRl+WCLa+OPjYBGGHbgjsa
n+lbB0NgMsH4bj1c/yDKWz5ytTUqhyUomk/Xxjx0jsGV4IyMgTP/IWsQcK8n543t
Ov+lDOfEvMkHWMUBW0bHbfxpz/maYrFAKUusjzUvj/bwCeKfL3IRvrWysvjWuOJg
2/UwMPRokVEdaYZwqbE1+4fiC4SN2IJKUokN31cpGBXCS9uV7tTO3/8RsFkWeVFa
iP0HnB0VmyH97r3m7vAtIbmWStGVBuWWdW1ceMZDUtu7h9JQUEcxS7JuAAx++sX7
0a4QeQVTiTzlZ7uIn3i9hxeBBmukCccDY+n70H24fLpMWzVAHV2u8w==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:03:00 2025 by rpki-client