Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS55720.roa
File: AS55720.roa (raw, json)
Hash identifier: +sWpwv8tI7di9APETHcEsAa6T0E7IO+wPI4Do5BHVXw=
Subject key identifier: EF:9B:B5:F6:AD:9E:51:F6:ED:33:ED:F8:72:A2:C7:3E:FB:A9:79:E4
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6ABB834987BAC1E93E56FF8A497DE4853D097927
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS55720.roa
Signing time: Thu 23 Oct 2025 04:24:59 +0000
ROA not before: Thu 23 Oct 2025 04:19:59 +0000
ROA not after: Thu 22 Oct 2026 04:24:59 +0000
asID: 55720
IP address blocks: 143.20.31.0/24 maxlen: 24
143.20.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:bb:83:49:87:ba:c1:e9:3e:56:ff:8a:49:7d:e4:85:3d:09:79:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 23 04:19:59 2025 GMT
Not After : Oct 22 04:24:59 2026 GMT
Subject: CN=EF9BB5F6AD9E51F6ED33EDF872A2C73EFBA979E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e9:24:36:a2:ce:a9:c0:7e:13:74:9f:8c:60:
50:e5:7f:f5:c1:44:f9:ea:5d:d7:26:43:af:2f:5d:
18:c5:43:2f:3e:bb:60:05:32:0c:0b:da:44:e0:4e:
0d:bc:d8:c7:a7:2c:f0:ca:0e:86:1a:2c:fb:8c:af:
63:f0:10:04:bf:ff:a1:26:37:ba:8f:b9:8f:c9:6c:
3a:16:e2:e0:c3:dc:c6:ba:95:db:a1:1b:81:89:28:
78:0c:81:98:f6:0f:b7:10:4c:de:d5:5f:a9:9c:d8:
5c:d1:07:d5:85:da:9e:4b:00:eb:e1:2f:92:53:ad:
ff:15:14:f7:98:1c:15:39:c4:57:d0:c3:2b:ea:36:
cb:7d:19:ed:82:06:c2:ac:72:32:1b:db:96:93:86:
0b:39:da:bf:05:98:aa:41:79:96:ad:8b:53:60:4a:
63:18:ba:44:50:57:db:1c:2e:00:34:3e:ed:fa:54:
7e:c1:bf:9b:cf:6b:4f:3b:cc:82:16:b7:a8:4c:33:
ea:d4:05:8b:4d:94:fd:f0:3f:54:24:03:88:01:9e:
f2:5f:a9:61:53:27:13:c9:08:63:6c:da:93:66:8d:
e0:28:36:7e:6c:14:6d:eb:58:26:d3:a4:64:89:55:
9b:8b:e8:35:a9:30:c4:57:6b:a7:f1:1e:c9:8f:6d:
9e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9B:B5:F6:AD:9E:51:F6:ED:33:ED:F8:72:A2:C7:3E:FB:A9:79:E4
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS55720.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.31.0/24
143.20.166.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ea:4a:f1:f2:47:e9:5b:a6:92:49:62:c5:0b:eb:a6:a7:32:
47:35:d1:be:f4:f4:2d:bd:c6:93:38:7e:3a:3b:ef:8d:8f:a0:
e8:e6:0c:04:1a:b3:9d:d2:22:52:9d:48:9f:04:6a:0b:97:a4:
02:73:d1:d1:c1:24:43:40:60:75:0d:9f:03:17:8d:6b:6a:28:
61:ea:26:42:16:6d:49:3e:fa:31:73:1d:5c:3f:20:b4:50:58:
31:5b:4e:62:27:8b:ea:12:27:f5:89:09:dc:11:1e:dd:c2:d8:
06:a4:c5:22:92:83:e3:dd:ca:98:a8:53:a8:e0:15:6d:87:2b:
6f:be:ec:1f:5f:84:ea:16:e0:50:c0:9b:a4:20:03:4a:6d:0f:
96:5c:0f:7b:35:02:13:71:05:00:e2:0b:ff:51:da:b2:ee:b0:
54:f3:ca:bd:24:5f:c4:2d:5a:62:b5:62:a3:9a:56:d7:db:8c:
08:f2:98:93:79:f5:07:90:54:0b:e2:a2:d3:28:88:dc:6e:bf:
06:e3:7b:9b:b4:92:1a:9e:7f:34:5c:d3:7f:bd:cd:76:05:60:
63:b1:94:1e:26:9a:23:12:40:a1:20:22:2f:21:bb:ff:0e:5a:
cb:95:55:01:5c:40:b3:c7:2e:a5:84:04:f9:0d:5d:39:59:3b:
02:f3:97:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUaruDSYe6wek+Vv+KSX3khT0JeScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjMwNDE5NTlaFw0yNjEwMjIwNDI0NTlaMDMxMTAvBgNV
BAMTKEVGOUJCNUY2QUQ5RTUxRjZFRDMzRURGODcyQTJDNzNFRkJBOTc5RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr6SQ2os6pwH4TdJ+MYFDlf/XB
RPnqXdcmQ68vXRjFQy8+u2AFMgwL2kTgTg282MenLPDKDoYaLPuMr2PwEAS//6Em
N7qPuY/JbDoW4uDD3Ma6lduhG4GJKHgMgZj2D7cQTN7VX6mc2FzRB9WF2p5LAOvh
L5JTrf8VFPeYHBU5xFfQwyvqNst9Ge2CBsKscjIb25aThgs52r8FmKpBeZati1Ng
SmMYukRQV9scLgA0Pu36VH7Bv5vPa087zIIWt6hMM+rUBYtNlP3wP1QkA4gBnvJf
qWFTJxPJCGNs2pNmjeAoNn5sFG3rWCbTpGSJVZuL6DWpMMRXa6fxHsmPbZ6DAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU75u19q2eUfbtM+34cqLHPvupeeQwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNTU3MjAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACPFB8D
BACPFKYwDQYJKoZIhvcNAQELBQADggEBAGbqSvHyR+lbppJJYsUL66anMkc10b70
9C29xpM4fjo7742PoOjmDAQas53SIlKdSJ8EaguXpAJz0dHBJENAYHUNnwMXjWtq
KGHqJkIWbUk++jFzHVw/ILRQWDFbTmIni+oSJ/WJCdwRHt3C2AakxSKSg+Pdypio
U6jgFW2HK2++7B9fhOoW4FDAm6QgA0ptD5ZcD3s1AhNxBQDiC/9R2rLusFTzyr0k
X8QtWmK1YqOaVtfbjAjymJN59QeQVAviotMoiNxuvwbje5u0khqefzRc03+9zXYF
YGOxlB4mmiMSQKEgIi8hu/8OWsuVVQFcQLPHLqWEBPkNXTlZOwLzlys=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:30:34 2025 by rpki-client