Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/k7L5P2-pybM6axXauNiLmubVx5w.roa
File: k7L5P2-pybM6axXauNiLmubVx5w.roa (raw, json)
Hash identifier: 4pNco59A+DAjWm/A0lbEMapWksPMnWRDbz3uqSa2hI0=
Subject key identifier: 93:B2:F9:3F:6F:A9:C9:B3:3A:6B:15:DA:B8:D8:8B:9A:E6:D5:C7:9C
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019807AFF59733BAD6DE50AFC71D7F53088A
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/k7L5P2-pybM6axXauNiLmubVx5w.roa
Signing time: Mon 14 Jul 2025 06:47:08 +0000
ROA not before: Mon 14 Jul 2025 06:47:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.37.0/24 maxlen: 24
144.56.39.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:af:f5:97:33:ba:d6:de:50:af:c7:1d:7f:53:08:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jul 14 06:47:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93b2f93f6fa9c9b33a6b15dab8d88b9ae6d5c79c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:16:30:21:cf:1e:9e:4d:b1:72:5a:ec:b3:1b:
06:62:cb:73:21:aa:e5:dd:37:5f:9c:0a:59:ad:c3:
00:de:b5:9e:8f:a6:95:02:21:06:09:bf:17:c0:27:
74:98:26:c1:3d:f7:e9:df:70:24:be:4d:96:10:c9:
80:5f:4b:86:30:d6:17:aa:c0:3a:c9:bc:13:00:e1:
b7:06:12:34:92:c2:79:b1:f4:bc:5d:c0:ae:02:4f:
72:71:a0:fd:6d:89:c8:59:1a:54:10:de:e5:9e:dd:
67:e2:95:10:c8:e2:46:b1:49:77:1a:a8:26:74:c7:
01:f5:d4:51:0b:e2:9c:87:cd:b5:69:15:ec:aa:2a:
2d:4b:8b:15:c7:c3:e8:f0:90:f2:14:03:5e:50:f2:
e0:5b:78:6e:9d:93:8a:24:c3:6d:f3:6a:cb:04:b7:
89:a8:ec:51:f0:b7:63:0d:3c:5b:21:5e:a8:41:92:
9c:94:7f:9b:b2:dd:71:67:27:fc:57:f5:f1:1c:3c:
b0:44:0a:03:35:45:ad:c9:22:cf:05:64:05:58:04:
12:ca:28:21:ac:89:d2:db:a6:b7:b3:55:e8:60:23:
ca:cd:d5:30:f9:b8:f6:57:72:0f:17:27:5c:6d:8b:
0c:ee:99:6c:ff:f0:83:9f:1d:39:3b:ad:47:1b:09:
ee:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B2:F9:3F:6F:A9:C9:B3:3A:6B:15:DA:B8:D8:8B:9A:E6:D5:C7:9C
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/k7L5P2-pybM6axXauNiLmubVx5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0/24
144.56.37.0/24
144.56.39.0/24
144.56.41.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ab:a3:0d:70:3b:15:06:41:b3:b9:09:60:aa:43:70:c7:7e:
75:5c:38:ad:28:61:d5:ea:a5:5d:5a:61:0e:59:3e:a6:06:f0:
b2:8f:ba:1e:79:04:b6:6a:99:0a:6b:3d:38:05:db:98:b7:94:
1e:28:21:c3:93:75:87:bd:02:99:e9:bc:8f:27:0a:56:ba:ec:
5d:e5:b5:69:20:c2:c0:c1:e1:f0:c0:94:53:5e:be:3b:10:3e:
c7:61:5c:32:b5:56:d3:3b:1c:ff:f6:a9:84:27:06:74:a9:e8:
84:7d:4c:94:2d:4f:bc:7a:ee:04:93:75:47:1c:23:41:22:8a:
ec:11:a2:e5:11:17:2e:c9:41:ca:d5:0d:59:df:3c:d5:0a:e8:
75:3d:af:f6:48:12:ae:95:bc:74:5e:54:b7:57:8c:1b:e8:51:
7b:6d:05:13:f3:77:b4:9f:7f:19:16:13:2c:17:c1:c6:69:1d:
88:bd:bb:db:f3:d8:3e:7e:7e:81:40:7d:90:a9:1d:c4:c7:29:
66:6a:55:85:8d:7a:ab:6d:21:9e:d4:f9:cf:f3:e2:87:10:32:
ba:35:33:c8:9c:e2:79:49:fc:8d:fa:62:71:76:fe:27:98:97:
74:0e:6f:35:0d:88:38:80:91:85:94:1f:4c:eb:83:ca:ef:9d:
cd:ac:b4:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgHr/WXM7rW3lCvxx1/UwiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNzE0MDY0NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2IyZjkzZjZmYTljOWIzM2E2YjE1ZGFiOGQ4OGI5YWU2ZDVjNzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxYwIc8enk2xclrssxsGYstzIarl
3TdfnApZrcMA3rWej6aVAiEGCb8XwCd0mCbBPffp33Akvk2WEMmAX0uGMNYXqsA6
ybwTAOG3BhI0ksJ5sfS8XcCuAk9ycaD9bYnIWRpUEN7lnt1n4pUQyOJGsUl3Gqgm
dMcB9dRRC+Kch821aRXsqiotS4sVx8Po8JDyFANeUPLgW3hunZOKJMNt82rLBLeJ
qOxR8LdjDTxbIV6oQZKclH+bst1xZyf8V/XxHDywRAoDNUWtySLPBWQFWAQSyigh
rInS26a3s1XoYCPKzdUw+bj2V3IPFydcbYsM7pls//CDnx05O61HGwnuHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJOy+T9vqcmzOmsV2rjYi5rm1cecMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvazdMNVAyLXB5Yk02YXhYYXVOaUxtdWJWeDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkDgjAwQA
kDglAwQAkDgnAwQAkDgpMA0GCSqGSIb3DQEBCwUAA4IBAQAwq6MNcDsVBkGzuQlg
qkNwx351XDitKGHV6qVdWmEOWT6mBvCyj7oeeQS2apkKaz04BduYt5QeKCHDk3WH
vQKZ6byPJwpWuuxd5bVpIMLAweHwwJRTXr47ED7HYVwytVbTOxz/9qmEJwZ0qeiE
fUyULU+8eu4Ek3VHHCNBIorsEaLlERcuyUHK1Q1Z3zzVCuh1Pa/2SBKulbx0XlS3
V4wb6FF7bQUT83e0n38ZFhMsF8HGaR2Ivbvb89g+fn6BQH2QqR3ExylmalWFjXqr
bSGe1PnP8+KHEDK6NTPInOJ5SfyN+mJxdv4nmJd0Dm81DYg4gJGFlB9M64PK753N
rLSJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:21:00 2025 by rpki-client