Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/uBWox13mMSaJwJzdxZl5vrK1Uy0.roa
File: uBWox13mMSaJwJzdxZl5vrK1Uy0.roa (raw, json)
Hash identifier: n6tpZm0AgzOjJsWYl0Kbuzd8II7kteFHYXTsaYGDKCc=
Subject key identifier: B8:15:A8:C7:5D:E6:31:26:89:C0:9C:DD:C5:99:79:BE:B2:B5:53:2D
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019800100CD14105CDE841C5250097ADA191
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/uBWox13mMSaJwJzdxZl5vrK1Uy0.roa
Signing time: Sat 12 Jul 2025 19:15:08 +0000
ROA not before: Sat 12 Jul 2025 19:15:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.40.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
144.56.98.0/24 maxlen: 24
144.56.108.0/24 maxlen: 24
144.56.118.0/24 maxlen: 24
144.56.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:00:10:0c:d1:41:05:cd:e8:41:c5:25:00:97:ad:a1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jul 12 19:15:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b815a8c75de6312689c09cddc59979beb2b5532d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:03:85:84:ff:8e:d0:09:2d:e8:76:79:99:ae:
de:24:d8:91:cb:97:7b:0f:f2:5f:a8:7d:5c:ae:02:
12:c1:12:fe:43:ee:c6:20:05:ef:d3:36:02:78:1e:
df:06:b3:42:63:c6:6a:aa:86:f1:22:86:55:ac:69:
b5:6c:83:90:b7:15:62:94:c9:e0:3d:a7:fd:57:2d:
7e:44:2b:ef:ec:cf:a5:53:42:ad:20:0f:7f:3c:f8:
2d:4a:cf:9c:21:3f:53:51:ec:56:b3:7c:0f:d8:03:
52:83:ef:96:ed:e3:d9:49:42:19:c4:a9:c0:58:96:
26:b1:89:9c:1a:b7:53:0c:86:55:03:8c:e1:b9:67:
80:14:4d:21:7c:bf:4c:0b:e0:a9:29:51:e2:99:8a:
ab:28:99:ab:13:3e:c8:49:78:fb:0d:34:eb:35:ef:
27:f5:39:61:22:28:1a:e5:3d:83:5c:f7:db:c1:de:
08:74:8b:0f:f8:42:66:8c:3e:55:aa:ad:9f:e6:5f:
db:d0:e8:dd:e6:e2:a3:df:63:bd:4e:59:cd:d9:6b:
a3:70:6f:cf:89:9e:5d:29:75:c9:18:cb:d3:31:94:
d5:16:bd:3d:c9:93:a1:0b:9e:8f:24:8d:8b:ef:b6:
9a:12:e7:e2:99:dc:3a:29:d6:11:08:f1:2b:cc:99:
30:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:15:A8:C7:5D:E6:31:26:89:C0:9C:DD:C5:99:79:BE:B2:B5:53:2D
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/uBWox13mMSaJwJzdxZl5vrK1Uy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.23.0/24
144.56.36.0/24
144.56.38.0/24
144.56.40.0/24
144.56.76.0/24
144.56.98.0/24
144.56.108.0/24
144.56.118.0/24
144.56.128.0/24
Signature Algorithm: sha256WithRSAEncryption
90:15:40:68:99:cc:16:6d:87:5d:23:d4:c4:5e:74:63:3d:ef:
a9:58:e6:ed:d8:72:54:14:1f:51:cd:00:5b:b5:5b:57:0f:20:
27:63:d1:9a:d0:11:34:7c:22:be:69:16:26:68:f0:bd:8a:2e:
d9:47:89:f9:56:77:e0:53:d7:19:0b:ab:e9:f2:5f:93:a1:81:
c0:59:d8:c1:82:31:65:2f:8b:96:8d:a6:d9:57:e7:37:d2:b3:
3d:fd:6c:c5:e0:0d:ad:69:b5:c4:13:94:3b:9a:6f:84:42:51:
67:fa:60:6f:f4:43:51:2f:1e:83:f4:ee:4c:25:5b:ae:46:cb:
7f:0c:cb:28:ae:19:e6:a5:a7:2c:c9:99:a9:df:94:2a:fa:bc:
8f:2f:cb:a8:46:d2:e6:d5:7b:9e:75:73:c2:21:95:43:8c:2d:
0e:79:2c:e7:fb:b7:ec:7b:73:51:0c:96:70:bf:d8:b7:c8:8d:
d9:31:21:51:cb:cd:01:cb:fa:18:98:83:4b:66:66:66:a1:14:
d1:d5:5d:95:02:fc:ec:94:ef:3b:c2:17:4c:48:2a:b3:ff:8d:
e6:f0:02:47:fd:7d:df:d3:42:98:43:f4:d7:6c:a6:fc:fe:74:
f0:29:f2:2b:92:77:f7:8c:21:94:d8:2a:89:e7:0d:08:84:99:
23:44:5e:2b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZgAEAzRQQXN6EHFJQCXraGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNzEyMTkxNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODE1YThjNzVkZTYzMTI2ODljMDljZGRjNTk5NzliZWIyYjU1MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwOFhP+O0Akt6HZ5ma7eJNiRy5d7
D/JfqH1crgISwRL+Q+7GIAXv0zYCeB7fBrNCY8ZqqobxIoZVrGm1bIOQtxVilMng
Paf9Vy1+RCvv7M+lU0KtIA9/PPgtSs+cIT9TUexWs3wP2ANSg++W7ePZSUIZxKnA
WJYmsYmcGrdTDIZVA4zhuWeAFE0hfL9MC+CpKVHimYqrKJmrEz7ISXj7DTTrNe8n
9TlhIiga5T2DXPfbwd4IdIsP+EJmjD5Vqq2f5l/b0Ojd5uKj32O9TlnN2WujcG/P
iZ5dKXXJGMvTMZTVFr09yZOhC56PJI2L77aaEufimdw6KdYRCPErzJkwtQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLgVqMdd5jEmicCc3cWZeb6ytVMtMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvdUJXb3gxM21NU2FKd0p6ZHhabDV2cksxVXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAkDgNAwQA
kDgXAwQAkDgkAwQAkDgmAwQAkDgoAwQAkDhMAwQAkDhiAwQAkDhsAwQAkDh2AwQA
kDiAMA0GCSqGSIb3DQEBCwUAA4IBAQCQFUBomcwWbYddI9TEXnRjPe+pWObt2HJU
FB9RzQBbtVtXDyAnY9Ga0BE0fCK+aRYmaPC9ii7ZR4n5VnfgU9cZC6vp8l+ToYHA
WdjBgjFlL4uWjabZV+c30rM9/WzF4A2tabXEE5Q7mm+EQlFn+mBv9ENRLx6D9O5M
JVuuRst/DMsorhnmpacsyZmp35Qq+ryPL8uoRtLm1XuedXPCIZVDjC0OeSzn+7fs
e3NRDJZwv9i3yI3ZMSFRy80By/oYmINLZmZmoRTR1V2VAvzslO87whdMSCqz/43m
8AJH/X3f00KYQ/TXbKb8/nTwKfIrknf3jCGU2CqJ5w0IhJkjRF4r
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:31:05 2025 by rpki-client