Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yZFvW812QeQ-SDOd-NxPjgAmXKs.roa
File: yZFvW812QeQ-SDOd-NxPjgAmXKs.roa (raw, json)
Hash identifier: tgPqsP3QLMneWItwJodL3YOV3kDTKFjFzXFmCkxHlLM=
Subject key identifier: C9:91:6F:5B:CD:76:41:E4:3E:48:33:9D:F8:DC:4F:8E:00:26:5C:AB
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019807AFF6172280BBB90904D10AE7AD19C4
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yZFvW812QeQ-SDOd-NxPjgAmXKs.roa
Signing time: Mon 14 Jul 2025 06:47:08 +0000
ROA not before: Mon 14 Jul 2025 06:47:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 144.56.9.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:af:f6:17:22:80:bb:b9:09:04:d1:0a:e7:ad:19:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jul 14 06:47:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9916f5bcd7641e43e48339df8dc4f8e00265cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:3a:be:4e:37:25:8c:94:5d:86:01:f4:c6:
7c:11:ab:ce:82:a9:a0:f2:4c:9d:6b:c3:38:58:eb:
a0:1f:54:fa:b3:8c:fe:4c:91:b3:ea:29:cc:b7:fe:
de:eb:1d:ff:00:50:40:d1:5b:d8:3a:6d:8a:04:b0:
9a:dd:83:9b:71:1e:4c:68:23:33:34:17:5f:61:8d:
cc:59:11:86:31:9d:93:40:e3:8d:4b:64:af:b5:6c:
a7:dc:aa:0e:5b:56:9a:dc:8d:d4:3c:f7:30:68:bd:
81:d9:1c:5c:9a:59:1e:94:7d:44:e6:ad:fc:22:5a:
6a:67:99:df:4e:f7:06:15:e6:d9:01:85:40:01:88:
0f:7f:18:99:2c:5e:87:c6:b7:5e:fd:9f:ba:6a:73:
27:c1:52:dc:54:d3:a9:53:f4:81:45:3e:50:e0:b2:
a5:aa:cb:6f:26:7d:d3:a4:7a:b8:7d:d0:45:9a:18:
af:b7:42:ee:86:61:fa:09:ce:9f:5a:9b:ba:71:19:
ba:da:9f:03:3c:9f:a1:9e:98:fd:ca:e5:8e:6c:80:
db:7b:82:cb:04:2b:f3:cc:6a:62:49:00:fd:30:5b:
54:21:cc:86:0a:2c:f5:dc:2a:79:95:99:8b:a1:b8:
00:50:ee:c2:bc:1a:a1:68:cd:af:d8:e7:93:42:e8:
bf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:91:6F:5B:CD:76:41:E4:3E:48:33:9D:F8:DC:4F:8E:00:26:5C:AB
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/yZFvW812QeQ-SDOd-NxPjgAmXKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.9.0/24
144.56.33.0/24
Signature Algorithm: sha256WithRSAEncryption
21:b0:2b:90:30:0e:40:ae:34:cf:bd:b9:26:71:33:2d:cd:3c:
2b:93:75:1d:44:f6:16:a8:39:51:84:ad:d3:31:d0:28:87:a4:
d8:78:31:c5:1d:cb:47:98:b6:50:79:cd:c8:e4:dc:55:7b:a2:
82:20:5e:3f:29:05:d2:ba:e6:e3:be:34:48:33:ac:d0:7e:6b:
76:5e:0f:7b:6a:71:92:3b:bd:6d:84:9b:60:61:7e:8d:b3:f7:
8e:9c:f6:d2:74:66:df:4e:7a:4c:99:53:bb:c6:71:f4:b0:4b:
d8:a0:30:2c:5b:b4:c9:f3:82:c4:28:49:29:fe:5a:87:ea:b5:
ba:89:6f:8a:1b:a2:d0:a7:2e:e3:ea:09:92:68:8d:1c:ea:6e:
8d:08:7e:22:af:bb:e2:1f:e5:b4:a2:ae:d6:fe:0f:57:c0:9e:
b6:61:fb:8d:21:3c:52:97:35:94:d0:23:06:7a:d8:49:d8:b4:
c1:c1:3a:08:24:03:37:b2:76:0e:80:1b:fa:2f:d4:1a:af:7c:
90:d9:f2:fd:25:1f:af:67:46:8e:9b:41:44:00:72:a8:77:b8:
be:66:88:b7:c1:88:f8:fd:5a:9e:b6:e1:48:40:62:ff:2e:32:
54:d9:16:9b:f3:b2:f6:17:21:5a:7b:cb:28:f0:57:fa:cb:73:
23:cc:5e:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgHr/YXIoC7uQkE0QrnrRnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNzE0MDY0NzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTkxNmY1YmNkNzY0MWU0M2U0ODMzOWRmOGRjNGY4ZTAwMjY1Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2Y6vk43JYyUXYYB9MZ8EavOgqmg
8kyda8M4WOugH1T6s4z+TJGz6inMt/7e6x3/AFBA0VvYOm2KBLCa3YObcR5MaCMz
NBdfYY3MWRGGMZ2TQOONS2SvtWyn3KoOW1aa3I3UPPcwaL2B2RxcmlkelH1E5q38
IlpqZ5nfTvcGFebZAYVAAYgPfxiZLF6Hxrde/Z+6anMnwVLcVNOpU/SBRT5Q4LKl
qstvJn3TpHq4fdBFmhivt0LuhmH6Cc6fWpu6cRm62p8DPJ+hnpj9yuWObIDbe4LL
BCvzzGpiSQD9MFtUIcyGCiz13Cp5lZmLobgAUO7CvBqhaM2v2OeTQui/0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMmRb1vNdkHkPkgznfjcT44AJlyrMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEveVpGdlc4MTJRZVEtU0RPZC1OeFBqZ0FtWEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkDgJAwQA
kDghMA0GCSqGSIb3DQEBCwUAA4IBAQAhsCuQMA5ArjTPvbkmcTMtzTwrk3UdRPYW
qDlRhK3TMdAoh6TYeDHFHctHmLZQec3I5NxVe6KCIF4/KQXSuubjvjRIM6zQfmt2
Xg97anGSO71thJtgYX6Ns/eOnPbSdGbfTnpMmVO7xnH0sEvYoDAsW7TJ84LEKEkp
/lqH6rW6iW+KG6LQpy7j6gmSaI0c6m6NCH4ir7viH+W0oq7W/g9XwJ62YfuNITxS
lzWU0CMGethJ2LTBwToIJAM3snYOgBv6L9Qar3yQ2fL9JR+vZ0aOm0FEAHKod7i+
Zoi3wYj4/VqetuFIQGL/LjJU2Rab87L2FyFae8so8Ff6y3MjzF5R
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:31:03 2025 by rpki-client