Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/m3SzGaHBe-liV9k_hjkTUrNHXMg.roa
File: m3SzGaHBe-liV9k_hjkTUrNHXMg.roa (raw, json)
Hash identifier: 1IYirY3YGGwbakrzW31PvEOIIPUhpCQb3MNxcEFgdzs=
Subject key identifier: 9B:74:B3:19:A1:C1:7B:E9:62:57:D9:3F:86:39:13:52:B3:47:5C:C8
Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Certificate serial: 0198313666B2FE3E667149B10487AB2D5394
Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/m3SzGaHBe-liV9k_hjkTUrNHXMg.roa
Signing time: Tue 22 Jul 2025 08:18:25 +0000
ROA not before: Tue 22 Jul 2025 08:18:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 144.2.128.0/24 maxlen: 24
144.2.129.0/24 maxlen: 24
144.2.130.0/24 maxlen: 24
144.2.131.0/24 maxlen: 24
144.2.136.0/24 maxlen: 24
144.2.140.0/24 maxlen: 24
144.2.142.0/24 maxlen: 24
144.2.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft
rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:36:66:b2:fe:3e:66:71:49:b1:04:87:ab:2d:53:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3
Validity
Not Before: Jul 22 08:18:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b74b319a1c17be96257d93f86391352b3475cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:26:e3:37:ef:c6:7b:84:9f:65:6f:fb:e7:55:
ae:9d:3b:45:3b:a0:59:15:05:3e:58:d4:bf:d7:05:
ae:41:db:46:c9:5f:a9:a8:b7:d6:42:0e:a8:65:4c:
61:ec:f8:4a:eb:d0:1f:41:a6:5c:9d:5a:d7:0d:ca:
9a:c0:ba:7e:a4:95:cc:c7:ec:a4:7e:d0:c0:76:9a:
a1:f2:07:6e:87:14:98:c8:d2:7c:7a:dd:55:e0:8a:
36:6e:c3:c0:1c:dc:08:44:29:c0:06:9c:f9:55:27:
06:d2:b5:08:27:d2:db:1c:5d:77:5d:44:47:08:9d:
46:c4:9a:6d:c2:ac:6f:da:c6:ac:41:5b:63:43:89:
60:a9:d8:5f:28:c5:eb:19:1d:04:8f:44:39:5e:ee:
bc:d8:4c:24:7b:eb:ee:61:a7:1a:34:3b:f8:1e:4b:
34:a7:25:4d:c9:15:16:49:c0:b6:90:c6:ef:50:24:
73:b7:e7:3f:03:82:27:5e:9e:71:bf:45:d0:76:3f:
c6:cf:75:0f:1f:71:bf:25:de:c1:25:a4:9a:e9:c1:
cb:4b:4d:b7:11:d4:42:12:e5:11:5f:26:dd:ec:cc:
50:35:a0:72:20:18:bb:af:0f:fe:fa:40:4e:0c:e9:
dc:61:ff:14:9b:d5:e3:fb:c7:0b:d8:14:9f:54:63:
a7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:74:B3:19:A1:C1:7B:E9:62:57:D9:3F:86:39:13:52:B3:47:5C:C8
X509v3 Authority Key Identifier:
keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/m3SzGaHBe-liV9k_hjkTUrNHXMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.128.0/22
144.2.136.0/24
144.2.140.0/24
144.2.142.0/23
Signature Algorithm: sha256WithRSAEncryption
37:18:cd:2c:61:d3:93:69:fd:15:56:83:a8:04:43:cc:a2:ba:
da:be:e9:d9:85:be:6f:79:76:04:67:45:37:48:df:23:7e:37:
0e:3e:4d:66:61:10:e0:f1:b5:43:68:d1:e7:af:a0:1b:46:26:
de:27:44:be:ef:61:45:99:8f:cd:79:34:bc:9f:8c:bd:5a:7c:
93:72:c9:7c:3e:1c:82:55:32:52:06:e3:46:b8:59:15:92:bf:
1d:77:93:0d:6f:32:57:0c:8a:7c:27:a7:f6:8d:b3:a1:44:fb:
26:af:68:6b:ae:88:c5:b9:e8:08:08:4a:a3:67:0d:00:24:a4:
d1:46:9e:06:5a:09:b7:ba:58:e3:56:ef:68:c6:db:cf:73:b8:
06:f1:55:c8:a1:1c:06:cd:72:04:89:e3:6b:6a:73:00:90:77:
d2:5f:2f:e2:85:f8:c8:83:ce:9f:cd:aa:27:6f:6a:40:6e:0c:
32:c2:21:37:ff:f8:91:eb:82:80:85:f0:3b:7d:d4:c8:38:eb:
c1:38:ff:ac:4c:ea:a6:d0:85:06:78:7f:9d:bf:b0:ac:c4:25:
da:0d:57:29:39:19:b9:9d:f1:ce:de:cf:52:e7:bb:79:5b:9b:
49:27:25:43:66:e8:62:0f:02:22:6b:94:3e:57:61:b9:44:81:
18:bf:3b:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgxNmay/j5mcUmxBIerLVOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm
MTFhZDMwHhcNMjUwNzIyMDgxODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjc0YjMxOWExYzE3YmU5NjI1N2Q5M2Y4NjM5MTM1MmIzNDc1Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoybjN+/Ge4SfZW/751WunTtFO6BZ
FQU+WNS/1wWuQdtGyV+pqLfWQg6oZUxh7PhK69AfQaZcnVrXDcqawLp+pJXMx+yk
ftDAdpqh8gduhxSYyNJ8et1V4Io2bsPAHNwIRCnABpz5VScG0rUIJ9LbHF13XURH
CJ1GxJptwqxv2sasQVtjQ4lgqdhfKMXrGR0Ej0Q5Xu682Ewke+vuYacaNDv4Hks0
pyVNyRUWScC2kMbvUCRzt+c/A4InXp5xv0XQdj/Gz3UPH3G/Jd7BJaSa6cHLS023
EdRCEuURXybd7MxQNaByIBi7rw/++kBODOncYf8Um9Xj+8cL2BSfVGOntQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJt0sxmhwXvpYlfZP4Y5E1KzR1zIMB8GA1UdIwQY
MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt
NTA5NzRiY2RjMjQ4LzEvbTNTekdhSEJlLWxpVjlrX2hqa1RVck5IWE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4
LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCkAKAAwQA
kAKIAwQAkAKMAwQBkAKOMA0GCSqGSIb3DQEBCwUAA4IBAQA3GM0sYdOTaf0VVoOo
BEPMorravunZhb5veXYEZ0U3SN8jfjcOPk1mYRDg8bVDaNHnr6AbRibeJ0S+72FF
mY/NeTS8n4y9WnyTcsl8PhyCVTJSBuNGuFkVkr8dd5MNbzJXDIp8J6f2jbOhRPsm
r2hrrojFuegICEqjZw0AJKTRRp4GWgm3uljjVu9oxtvPc7gG8VXIoRwGzXIEieNr
anMAkHfSXy/ihfjIg86fzaonb2pAbgwywiE3//iR64KAhfA7fdTIOOvBOP+sTOqm
0IUGeH+dv7CsxCXaDVcpORm5nfHO3s9S57t5W5tJJyVDZuhiDwIia5Q+V2G5RIEY
vzve
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:14:50 2025 by rpki-client