Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/CCbz5YANGtDBvodcNnD0zLmWJLk.roa
File: CCbz5YANGtDBvodcNnD0zLmWJLk.roa (raw, json)
Hash identifier: 3q5ZnquPVbWfKx8CllUcE2G8Rg6u8HLTQTfuwANAlwQ=
Subject key identifier: 08:26:F3:E5:80:0D:1A:D0:C1:BE:87:5C:36:70:F4:CC:B9:96:24:B9
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0199390E31F9632699F5DEE0FA4403D36E9D
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/CCbz5YANGtDBvodcNnD0zLmWJLk.roa
Signing time: Thu 11 Sep 2025 13:54:15 +0000
ROA not before: Thu 11 Sep 2025 13:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.7.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.15.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.35.0/24 maxlen: 24
144.56.37.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
144.56.50.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
144.56.98.0/24 maxlen: 24
144.56.102.0/24 maxlen: 24
144.56.108.0/24 maxlen: 24
144.56.118.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
144.56.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:39:0e:31:f9:63:26:99:f5:de:e0:fa:44:03:d3:6e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Sep 11 13:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0826f3e5800d1ad0c1be875c3670f4ccb99624b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c1:73:0a:60:31:d4:ea:50:7d:07:eb:42:dd:
fe:85:5e:ea:47:de:e0:c6:d5:cd:a8:1b:e1:7e:fc:
86:41:7a:d0:c5:9d:60:01:db:27:9e:28:61:cb:b2:
0b:a0:2b:4c:7c:e5:91:ca:ae:91:41:11:0b:5f:45:
7c:97:aa:e5:02:c9:4f:f5:85:4d:f8:7c:da:10:2f:
e0:8a:81:75:af:f7:a1:9c:02:e8:37:86:8a:e6:cf:
56:53:4f:53:2b:e7:8d:10:be:84:9e:5c:77:d6:67:
b1:70:96:f9:eb:69:a9:af:e4:80:fa:d8:38:fc:67:
4d:ac:18:9f:9d:3f:0e:6c:a2:c4:dc:3d:e2:bb:94:
04:8b:34:6e:1e:87:b3:2f:5a:ec:5b:db:62:15:74:
26:9e:ed:f4:de:ae:a7:51:bc:b2:ca:f0:a1:52:34:
3c:c3:c9:76:e9:5f:9e:98:e5:fb:9d:a0:99:e4:11:
6d:03:6d:51:8e:80:d0:84:f4:f1:16:0a:a4:35:7b:
a4:40:31:fd:e8:82:e8:d0:73:9d:d4:7b:f4:36:58:
fe:5b:f8:90:aa:c4:db:a5:7b:73:eb:fc:46:23:99:
fc:ef:2d:93:d6:fa:83:bf:b6:7a:a3:6b:fd:42:16:
36:66:48:d8:1c:67:4e:28:d4:b3:be:df:f8:0b:ce:
c1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:26:F3:E5:80:0D:1A:D0:C1:BE:87:5C:36:70:F4:CC:B9:96:24:B9
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/CCbz5YANGtDBvodcNnD0zLmWJLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.7.0/24
144.56.13.0/24
144.56.15.0/24
144.56.17.0/24
144.56.20.0/24
144.56.24.0/24
144.56.27.0/24
144.56.29.0/24
144.56.33.0-144.56.35.255
144.56.37.0/24
144.56.41.0/24
144.56.50.0/23
144.56.71.0/24
144.56.98.0/24
144.56.102.0/24
144.56.108.0/24
144.56.118.0/24
144.56.125.0/24
144.56.129.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:1f:3a:e9:a8:f2:47:05:e7:44:d4:c8:c5:68:b5:ab:fb:5d:
cd:7a:04:65:8a:ff:7c:41:25:8e:b2:58:2c:c1:1f:9b:19:92:
72:0a:41:bf:a8:6d:8a:71:8c:f4:8e:c3:39:04:8b:a7:c7:e1:
10:69:40:a4:22:3e:c0:74:03:a5:cd:88:ff:08:24:1e:de:63:
49:74:00:8f:ba:2e:14:00:18:1a:39:62:e3:48:c0:c6:06:04:
7b:2f:bd:51:61:c8:fe:94:0f:c9:05:9a:22:14:12:a8:8a:c8:
02:3d:d6:66:e1:c6:bf:77:d1:94:e6:ac:56:dc:d0:b8:54:a3:
e4:8b:c8:e2:f3:81:cc:6d:80:c3:69:c4:45:88:1a:14:02:72:
4a:c3:18:3d:9a:0b:a1:23:aa:a0:37:88:fd:4a:b7:ac:2f:2e:
a1:fd:90:48:42:04:8c:8a:cf:23:30:89:55:c0:a0:e0:a4:61:
76:c4:52:fa:6e:e7:7a:7b:29:58:3f:2c:95:7e:b7:6d:b2:b5:
7a:13:78:bc:b8:33:84:5c:7f:8e:e4:54:3c:33:7d:5d:b2:3f:
40:30:fe:fb:4e:f5:ff:4e:f9:f2:e7:82:9a:25:d1:ee:ea:6d:
6d:d9:5e:6d:c2:4e:e1:d6:46:fd:2f:65:ee:dd:48:54:54:46:
16:38:cc:62
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZk5DjH5YyaZ9d7g+kQD026dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTExMTM1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODI2ZjNlNTgwMGQxYWQwYzFiZTg3NWMzNjcwZjRjY2I5OTYyNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMFzCmAx1OpQfQfrQt3+hV7qR97g
xtXNqBvhfvyGQXrQxZ1gAdsnnihhy7ILoCtMfOWRyq6RQRELX0V8l6rlAslP9YVN
+HzaEC/gioF1r/ehnALoN4aK5s9WU09TK+eNEL6Enlx31mexcJb562mpr+SA+tg4
/GdNrBifnT8ObKLE3D3iu5QEizRuHoezL1rsW9tiFXQmnu303q6nUbyyyvChUjQ8
w8l26V+emOX7naCZ5BFtA21RjoDQhPTxFgqkNXukQDH96ILo0HOd1Hv0Nlj+W/iQ
qsTbpXtz6/xGI5n87y2T1vqDv7Z6o2v9QhY2ZkjYHGdOKNSzvt/4C87BcwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFAgm8+WADRrQwb6HXDZw9My5liS5MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvQ0NiejVZQU5HdERCdm9kY05uRDB6TG1XSkxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAJA4
BwMEAJA4DQMEAJA4DwMEAJA4EQMEAJA4FAMEAJA4GAMEAJA4GwMEAJA4HTAMAwQA
kDghAwQCkDggAwQAkDglAwQAkDgpAwQBkDgyAwQAkDhHAwQAkDhiAwQAkDhmAwQA
kDhsAwQAkDh2AwQAkDh9AwQAkDiBMA0GCSqGSIb3DQEBCwUAA4IBAQCzHzrpqPJH
BedE1MjFaLWr+13NegRliv98QSWOslgswR+bGZJyCkG/qG2KcYz0jsM5BIunx+EQ
aUCkIj7AdAOlzYj/CCQe3mNJdACPui4UABgaOWLjSMDGBgR7L71RYcj+lA/JBZoi
FBKoisgCPdZm4ca/d9GU5qxW3NC4VKPki8ji84HMbYDDacRFiBoUAnJKwxg9mguh
I6qgN4j9SresLy6h/ZBIQgSMis8jMIlVwKDgpGF2xFL6bud6eylYPyyVfrdtsrV6
E3i8uDOEXH+O5FQ8M31dsj9AMP77TvX/Tvny54KaJdHu6m1t2V5twk7h1kb9L2Xu
3UhUVEYWOMxi
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:02:26 2025 by rpki-client