Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/IP3SbzCzrnAAxPssLmjl5qAuXoI.roa
File: IP3SbzCzrnAAxPssLmjl5qAuXoI.roa (raw, json)
Hash identifier: hNLmD1W+QN2f7iG3Q9COzZlD7x81+74weJVmNwFG0ok=
Subject key identifier: 20:FD:D2:6F:30:B3:AE:70:00:C4:FB:2C:2E:68:E5:E6:A0:2E:5E:82
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019807B2B4D709F8291AF6C1D22C91D51628
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/IP3SbzCzrnAAxPssLmjl5qAuXoI.roa
Signing time: Mon 14 Jul 2025 06:50:08 +0000
ROA not before: Mon 14 Jul 2025 06:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.15.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.50.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
144.56.95.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:b2:b4:d7:09:f8:29:1a:f6:c1:d2:2c:91:d5:16:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jul 14 06:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20fdd26f30b3ae7000c4fb2c2e68e5e6a02e5e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e6:b0:34:06:72:7d:1b:e8:1f:01:f7:16:52:
30:76:20:7c:4e:56:c1:6e:b4:2f:a5:a3:ff:5a:2b:
f8:5e:93:cd:e9:51:ca:94:39:17:da:2c:a2:fd:16:
e5:23:fc:0f:12:0a:8b:71:04:f6:ea:2f:20:d7:5b:
b6:f8:a5:11:fc:75:68:a4:75:90:99:ee:f7:81:47:
88:39:2a:d0:e8:37:5d:12:33:51:98:15:39:4f:8f:
31:3a:07:e2:89:81:d4:62:58:e7:af:5b:3d:d2:3e:
e9:5c:3f:37:3a:a1:49:c8:20:1e:a5:9f:85:9f:a3:
c8:c2:4f:18:86:95:15:68:28:cf:d7:58:03:6e:20:
5b:a0:c7:20:44:05:6b:9f:d1:49:df:dd:3a:64:84:
46:4e:1c:ec:0a:0f:b9:2d:dd:f4:16:d1:68:71:6e:
49:13:24:92:1c:54:35:cd:0b:5f:d6:5d:33:20:0c:
6e:53:e6:d5:f9:fd:2e:17:aa:f2:c7:07:cd:fc:0c:
59:f0:bb:f4:a5:02:00:3a:1f:20:21:c1:70:24:2b:
23:f8:82:4a:7b:ef:13:fa:cc:89:ad:bb:c0:36:18:
f2:29:b0:a6:e9:f5:0a:a7:cf:98:0f:cf:91:94:03:
0b:5e:6d:3f:d1:34:f9:57:ff:a7:47:59:f2:29:42:
26:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FD:D2:6F:30:B3:AE:70:00:C4:FB:2C:2E:68:E5:E6:A0:2E:5E:82
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/IP3SbzCzrnAAxPssLmjl5qAuXoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.15.0/24
144.56.17.0/24
144.56.20.0/24
144.56.24.0/24
144.56.27.0/24
144.56.29.0/24
144.56.33.0-144.56.34.255
144.56.50.0/23
144.56.71.0/24
144.56.95.0/24
144.56.125.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:af:82:b2:a3:e6:89:25:26:df:54:5e:1f:3d:cf:0c:95:3d:
89:b2:b2:c6:7c:22:8b:26:76:f4:12:3f:b9:30:e4:68:c1:13:
8a:c8:26:17:7b:29:07:c1:1e:cf:73:2c:39:1f:3d:51:6f:bf:
2b:97:e5:08:c6:2c:fb:77:01:7c:15:be:88:ef:65:80:87:36:
18:a1:70:49:2b:da:e8:da:77:3b:36:c6:55:a6:15:ee:65:a6:
86:49:88:c1:63:77:6d:b3:f7:6f:09:1e:e1:9e:cf:5a:f6:99:
9a:6e:bd:27:f7:ad:9a:71:f4:1d:a6:54:2e:d1:cc:8b:3f:c0:
e9:09:59:1c:47:b2:47:d0:38:36:fc:79:c7:f1:b2:80:15:77:
4a:af:c4:3f:3b:26:7c:ba:2c:36:cb:63:77:71:bd:7e:2c:4f:
c6:c5:d8:8b:dc:3a:c1:c5:cc:a1:f2:18:97:29:2a:a3:40:1b:
3b:27:0a:12:3e:54:e5:52:9b:be:e5:6f:19:11:b1:d9:09:f0:
e4:d6:bf:a8:37:90:1d:15:54:3c:ae:b0:0e:52:e9:c2:03:6c:
a4:3e:5b:c9:a0:cc:b0:8f:7c:58:4e:d9:02:0b:50:7d:2b:69:
fe:58:e9:06:c6:61:db:72:7d:ea:4d:84:84:90:53:b9:dc:e4:
58:32:82:be
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZgHsrTXCfgpGvbB0iyR1RYoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNzE0MDY1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGZkZDI2ZjMwYjNhZTcwMDBjNGZiMmMyZTY4ZTVlNmEwMmU1ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuawNAZyfRvoHwH3FlIwdiB8TlbB
brQvpaP/Wiv4XpPN6VHKlDkX2iyi/RblI/wPEgqLcQT26i8g11u2+KUR/HVopHWQ
me73gUeIOSrQ6DddEjNRmBU5T48xOgfiiYHUYljnr1s90j7pXD83OqFJyCAepZ+F
n6PIwk8YhpUVaCjP11gDbiBboMcgRAVrn9FJ3906ZIRGThzsCg+5Ld30FtFocW5J
EySSHFQ1zQtf1l0zIAxuU+bV+f0uF6ryxwfN/AxZ8Lv0pQIAOh8gIcFwJCsj+IJK
e+8T+syJrbvANhjyKbCm6fUKp8+YD8+RlAMLXm0/0TT5V/+nR1nyKUImKwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFCD90m8ws65wAMT7LC5o5eagLl6CMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvSVAzU2J6Q3pybkFBeFBzc0xtamw1cUF1WG9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAkDgNAwQA
kDgPAwQAkDgRAwQAkDgUAwQAkDgYAwQAkDgbAwQAkDgdMAwDBACQOCEDBACQOCID
BAGQODIDBACQOEcDBACQOF8DBACQOH0wDQYJKoZIhvcNAQELBQADggEBAEqvgrKj
5oklJt9UXh89zwyVPYmyssZ8IosmdvQSP7kw5GjBE4rIJhd7KQfBHs9zLDkfPVFv
vyuX5QjGLPt3AXwVvojvZYCHNhihcEkr2ujadzs2xlWmFe5lpoZJiMFjd22z928J
HuGez1r2mZpuvSf3rZpx9B2mVC7RzIs/wOkJWRxHskfQODb8ecfxsoAVd0qvxD87
Jny6LDbLY3dxvX4sT8bF2IvcOsHFzKHyGJcpKqNAGzsnChI+VOVSm77lbxkRsdkJ
8OTWv6g3kB0VVDyusA5S6cIDbKQ+W8mgzLCPfFhO2QILUH0raf5Y6QbGYdtyfepN
hISQU7nc5Fgygr4=
-----END CERTIFICATE-----
Generated at Wed Jul 30 04:25:05 2025 by rpki-client