Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/LwRzawkBnQsBjSFO0jcLL-E76Ao.roa
File: LwRzawkBnQsBjSFO0jcLL-E76Ao.roa (raw, json)
Hash identifier: xpJVPz/S6MxX3bbXw867xnZLOrxdUJBffzWqUhcrFW0=
Subject key identifier: 2F:04:73:6B:09:01:9D:0B:01:8D:21:4E:D2:37:0B:2F:E1:3B:E8:0A
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0199356107CC677FD3FA5B981D8A23D9CF87
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/LwRzawkBnQsBjSFO0jcLL-E76Ao.roa
Signing time: Wed 10 Sep 2025 20:46:15 +0000
ROA not before: Wed 10 Sep 2025 20:46:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.40.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
144.56.93.0/24 maxlen: 24
144.56.94.0/24 maxlen: 24
144.56.95.0/24 maxlen: 24
144.56.97.0/24 maxlen: 24
144.56.99.0/24 maxlen: 24
144.56.100.0/24 maxlen: 24
144.56.101.0/24 maxlen: 24
144.56.103.0/24 maxlen: 24
144.56.106.0/24 maxlen: 24
144.56.115.0/24 maxlen: 24
144.56.116.0/24 maxlen: 24
144.56.117.0/24 maxlen: 24
144.56.119.0/24 maxlen: 24
144.56.120.0/24 maxlen: 24
144.56.121.0/24 maxlen: 24
144.56.122.0/24 maxlen: 24
144.56.124.0/24 maxlen: 24
144.56.127.0/24 maxlen: 24
144.56.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:35:61:07:cc:67:7f:d3:fa:5b:98:1d:8a:23:d9:cf:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Sep 10 20:46:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f04736b09019d0b018d214ed2370b2fe13be80a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5e:61:d0:28:09:73:d5:91:72:f2:57:db:98:
a8:08:b6:2d:fa:9c:bd:1e:ad:37:b9:23:4f:02:4b:
74:e3:a1:1a:ad:b1:ac:2e:88:a3:a9:d8:4a:1a:25:
3f:40:e5:e0:6c:fd:fc:cd:96:e0:e7:ed:6a:be:d3:
dc:9b:95:74:f9:57:08:e3:a0:c7:f4:40:66:4f:ae:
41:89:dd:8e:22:c6:a9:07:f6:ec:4d:c3:85:bb:4e:
14:57:99:fd:fa:b9:ed:89:16:9a:e1:4d:cb:2e:e6:
32:7d:47:d8:33:0d:7a:b2:10:1b:06:fd:35:4f:91:
b0:04:0b:84:19:e8:9d:8f:21:06:21:8c:1d:f2:70:
32:46:03:e7:be:57:b1:34:71:4a:01:d9:6c:22:2f:
13:0a:ab:d6:b8:f7:32:55:da:2f:f5:c2:e4:31:0c:
d2:70:2f:23:3a:49:26:c7:c2:5e:78:b3:e7:90:41:
18:5c:a9:e3:8d:dd:af:c5:88:dd:49:3e:69:ea:cb:
2e:ea:19:fd:f2:79:6f:58:5e:80:f1:36:50:16:dc:
56:1e:bf:ad:ba:f6:e5:76:58:f3:25:54:23:a3:c7:
23:16:02:c4:df:cc:59:89:1f:a8:b5:6c:8a:3b:c8:
07:f7:d1:cd:9c:f4:10:d3:4b:3c:d8:23:db:06:0e:
c2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:04:73:6B:09:01:9D:0B:01:8D:21:4E:D2:37:0B:2F:E1:3B:E8:0A
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/LwRzawkBnQsBjSFO0jcLL-E76Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.23.0/24
144.56.36.0/24
144.56.38.0/24
144.56.40.0/24
144.56.76.0/24
144.56.93.0-144.56.95.255
144.56.97.0/24
144.56.99.0-144.56.101.255
144.56.103.0/24
144.56.106.0/24
144.56.115.0-144.56.117.255
144.56.119.0-144.56.122.255
144.56.124.0/24
144.56.127.0-144.56.128.255
Signature Algorithm: sha256WithRSAEncryption
1d:21:02:9a:8d:d2:aa:91:0d:f5:ee:37:8d:6a:c1:f3:79:66:
63:03:ef:36:5b:51:0e:6c:08:df:79:23:92:9e:34:a7:6c:4f:
58:11:91:f0:78:e9:73:ea:a7:6b:bc:05:51:49:ac:dd:04:99:
f7:32:85:5f:bb:31:74:54:33:03:16:40:ad:c9:4d:5c:ef:46:
75:1b:a1:14:d5:33:19:c3:bc:f2:5e:ba:f3:9a:d8:b5:44:b7:
67:10:01:ac:5e:4c:54:b0:a3:3f:de:71:93:cd:5d:05:ce:44:
dd:30:ce:96:9d:a7:34:a2:d0:9c:f8:65:43:7e:1d:e2:9a:cf:
37:ce:b8:40:63:b2:8e:c5:0f:99:88:f0:d2:2a:9b:6c:fe:63:
a8:5e:0f:2b:37:83:63:ee:88:3d:2c:bb:fd:2d:19:c2:0c:67:
95:e5:78:ff:6c:ee:33:6c:7c:40:e2:31:8f:6f:92:47:a4:50:
ad:e2:d4:8d:f5:ae:5b:57:18:15:74:72:bd:66:3b:fc:d0:cc:
b6:e3:a9:30:8a:b3:5d:ce:10:2f:09:14:4f:49:24:34:de:3b:
70:c0:e5:a7:03:33:1c:4c:13:11:f3:cb:2d:f2:37:b9:b1:c9:
24:ff:37:13:3e:39:5f:80:e2:53:95:05:52:00:0a:53:17:14:
ec:a3:ef:a6
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZk1YQfMZ3/T+luYHYoj2c+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTEwMjA0NjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjA0NzM2YjA5MDE5ZDBiMDE4ZDIxNGVkMjM3MGIyZmUxM2JlODBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V5h0CgJc9WRcvJX25ioCLYt+py9
Hq03uSNPAkt046EarbGsLoijqdhKGiU/QOXgbP38zZbg5+1qvtPcm5V0+VcI46DH
9EBmT65Bid2OIsapB/bsTcOFu04UV5n9+rntiRaa4U3LLuYyfUfYMw16shAbBv01
T5GwBAuEGeidjyEGIYwd8nAyRgPnvlexNHFKAdlsIi8TCqvWuPcyVdov9cLkMQzS
cC8jOkkmx8JeeLPnkEEYXKnjjd2vxYjdST5p6ssu6hn98nlvWF6A8TZQFtxWHr+t
uvbldljzJVQjo8cjFgLE38xZiR+otWyKO8gH99HNnPQQ00s82CPbBg7CZQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFC8Ec2sJAZ0LAY0hTtI3Cy/hO+gKMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvTHdSemF3a0JuUXNCalNGTzBqY0xMLUU3NkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBACQ
OA0DBACQOBcDBACQOCQDBACQOCYDBACQOCgDBACQOEwwDAMEAJA4XQMEBZA4QAME
AJA4YTAMAwQAkDhjAwQBkDhkAwQAkDhnAwQAkDhqMAwDBACQOHMDBAGQOHQwDAME
AJA4dwMEAJA4egMEAJA4fDAMAwQAkDh/AwQAkDiAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdIQKajdKqkQ317jeNasHzeWZjA+82W1EObAjfeSOSnjSnbE9YEZHweOlz6qdr
vAVRSazdBJn3MoVfuzF0VDMDFkCtyU1c70Z1G6EU1TMZw7zyXrrzmti1RLdnEAGs
XkxUsKM/3nGTzV0FzkTdMM6Wnac0otCc+GVDfh3ims83zrhAY7KOxQ+ZiPDSKpts
/mOoXg8rN4Nj7og9LLv9LRnCDGeV5Xj/bO4zbHxA4jGPb5JHpFCt4tSN9a5bVxgV
dHK9Zjv80My246kwirNdzhAvCRRPSSQ03jtwwOWnAzMcTBMR88st8je5sckk/zcT
PjlfgOJTlQVSAApTFxTso++m
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:25:42 2025 by rpki-client