Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/X9tWbBxugvIcQLRorh-G4_xPtgs.roa
File: X9tWbBxugvIcQLRorh-G4_xPtgs.roa (raw, json)
Hash identifier: 3VfPHtIH4HNv2TQTtkJsG3hzLWIxbKgozh/jvEgmyR8=
Subject key identifier: 5F:DB:56:6C:1C:6E:82:F2:1C:40:B4:68:AE:1F:86:E3:FC:4F:B6:0B
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0197C25B24E633A5BB3D4B882E7777EAF065
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/X9tWbBxugvIcQLRorh-G4_xPtgs.roa
Signing time: Mon 30 Jun 2025 19:40:42 +0000
ROA not before: Mon 30 Jun 2025 19:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:5b:24:e6:33:a5:bb:3d:4b:88:2e:77:77:ea:f0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 30 19:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fdb566c1c6e82f21c40b468ae1f86e3fc4fb60b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c3:b6:f1:4c:5a:38:27:e7:39:73:73:28:07:
be:66:bc:ab:d1:31:24:98:a6:b3:e1:58:aa:1a:d7:
ee:96:c2:5c:6c:95:a5:b4:0e:54:90:cd:4e:72:5e:
d9:16:a0:08:c2:27:13:48:87:bd:2a:42:6d:47:a2:
6c:a6:f5:89:67:6e:91:2d:3c:50:b8:12:ef:5e:40:
e4:72:42:04:ae:a3:8c:7b:3d:62:18:f9:da:99:c3:
c0:16:3b:82:81:26:1d:58:0a:79:66:70:54:f7:d0:
06:d9:6c:29:1b:f1:ce:12:c5:9c:4a:c9:8b:f5:4d:
96:da:8c:33:de:b2:ef:92:d9:7e:c8:5c:41:37:63:
7a:bf:a1:98:ad:98:2f:f7:6e:59:fb:fe:4f:9e:be:
65:2c:51:52:df:82:ae:d4:6e:3a:8e:ac:f5:d9:88:
d1:e9:ec:94:19:2c:8c:55:14:07:89:ea:a6:0e:bd:
ad:29:e0:44:52:9f:92:3a:da:ea:7a:eb:eb:e9:b4:
57:71:3e:08:26:e9:4f:0e:c0:77:d1:1f:c4:40:0a:
54:27:c0:b0:84:3e:82:4c:b3:32:30:f9:5d:97:ea:
51:44:06:5b:4b:79:1f:ce:e7:1b:35:c3:63:d8:86:
70:b4:81:70:3c:95:1d:39:f5:4f:d3:ab:f7:5f:a2:
36:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DB:56:6C:1C:6E:82:F2:1C:40:B4:68:AE:1F:86:E3:FC:4F:B6:0B
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/X9tWbBxugvIcQLRorh-G4_xPtgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.17.0/24
144.56.20.0/24
144.56.24.0/24
144.56.27.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:01:b5:f9:75:5d:ef:87:e2:74:69:1c:94:e5:8f:a1:78:a7:
67:fc:22:b7:c4:b2:5b:ac:14:73:e4:c9:7b:18:9c:9c:c4:4a:
75:15:30:ab:77:94:d5:bc:f3:0e:f9:49:61:6c:fb:0d:8e:40:
b5:b3:8d:2f:d9:fc:bb:26:a9:5b:6b:17:cf:8b:ef:42:f9:bd:
dd:6e:45:46:38:7a:b2:6f:57:3e:e0:bf:1b:5a:50:ad:cf:2e:
7c:28:ae:41:5f:c4:4a:e2:ac:92:b0:69:0b:1b:06:9e:a1:86:
3b:27:4c:b7:df:77:9f:36:37:d6:70:bb:ed:e1:8d:46:33:b0:
4f:f8:d0:f2:8c:b5:32:ff:d6:e9:b5:63:9d:f7:9f:b9:65:80:
c4:6d:f2:1f:fd:14:97:01:f1:be:27:7c:dd:35:a6:84:63:db:
eb:32:de:d3:71:d5:1b:e6:85:1a:08:59:ed:85:92:57:35:ff:
52:23:cc:5f:f3:35:28:dd:60:9a:50:98:e3:ed:7c:95:22:d9:
a0:59:80:c1:59:3e:29:d3:45:6a:83:77:8a:b3:b2:f9:7b:1e:
dd:8d:e1:61:08:0c:fa:a8:a7:dd:a4:a8:cb:49:82:49:13:53:
30:c3:47:97:21:50:a5:7d:dd:9c:d3:a2:b9:94:c7:f8:85:96:
80:ea:f5:84
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZfCWyTmM6W7PUuILnd36vBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjMwMTk0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmRiNTY2YzFjNmU4MmYyMWM0MGI0NjhhZTFmODZlM2ZjNGZiNjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cO28UxaOCfnOXNzKAe+Zryr0TEk
mKaz4ViqGtfulsJcbJWltA5UkM1Ocl7ZFqAIwicTSIe9KkJtR6JspvWJZ26RLTxQ
uBLvXkDkckIErqOMez1iGPnamcPAFjuCgSYdWAp5ZnBU99AG2WwpG/HOEsWcSsmL
9U2W2owz3rLvktl+yFxBN2N6v6GYrZgv925Z+/5Pnr5lLFFS34Ku1G46jqz12YjR
6eyUGSyMVRQHieqmDr2tKeBEUp+SOtrqeuvr6bRXcT4IJulPDsB30R/EQApUJ8Cw
hD6CTLMyMPldl+pRRAZbS3kfzucbNcNj2IZwtIFwPJUdOfVP06v3X6I2NQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF/bVmwcboLyHEC0aK4fhuP8T7YLMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvWDl0V2JCeHVndkljUUxSb3JoLUc0X3hQdGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkDgNAwQA
kDgRAwQAkDgUAwQAkDgYAwQAkDgbMA0GCSqGSIb3DQEBCwUAA4IBAQC5AbX5dV3v
h+J0aRyU5Y+heKdn/CK3xLJbrBRz5Ml7GJycxEp1FTCrd5TVvPMO+UlhbPsNjkC1
s40v2fy7JqlbaxfPi+9C+b3dbkVGOHqyb1c+4L8bWlCtzy58KK5BX8RK4qySsGkL
GwaeoYY7J0y333efNjfWcLvt4Y1GM7BP+NDyjLUy/9bptWOd95+5ZYDEbfIf/RSX
AfG+J3zdNaaEY9vrMt7TcdUb5oUaCFnthZJXNf9SI8xf8zUo3WCaUJjj7XyVItmg
WYDBWT4p00Vqg3eKs7L5ex7djeFhCAz6qKfdpKjLSYJJE1Mww0eXIVClfd2c06K5
lMf4hZaA6vWE
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:27:32 2025 by rpki-client