Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/h3gWLSThwL6DUDDREs6d7U-DVOw.roa
File: h3gWLSThwL6DUDDREs6d7U-DVOw.roa (raw, json)
Hash identifier: N17FtwgaAloXxF57YCyI/BL/WpMKtmt9tNiGeSHJCZA=
Subject key identifier: 87:78:16:2D:24:E1:C0:BE:83:50:30:D1:12:CE:9D:ED:4F:83:54:EC
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019ED3F961C3054F73DA8EBDC6C35F8A8AA3
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/h3gWLSThwL6DUDDREs6d7U-DVOw.roa
Signing time: Wed 17 Jun 2026 05:06:36 +0000
ROA not before: Wed 17 Jun 2026 05:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 144.56.7.0/24 maxlen: 24
144.56.9.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
144.56.72.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
144.56.78.0/24 maxlen: 24
144.56.80.0/24 maxlen: 24
144.56.81.0/24 maxlen: 24
144.56.84.0/24 maxlen: 24
144.56.85.0/24 maxlen: 24
144.56.86.0/24 maxlen: 24
144.56.88.0/24 maxlen: 24
144.56.91.0/24 maxlen: 24
144.56.93.0/24 maxlen: 24
144.56.94.0/24 maxlen: 24
144.56.97.0/24 maxlen: 24
144.56.98.0/24 maxlen: 24
144.56.99.0/24 maxlen: 24
144.56.100.0/24 maxlen: 24
144.56.101.0/24 maxlen: 24
144.56.102.0/24 maxlen: 24
144.56.103.0/24 maxlen: 24
144.56.105.0/24 maxlen: 24
144.56.106.0/24 maxlen: 24
144.56.107.0/24 maxlen: 24
144.56.108.0/24 maxlen: 24
144.56.112.0/24 maxlen: 24
144.56.117.0/24 maxlen: 24
144.56.118.0/24 maxlen: 24
144.56.119.0/24 maxlen: 24
144.56.121.0/24 maxlen: 24
144.56.122.0/24 maxlen: 24
144.56.124.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
144.56.126.0/24 maxlen: 24
144.56.127.0/24 maxlen: 24
144.56.128.0/24 maxlen: 24
144.56.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d3:f9:61:c3:05:4f:73:da:8e:bd:c6:c3:5f:8a:8a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 17 05:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8778162d24e1c0be835030d112ce9ded4f8354ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:98:ad:cf:79:b5:fe:5b:a2:87:11:ee:fb:6a:
2a:17:cd:29:9e:4a:76:d8:80:6c:d6:4c:04:db:69:
7b:d6:ff:e2:44:7c:a8:32:6f:7a:71:51:cf:3d:3b:
27:6a:e2:50:9d:56:06:7e:70:af:84:9c:3e:e5:94:
53:be:26:42:45:e0:b0:3b:d3:63:ab:cc:da:27:e0:
2b:b1:89:3f:ae:f0:5a:bc:e6:d5:f8:6e:15:9d:42:
70:25:df:7a:15:52:a4:18:80:42:1a:e3:51:12:af:
c7:2b:aa:2c:ce:e2:bf:66:ab:14:ee:bd:54:67:31:
4d:4d:0c:3c:00:10:93:30:42:f8:1a:84:5e:07:23:
1f:07:da:b2:e0:a6:5c:0a:74:4e:4e:ed:80:25:9a:
ca:95:a3:36:14:00:9b:1e:37:5b:b4:83:42:68:2f:
0f:b9:fa:e9:32:78:39:d2:ab:98:f8:69:41:48:77:
d6:ca:c5:4e:49:ae:84:47:96:8e:e6:7c:5d:56:5f:
68:a9:2e:d5:07:ba:1f:e4:8b:57:dd:70:fc:c1:a7:
22:fe:81:a0:93:b6:5a:d1:a6:8d:c1:d3:f9:21:8b:
b0:24:6f:9e:19:97:de:2f:fc:97:29:4d:de:3d:3f:
a3:7f:a2:75:d1:59:4d:f1:5f:8e:b5:fc:c5:80:de:
82:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:78:16:2D:24:E1:C0:BE:83:50:30:D1:12:CE:9D:ED:4F:83:54:EC
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/h3gWLSThwL6DUDDREs6d7U-DVOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.7.0/24
144.56.9.0/24
144.56.13.0/24
144.56.17.0/24
144.56.24.0/24
144.56.27.0/24
144.56.29.0/24
144.56.31.0/24
144.56.34.0/24
144.56.36.0/24
144.56.41.0/24
144.56.51.0/24
144.56.71.0-144.56.72.255
144.56.76.0/24
144.56.78.0/24
144.56.80.0/23
144.56.84.0-144.56.86.255
144.56.88.0/24
144.56.91.0/24
144.56.93.0-144.56.94.255
144.56.97.0-144.56.103.255
144.56.105.0-144.56.108.255
144.56.112.0/24
144.56.117.0-144.56.119.255
144.56.121.0-144.56.122.255
144.56.124.0-144.56.129.255
Signature Algorithm: sha256WithRSAEncryption
35:c8:a8:a0:c5:17:b9:05:44:4e:e8:e7:f0:ef:f9:1f:0a:c7:
7c:c1:33:18:e0:1f:c7:45:b0:21:fe:3b:be:b3:dc:70:3b:88:
8c:70:e3:66:a4:df:13:82:f5:15:3b:34:25:88:ca:cf:b0:74:
c9:ce:d3:07:81:13:7c:3b:b0:95:bd:64:25:f7:e9:d9:d9:6d:
ee:c5:20:67:c3:ea:34:14:91:08:ef:06:ba:c1:8f:a3:fb:1b:
19:62:32:bf:27:b3:0b:37:f3:f6:b5:d4:e3:1f:47:1a:3b:b6:
a8:27:e1:52:ca:a6:aa:a2:9e:fa:a1:b7:0d:28:69:d6:fb:b9:
f7:01:89:98:93:e5:ad:7c:3d:99:de:7b:c9:68:a0:db:82:c2:
bd:59:f2:34:6f:29:64:4e:2b:eb:e2:0e:96:51:54:8e:38:a4:
23:f2:dc:39:53:55:25:5c:63:30:92:f9:3d:67:d1:7c:1a:23:
c5:a7:f8:20:ce:d1:2a:86:ce:c8:24:0f:a3:2d:d9:aa:15:3a:
af:11:f2:be:a9:d7:f6:6c:79:73:50:58:68:2c:8e:10:85:21:
af:77:62:44:03:81:ba:03:f9:b2:e0:35:d7:05:aa:2f:9e:d4:
d2:74:f1:29:d9:a8:73:e9:c9:77:9b:83:e2:7e:0d:3f:6d:33:
79:37:c8:e1
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZ7T+WHDBU9z2o69xsNfioqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjYwNjE3MDUwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzc4MTYyZDI0ZTFjMGJlODM1MDMwZDExMmNlOWRlZDRmODM1NGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpitz3m1/luihxHu+2oqF80pnkp2
2IBs1kwE22l71v/iRHyoMm96cVHPPTsnauJQnVYGfnCvhJw+5ZRTviZCReCwO9Nj
q8zaJ+ArsYk/rvBavObV+G4VnUJwJd96FVKkGIBCGuNREq/HK6oszuK/ZqsU7r1U
ZzFNTQw8ABCTMEL4GoReByMfB9qy4KZcCnROTu2AJZrKlaM2FACbHjdbtINCaC8P
ufrpMng50quY+GlBSHfWysVOSa6ER5aO5nxdVl9oqS7VB7of5ItX3XD8waci/oGg
k7Za0aaNwdP5IYuwJG+eGZfeL/yXKU3ePT+jf6J10VlN8V+OtfzFgN6CcQIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFId4Fi0k4cC+g1Aw0RLOne1Pg1TsMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvaDNnV0xTVGh3TDZEVUREUkVzNmQ3VS1EVk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBACQ
OAcDBACQOAkDBACQOA0DBACQOBEDBACQOBgDBACQOBsDBACQOB0DBACQOB8DBACQ
OCIDBACQOCQDBACQOCkDBACQODMwDAMEAJA4RwMEAJA4SAMEAJA4TAMEAJA4TgME
AZA4UDAMAwQCkDhUAwQAkDhWAwQAkDhYAwQAkDhbMAwDBACQOF0DBACQOF4wDAME
AJA4YQMEA5A4YDAMAwQAkDhpAwQAkDhsAwQAkDhwMAwDBACQOHUDBAOQOHAwDAME
AJA4eQMEAJA4ejAMAwQCkDh8AwQBkDiAMA0GCSqGSIb3DQEBCwUAA4IBAQA1yKig
xRe5BURO6Ofw7/kfCsd8wTMY4B/HRbAh/ju+s9xwO4iMcONmpN8TgvUVOzQliMrP
sHTJztMHgRN8O7CVvWQl9+nZ2W3uxSBnw+o0FJEI7wa6wY+j+xsZYjK/J7MLN/P2
tdTjH0caO7aoJ+FSyqaqop76obcNKGnW+7n3AYmYk+WtfD2Z3nvJaKDbgsK9WfI0
bylkTivr4g6WUVSOOKQj8tw5U1UlXGMwkvk9Z9F8GiPFp/ggztEqhs7IJA+jLdmq
FTqvEfK+qdf2bHlzUFhoLI4QhSGvd2JEA4G6A/my4DXXBaovntTSdPEp2ahz6cl3
m4Pifg0/bTN5N8jh
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:00:08 2026 by rpki-client