Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/kA6CHPfPdas7hoxpTjyG1FQEu_U.roa
File: kA6CHPfPdas7hoxpTjyG1FQEu_U.roa (raw, json)
Hash identifier: URBA5QHXvsO4eLiy7HZHrf75n0PShSo0ZJWH9NZIu7o=
Subject key identifier: 90:0E:82:1C:F7:CF:75:AB:3B:86:8C:69:4E:3C:86:D4:54:04:BB:F5
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0199488F0182D1DB34797D687318BA79A59C
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/kA6CHPfPdas7hoxpTjyG1FQEu_U.roa
Signing time: Sun 14 Sep 2025 14:09:15 +0000
ROA not before: Sun 14 Sep 2025 14:09:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 144.56.8.0/24 maxlen: 24
144.56.10.0/24 maxlen: 24
144.56.11.0/24 maxlen: 24
144.56.18.0/24 maxlen: 24
144.56.19.0/24 maxlen: 24
144.56.25.0/24 maxlen: 24
144.56.26.0/24 maxlen: 24
144.56.30.0/24 maxlen: 24
144.56.32.0/24 maxlen: 24
144.56.54.0/24 maxlen: 24
144.56.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:48:8f:01:82:d1:db:34:79:7d:68:73:18:ba:79:a5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Sep 14 14:09:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=900e821cf7cf75ab3b868c694e3c86d45404bbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3e:68:b8:2e:ee:a6:15:48:fa:8f:96:e6:0e:
b2:19:b8:b4:d0:a3:1f:fb:59:f5:26:ed:7f:e6:67:
7e:ec:97:37:14:01:27:e5:62:bf:bf:89:d2:0f:84:
e3:7b:1d:45:cd:45:3b:fb:b8:90:81:ce:97:45:77:
96:f7:22:e5:3d:fd:36:ef:2a:29:e9:ef:7c:00:de:
48:ef:fc:b7:4f:17:24:c0:29:a8:39:12:6b:50:bc:
d1:6c:60:c9:c1:a3:f7:06:46:97:de:4d:6b:ac:ec:
c8:3a:40:13:72:cf:72:bb:20:d8:d6:33:ad:5b:9b:
50:68:11:47:c3:6a:ae:fb:fa:bf:59:62:51:3e:8d:
d8:0e:06:07:11:8d:a9:e1:17:68:0c:89:b3:e4:dc:
67:84:d3:d3:b8:54:fb:7e:65:9d:37:67:60:7e:33:
b8:be:06:65:5a:d2:3f:88:87:31:b8:83:63:35:3b:
93:a2:7b:7d:53:41:01:93:20:6a:30:6b:43:53:b1:
8f:4a:bf:b5:cd:39:30:2e:45:58:24:a5:48:9f:24:
b4:53:ae:50:8c:cd:02:fa:38:38:35:a3:ab:d0:7d:
72:62:9b:5a:95:85:34:6a:84:ea:d1:f1:a2:dd:29:
5b:c5:ff:85:7e:57:07:63:5d:2a:8f:45:8d:08:11:
d2:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0E:82:1C:F7:CF:75:AB:3B:86:8C:69:4E:3C:86:D4:54:04:BB:F5
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/kA6CHPfPdas7hoxpTjyG1FQEu_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.8.0/24
144.56.10.0/23
144.56.18.0/23
144.56.25.0-144.56.26.255
144.56.30.0/24
144.56.32.0/24
144.56.54.0/24
144.56.74.0/24
Signature Algorithm: sha256WithRSAEncryption
88:02:6e:91:e7:54:27:07:41:4d:41:6d:cd:c1:23:c3:bd:73:
a7:e1:73:3e:8a:8c:23:8c:5a:62:74:c6:51:f2:9e:cb:5b:b0:
d6:65:5a:54:b2:ec:f0:22:a4:26:27:65:09:5d:52:f3:93:4a:
f8:52:f3:d3:b3:e0:60:80:fe:4d:a5:55:b4:ed:fa:57:75:cc:
18:e5:bd:67:c4:ac:f9:1c:82:13:b2:d0:2e:16:8e:6e:0d:e0:
be:30:c0:d7:85:be:c7:5d:bf:e6:40:46:5e:45:68:b6:8f:5f:
64:38:3b:9e:a9:48:87:ca:bb:02:6d:4f:47:72:2f:07:52:ac:
63:e6:6a:64:08:8f:63:19:73:e6:98:61:ad:aa:c7:c1:bb:48:
6f:ba:d3:98:e3:5d:cf:3c:4e:fd:99:29:75:53:66:b9:8f:35:
f0:2e:fd:08:78:12:0d:0f:7a:79:78:b8:be:95:c6:eb:e3:c6:
31:cd:50:fe:e7:48:7c:fc:a7:0f:bf:42:77:57:9e:70:e6:03:
1f:3e:23:c8:73:52:d2:40:96:70:04:76:13:b3:e0:a4:de:32:
36:00:6d:80:7f:c8:d2:a8:a5:4c:ea:de:11:c3:0f:83:f9:c7:
a2:c7:bc:46:41:25:76:32:a8:be:49:94:63:36:ef:54:72:f9:
6b:1e:c3:c9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZlIjwGC0ds0eX1ocxi6eaWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTE0MTQwOTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBlODIxY2Y3Y2Y3NWFiM2I4NjhjNjk0ZTNjODZkNDU0MDRiYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj5ouC7uphVI+o+W5g6yGbi00KMf
+1n1Ju1/5md+7Jc3FAEn5WK/v4nSD4Tjex1FzUU7+7iQgc6XRXeW9yLlPf027yop
6e98AN5I7/y3TxckwCmoORJrULzRbGDJwaP3BkaX3k1rrOzIOkATcs9yuyDY1jOt
W5tQaBFHw2qu+/q/WWJRPo3YDgYHEY2p4RdoDImz5NxnhNPTuFT7fmWdN2dgfjO4
vgZlWtI/iIcxuINjNTuTont9U0EBkyBqMGtDU7GPSr+1zTkwLkVYJKVInyS0U65Q
jM0C+jg4NaOr0H1yYptalYU0aoTq0fGi3Slbxf+FflcHY10qj0WNCBHS+wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJAOghz3z3WrO4aMaU48htRUBLv1MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEva0E2Q0hQZlBkYXM3aG94cFRqeUcxRlFFdV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAkDgIAwQB
kDgKAwQBkDgSMAwDBACQOBkDBACQOBoDBACQOB4DBACQOCADBACQODYDBACQOEow
DQYJKoZIhvcNAQELBQADggEBAIgCbpHnVCcHQU1Bbc3BI8O9c6fhcz6KjCOMWmJ0
xlHynstbsNZlWlSy7PAipCYnZQldUvOTSvhS89Oz4GCA/k2lVbTt+ld1zBjlvWfE
rPkcghOy0C4Wjm4N4L4wwNeFvsddv+ZARl5FaLaPX2Q4O56pSIfKuwJtT0dyLwdS
rGPmamQIj2MZc+aYYa2qx8G7SG+605jjXc88Tv2ZKXVTZrmPNfAu/Qh4Eg0Penl4
uL6VxuvjxjHNUP7nSHz8pw+/QndXnnDmAx8+I8hzUtJAlnAEdhOz4KTeMjYAbYB/
yNKopUzq3hHDD4P5x6LHvEZBJXYyqL5JlGM271Ry+Wsew8k=
-----END CERTIFICATE-----
Generated at Thu Sep 18 13:58:49 2025 by rpki-client