Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/rBrLXTtbaFpNMmdOZ1lQtzIs3_Y.roa
File: rBrLXTtbaFpNMmdOZ1lQtzIs3_Y.roa (raw, json)
Hash identifier: BVyl3ZvtBKgJmC3ItVuKwD6mSCVRNqNBYJIW8AiZkl8=
Subject key identifier: AC:1A:CB:5D:3B:5B:68:5A:4D:32:67:4E:67:59:50:B7:32:2C:DF:F6
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01992AD45BA3074755C118AE2D11CF130C72
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/rBrLXTtbaFpNMmdOZ1lQtzIs3_Y.roa
Signing time: Mon 08 Sep 2025 19:36:24 +0000
ROA not before: Mon 08 Sep 2025 19:36:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 144.56.9.0/24 maxlen: 24
144.56.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2a:d4:5b:a3:07:47:55:c1:18:ae:2d:11:cf:13:0c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Sep 8 19:36:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac1acb5d3b5b685a4d32674e675950b7322cdff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:df:ca:0b:80:01:61:3a:3b:df:de:4e:fc:
83:d7:31:64:1e:fe:fb:da:16:5b:b6:99:27:a4:23:
52:13:04:4f:7f:0a:74:ec:78:30:0d:68:9d:db:9e:
7a:14:3d:76:ef:0e:34:e9:14:7b:59:9d:12:a7:e7:
76:03:c2:4c:a5:78:2d:b2:7c:6c:44:0d:80:37:f9:
35:5f:e1:1f:46:21:66:b8:1e:df:ad:63:96:12:2d:
8d:27:b9:2f:68:20:f3:0e:cf:de:cb:b9:98:db:80:
bd:95:7d:28:f6:8f:4f:ea:53:d3:d7:03:aa:5f:fb:
6b:67:cd:dc:2d:0b:78:8c:75:34:83:45:1d:0a:3a:
53:64:a5:5a:06:0b:1a:dd:a2:7e:27:aa:4e:25:ba:
05:d3:dc:e8:fa:2b:aa:19:05:05:9b:21:45:9d:6a:
2c:60:7b:6c:74:e3:68:d0:38:c5:e2:98:f4:e7:8d:
68:7b:c6:8b:bd:42:f6:5a:c1:6b:d8:2e:51:de:22:
80:4e:86:e2:30:c6:fa:42:9b:07:e5:a0:7d:de:84:
cf:55:97:e1:e6:b4:8b:74:65:eb:db:f1:e8:c6:36:
eb:04:57:b1:93:66:a0:78:22:57:a3:3c:28:9d:24:
db:58:04:ba:ed:87:a4:03:ed:80:62:84:f0:b0:f3:
6c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1A:CB:5D:3B:5B:68:5A:4D:32:67:4E:67:59:50:B7:32:2C:DF:F6
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/rBrLXTtbaFpNMmdOZ1lQtzIs3_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.9.0/24
144.56.12.0/24
Signature Algorithm: sha256WithRSAEncryption
94:7d:7d:eb:70:b8:53:9a:3d:7d:1a:e5:2f:85:e8:bf:31:3c:
6f:af:e9:d0:26:e5:e7:98:82:a3:2c:73:28:3f:0a:8c:4c:d3:
f9:3c:30:17:49:0e:59:bb:d7:84:60:2a:0c:07:73:f3:98:f9:
e1:b2:ff:1e:e5:3f:ae:24:f4:f4:41:db:98:b3:8d:d9:e0:f2:
35:16:3e:37:5c:7d:e0:8e:17:8e:b1:6f:1a:71:8c:b7:86:a4:
9d:27:3b:41:b8:ec:ae:e5:d7:88:39:04:cf:c2:05:6c:99:02:
35:32:3c:f7:fc:97:56:89:c9:b0:bf:dd:36:5c:70:dc:6c:69:
67:99:16:52:41:1a:23:37:5c:e4:c1:24:02:6d:f8:fc:eb:e4:
78:6d:f6:e4:fc:c0:3d:19:7d:58:f5:75:f3:8a:85:bf:f6:09:
5a:e7:cc:57:41:c7:27:a6:9b:68:ab:af:a9:31:ad:cf:4d:e7:
61:c0:57:be:6d:63:88:89:2b:9f:a5:ac:ea:c0:8a:66:76:80:
3d:6f:c3:37:39:e1:3b:4d:aa:6a:b5:80:c8:81:9a:9b:01:0f:
2f:06:01:4d:12:17:fc:af:75:27:e7:13:83:f9:8e:1b:b5:4c:
e8:06:6b:05:30:ac:c7:47:69:02:0e:82:85:f2:14:f7:48:6d:
a9:97:4d:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkq1FujB0dVwRiuLRHPEwxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwOTA4MTkzNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFhY2I1ZDNiNWI2ODVhNGQzMjY3NGU2NzU5NTBiNzMyMmNkZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxLfyguAAWE6O9/eTvyD1zFkHv77
2hZbtpknpCNSEwRPfwp07HgwDWid2556FD127w406RR7WZ0Sp+d2A8JMpXgtsnxs
RA2AN/k1X+EfRiFmuB7frWOWEi2NJ7kvaCDzDs/ey7mY24C9lX0o9o9P6lPT1wOq
X/trZ83cLQt4jHU0g0UdCjpTZKVaBgsa3aJ+J6pOJboF09zo+iuqGQUFmyFFnWos
YHtsdONo0DjF4pj0541oe8aLvUL2WsFr2C5R3iKATobiMMb6QpsH5aB93oTPVZfh
5rSLdGXr2/HoxjbrBFexk2ageCJXozwonSTbWAS67YekA+2AYoTwsPNsJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKway107W2haTTJnTmdZULcyLN/2MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvckJyTFhUdGJhRnBOTW1kT1oxbFF0eklzM19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkDgJAwQA
kDgMMA0GCSqGSIb3DQEBCwUAA4IBAQCUfX3rcLhTmj19GuUvhei/MTxvr+nQJuXn
mIKjLHMoPwqMTNP5PDAXSQ5Zu9eEYCoMB3PzmPnhsv8e5T+uJPT0QduYs43Z4PI1
Fj43XH3gjheOsW8acYy3hqSdJztBuOyu5deIOQTPwgVsmQI1Mjz3/JdWicmwv902
XHDcbGlnmRZSQRojN1zkwSQCbfj86+R4bfbk/MA9GX1Y9XXzioW/9gla58xXQccn
pptoq6+pMa3PTedhwFe+bWOIiSufpazqwIpmdoA9b8M3OeE7TapqtYDIgZqbAQ8v
BgFNEhf8r3Un5xOD+Y4btUzoBmsFMKzHR2kCDoKF8hT3SG2pl01o
-----END CERTIFICATE-----
Generated at Thu Sep 18 18:04:29 2025 by rpki-client