Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/sJiPnePKfJHI0k89ebLGPEkC7Ko.roa
File: sJiPnePKfJHI0k89ebLGPEkC7Ko.roa (raw, json)
Hash identifier: 3idiGD6n0HkdLPukcftrxd1Ei9k/RArpt4tStz3qqC0=
Subject key identifier: B0:98:8F:9D:E3:CA:7C:91:C8:D2:4F:3D:79:B2:C6:3C:49:02:EC:AA
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 0194DF9EB034AE4D4F19D90A1B5930F76CBA
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/sJiPnePKfJHI0k89ebLGPEkC7Ko.roa
Signing time: Fri 07 Feb 2025 08:55:06 +0000
ROA not before: Fri 07 Feb 2025 08:55:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.0.0/24 maxlen: 24
144.56.7.0/24 maxlen: 24
144.56.8.0/24 maxlen: 24
144.56.9.0/24 maxlen: 24
144.56.10.0/24 maxlen: 24
144.56.11.0/24 maxlen: 24
144.56.12.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.18.0/24 maxlen: 24
144.56.19.0/24 maxlen: 24
144.56.20.0/24 maxlen: 24
144.56.21.0/24 maxlen: 24
144.56.22.0/24 maxlen: 24
144.56.23.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.25.0/24 maxlen: 24
144.56.26.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.28.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.30.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:df:9e:b0:34:ae:4d:4f:19:d9:0a:1b:59:30:f7:6c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Feb 7 08:55:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0988f9de3ca7c91c8d24f3d79b2c63c4902ecaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3c:76:9a:e4:e6:6e:33:ed:e9:f4:6e:78:19:
d4:f0:2c:00:92:18:86:04:6d:45:38:e9:6a:9a:d3:
97:75:7c:c5:1a:dd:e8:dc:ed:76:d6:3b:74:97:9a:
64:39:17:8a:22:96:d6:63:45:b6:9b:11:e2:62:99:
f3:aa:1d:df:b8:6f:b0:bb:b2:5b:2b:4e:ac:fc:da:
a9:a7:0b:02:56:a3:3f:6a:83:f6:30:b6:48:32:04:
ae:74:8e:0b:58:0f:56:22:9f:a5:d4:5b:0f:be:58:
1d:6d:af:a3:a9:4a:4e:6d:85:36:32:83:96:cc:e9:
9d:e0:df:ab:51:81:98:cf:b0:44:85:a8:7e:60:4f:
d8:e3:f7:f6:0c:ec:13:37:fe:9f:66:79:b5:62:54:
f0:18:08:e5:2a:71:ba:4a:e0:24:a5:74:0e:5a:f5:
ea:aa:bb:ec:ff:87:c8:a8:4c:50:6b:51:84:5d:13:
72:27:3c:fa:e9:7e:4f:d7:5c:06:af:df:28:12:05:
35:89:ee:ed:0f:cb:b3:e2:06:ee:68:51:00:73:6b:
46:89:de:cc:c6:3d:9c:4c:21:ba:3b:f5:d7:71:c1:
9e:78:35:5e:6b:fd:41:5c:c1:30:4d:ce:3d:ec:4e:
02:af:6c:b7:2b:ff:ea:ea:57:ed:75:01:34:e5:16:
47:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:98:8F:9D:E3:CA:7C:91:C8:D2:4F:3D:79:B2:C6:3C:49:02:EC:AA
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/sJiPnePKfJHI0k89ebLGPEkC7Ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.0.0/24
144.56.7.0-144.56.13.255
144.56.17.0-144.56.32.255
Signature Algorithm: sha256WithRSAEncryption
11:7c:52:7f:e7:df:0b:83:a0:80:67:3b:da:b7:31:65:72:fe:
ff:0d:98:7d:7d:da:b0:4a:ba:5d:c0:6f:c6:35:22:b3:78:57:
2c:9a:9e:3c:4e:48:2c:f0:1a:bd:72:e5:0f:65:49:5a:48:31:
57:41:81:16:63:56:53:8d:4c:38:82:c3:d3:2e:4b:ce:15:80:
0b:44:46:c8:1c:68:56:99:59:b9:af:2e:83:f8:b1:c4:b5:39:
40:e2:83:f4:e7:91:81:fd:27:61:f4:7e:1d:fe:ac:1a:04:95:
49:a0:ca:aa:98:15:12:cf:6e:d3:0a:7d:6c:e9:9d:3b:a1:24:
ed:46:23:d7:83:54:48:06:48:5d:00:ea:bf:f1:89:8e:fc:07:
9a:87:52:cf:84:e2:47:a3:f3:de:a6:72:6a:3e:80:84:94:42:
10:97:00:db:50:1e:d0:21:da:c7:81:9b:03:0c:5c:35:cf:a8:
95:9e:1b:c8:78:81:11:56:61:37:46:9b:03:31:76:42:77:d4:
51:07:3f:c3:91:96:0c:49:1d:d5:d5:f4:88:72:49:0d:85:ac:
0c:f0:59:ec:70:5f:d1:c8:bc:42:22:79:48:9a:44:82:e7:68:
91:5c:78:27:ed:76:11:69:0f:41:c6:7a:1f:62:56:da:37:fe:
e5:d7:55:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZTfnrA0rk1PGdkKG1kw92y6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwMjA3MDg1NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk4OGY5ZGUzY2E3YzkxYzhkMjRmM2Q3OWIyYzYzYzQ5MDJlY2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTx2muTmbjPt6fRueBnU8CwAkhiG
BG1FOOlqmtOXdXzFGt3o3O121jt0l5pkOReKIpbWY0W2mxHiYpnzqh3fuG+wu7Jb
K06s/NqppwsCVqM/aoP2MLZIMgSudI4LWA9WIp+l1FsPvlgdba+jqUpObYU2MoOW
zOmd4N+rUYGYz7BEhah+YE/Y4/f2DOwTN/6fZnm1YlTwGAjlKnG6SuAkpXQOWvXq
qrvs/4fIqExQa1GEXRNyJzz66X5P11wGr98oEgU1ie7tD8uz4gbuaFEAc2tGid7M
xj2cTCG6O/XXccGeeDVea/1BXMEwTc497E4Cr2y3K//q6lftdQE05RZHlwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLCYj53jynyRyNJPPXmyxjxJAuyqMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvc0ppUG5lUEtmSkhJMGs4OWViTEdQRWtDN0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAkDgAMAwD
BACQOAcDBAGQOAwwDAMEAJA4EQMEAJA4IDANBgkqhkiG9w0BAQsFAAOCAQEAEXxS
f+ffC4OggGc72rcxZXL+/w2YfX3asEq6XcBvxjUis3hXLJqePE5ILPAavXLlD2VJ
WkgxV0GBFmNWU41MOILD0y5LzhWAC0RGyBxoVplZua8ug/ixxLU5QOKD9OeRgf0n
YfR+Hf6sGgSVSaDKqpgVEs9u0wp9bOmdO6Ek7UYj14NUSAZIXQDqv/GJjvwHmodS
z4TiR6Pz3qZyaj6AhJRCEJcA21Ae0CHax4GbAwxcNc+olZ4byHiBEVZhN0abAzF2
QnfUUQc/w5GWDEkd1dX0iHJJDYWsDPBZ7HBf0ci8QiJ5SJpEgudokVx4J+12EWkP
QcZ6H2JW2jf+5ddVdQ==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:20 2025 by rpki-client