Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/wTi7Rzww3EZXhgQOBREzY1ltru8.roa
File: wTi7Rzww3EZXhgQOBREzY1ltru8.roa (raw, json)
Hash identifier: gxxJFgecVYxEQehjaeKI+l34uL+Gr3bpgbzFlOSfauU=
Subject key identifier: C1:38:BB:47:3C:30:DC:46:57:86:04:0E:05:11:33:63:59:6D:AE:EF
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01974ADEFFBD72C1D2E96EDA1A4BAFB19375
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/wTi7Rzww3EZXhgQOBREzY1ltru8.roa
Signing time: Sat 07 Jun 2025 14:50:17 +0000
ROA not before: Sat 07 Jun 2025 14:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.37.0/24 maxlen: 24
144.56.39.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
144.56.50.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:de:ff:bd:72:c1:d2:e9:6e:da:1a:4b:af:b1:93:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 7 14:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c138bb473c30dc465786040e05113363596daeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:68:54:e8:fa:75:ef:83:8f:37:73:e2:93:c7:
b6:80:ee:3f:d2:fa:a0:f2:15:2d:9a:a3:85:a4:1b:
0c:9d:4b:25:7b:a5:8b:f9:75:73:ed:de:97:93:eb:
b0:02:5e:54:1a:6a:ef:93:6c:c8:ca:51:5e:8d:8d:
48:41:c6:ab:8a:8e:dc:e3:56:95:84:e2:55:85:33:
dd:f6:33:14:41:d9:18:c0:e5:3d:28:15:b3:64:41:
b1:e5:3a:87:06:73:95:34:70:b1:8f:01:86:d5:40:
c3:78:95:fd:22:10:c2:d7:d1:08:17:2b:9f:f9:bb:
68:f3:1b:d0:95:c0:f2:23:19:a7:45:1e:d3:14:bd:
5a:80:ac:18:34:7c:cd:f6:62:0a:65:04:81:53:22:
b5:35:33:45:7a:de:3b:ea:e5:82:7c:3e:be:9b:22:
87:48:87:21:b9:0c:e7:f8:3e:02:78:33:71:2b:7c:
6f:bb:e6:49:d8:f5:e6:ad:28:99:6b:3d:10:8f:2e:
eb:6a:c3:bd:17:57:1b:1a:59:c6:ff:84:00:d2:be:
d3:64:f7:5e:89:91:b6:e4:13:31:68:91:cc:37:a7:
9b:6e:7f:e7:d2:df:c3:0a:b4:36:89:44:95:35:3a:
7f:ed:43:76:4f:f6:5b:25:a6:6d:85:29:57:85:2f:
b6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:38:BB:47:3C:30:DC:46:57:86:04:0E:05:11:33:63:59:6D:AE:EF
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/wTi7Rzww3EZXhgQOBREzY1ltru8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0/24
144.56.37.0/24
144.56.39.0/24
144.56.41.0/24
144.56.50.0/23
Signature Algorithm: sha256WithRSAEncryption
47:3c:89:31:ba:d5:f1:10:d7:7b:6e:1d:60:70:51:4e:c9:73:
82:64:1c:2d:a2:bf:b5:c4:e1:40:0b:00:23:f5:04:15:cf:20:
2f:a7:02:61:97:6c:36:74:ce:90:fd:d7:51:4c:c4:b0:5d:00:
ed:5b:24:28:bd:21:c2:93:86:46:82:05:78:40:69:a3:74:38:
5b:a6:42:39:0e:d0:cc:73:1d:a1:a6:d7:22:bf:86:62:c2:61:
43:49:e8:c3:ee:f3:64:02:5b:c1:54:07:9e:32:58:4f:c0:85:
28:52:9b:5e:31:14:1b:99:4e:6f:6d:03:aa:18:ef:49:59:18:
e4:ae:95:1b:7a:a0:88:2a:37:d9:97:6a:5e:04:8d:cb:29:75:
7f:11:c9:b3:b4:de:34:35:66:fa:6d:29:c9:e3:a9:26:a4:a4:
77:a1:5a:62:28:7d:de:7d:21:3c:a5:0c:b5:9f:13:4c:7f:2c:
06:5d:00:55:2b:6f:54:d5:ea:8a:ad:90:e4:09:cc:54:a0:e4:
7f:03:54:3e:62:b1:79:a7:49:fb:b9:a2:14:2c:ac:3f:1b:9d:
13:9d:2a:1f:47:34:d8:3c:b2:20:3f:4b:c2:02:ff:68:99:35:
0c:a1:e5:39:00:78:16:09:48:1c:8c:06:8c:cf:c6:6d:97:d6:
6b:6c:b4:ed
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdK3v+9csHS6W7aGkuvsZN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjA3MTQ1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM4YmI0NzNjMzBkYzQ2NTc4NjA0MGUwNTExMzM2MzU5NmRhZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WhU6Pp174OPN3Pik8e2gO4/0vqg
8hUtmqOFpBsMnUsle6WL+XVz7d6Xk+uwAl5UGmrvk2zIylFejY1IQcario7c41aV
hOJVhTPd9jMUQdkYwOU9KBWzZEGx5TqHBnOVNHCxjwGG1UDDeJX9IhDC19EIFyuf
+bto8xvQlcDyIxmnRR7TFL1agKwYNHzN9mIKZQSBUyK1NTNFet476uWCfD6+myKH
SIchuQzn+D4CeDNxK3xvu+ZJ2PXmrSiZaz0Qjy7rasO9F1cbGlnG/4QA0r7TZPde
iZG25BMxaJHMN6ebbn/n0t/DCrQ2iUSVNTp/7UN2T/ZbJaZthSlXhS+2FQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFME4u0c8MNxGV4YEDgURM2NZba7vMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvd1RpN1J6d3czRVpYaGdRT0JSRXpZMWx0cnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkDgjAwQA
kDglAwQAkDgnAwQAkDgpAwQBkDgyMA0GCSqGSIb3DQEBCwUAA4IBAQBHPIkxutXx
ENd7bh1gcFFOyXOCZBwtor+1xOFACwAj9QQVzyAvpwJhl2w2dM6Q/ddRTMSwXQDt
WyQovSHCk4ZGggV4QGmjdDhbpkI5DtDMcx2hptciv4ZiwmFDSejD7vNkAlvBVAee
MlhPwIUoUpteMRQbmU5vbQOqGO9JWRjkrpUbeqCIKjfZl2peBI3LKXV/EcmztN40
NWb6bSnJ46kmpKR3oVpiKH3efSE8pQy1nxNMfywGXQBVK29U1eqKrZDkCcxUoOR/
A1Q+YrF5p0n7uaIULKw/G50TnSofRzTYPLIgP0vCAv9omTUMoeU5AHgWCUgcjAaM
z8Ztl9ZrbLTt
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:43:06 2025 by rpki-client