Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/AYb_sTz6IarHhAmuHC22jJ5txW0.roa
File: AYb_sTz6IarHhAmuHC22jJ5txW0.roa (raw, json)
Hash identifier: VGya4LtwpW0I+C/pi5sLed20AiIA/gj4RSnYTO/sEoY=
Subject key identifier: 01:86:FF:B1:3C:FA:21:AA:C7:84:09:AE:1C:2D:B6:8C:9E:6D:C5:6D
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019DE044F77F181674AC2BCC49FD63CB8EE5
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/AYb_sTz6IarHhAmuHC22jJ5txW0.roa
Signing time: Thu 30 Apr 2026 21:21:49 +0000
ROA not before: Thu 30 Apr 2026 21:21:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 144.56.35.0/24 maxlen: 24
144.56.36.0/24 maxlen: 24
144.56.38.0/24 maxlen: 24
144.56.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e0:44:f7:7f:18:16:74:ac:2b:cc:49:fd:63:cb:8e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 30 21:21:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0186ffb13cfa21aac78409ae1c2db68c9e6dc56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:71:c6:cc:8b:25:5e:d2:8f:31:54:de:4c:c0:
10:c6:66:11:d7:fc:8e:ba:5d:bb:e9:21:fc:ba:e6:
5f:e2:7b:53:c8:c2:4c:44:7d:fe:6f:e9:ba:a7:6c:
d4:0c:cb:52:08:93:3c:f7:0a:f9:d4:7c:9b:3b:cc:
cd:74:60:ad:3e:15:2d:3a:02:4e:fb:4f:ca:ae:c7:
8c:70:18:78:51:e6:b6:61:a2:8d:7c:53:3a:58:9c:
55:7c:b7:bd:d8:2d:4e:ef:fc:3c:7a:c7:c8:f0:33:
36:26:26:2c:74:91:0b:3d:3c:ab:46:fa:0e:ab:d4:
55:a2:66:6d:ad:3a:13:b2:70:2f:65:1b:f1:06:71:
a2:dd:f4:1c:b1:93:85:c6:c1:ec:c5:14:cc:20:2d:
71:c4:b8:aa:70:40:47:10:da:dd:50:e1:68:b7:ad:
61:05:b1:e3:ac:95:cc:5d:03:3a:a6:62:b4:47:87:
31:e3:77:e9:1d:90:89:88:ad:15:28:c7:d8:04:3c:
00:9e:6a:40:93:46:76:74:22:69:2b:90:ee:96:38:
60:82:01:ba:d1:e9:57:f2:4f:25:e2:1f:b4:b2:7b:
ea:9b:eb:2a:fa:48:c4:08:5e:3d:3f:f1:ab:bc:5d:
71:64:b9:e1:e1:74:14:93:f4:9d:e7:a2:ab:9c:27:
e0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:86:FF:B1:3C:FA:21:AA:C7:84:09:AE:1C:2D:B6:8C:9E:6D:C5:6D
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/AYb_sTz6IarHhAmuHC22jJ5txW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.35.0-144.56.36.255
144.56.38.0/24
144.56.114.0/24
Signature Algorithm: sha256WithRSAEncryption
64:9c:e1:18:cf:de:7b:4e:fb:55:f5:a0:f4:25:f7:ab:c5:2b:
d7:35:64:1d:f5:b4:8c:39:65:23:28:30:c3:fd:0b:99:5a:19:
fd:38:83:55:65:13:ab:18:ab:6e:f1:a0:1a:5e:c5:22:09:29:
3c:07:aa:92:b8:09:e0:3c:7c:f2:1e:37:c8:de:24:7c:2c:f2:
62:3a:eb:7b:c4:bd:c6:d0:1e:90:d6:94:a3:82:d9:0b:06:88:
bc:61:88:5e:fa:bf:98:74:09:9a:80:a5:c8:5a:22:e4:0f:5c:
41:a9:35:2d:79:0a:e9:64:23:ea:46:09:97:3b:b2:89:16:5d:
80:a6:41:7d:4b:86:89:cf:67:c7:dd:13:52:d7:2e:47:23:ef:
9a:73:38:bd:c0:bc:23:1d:1c:21:35:e7:d9:c3:e0:bf:82:38:
13:0c:84:12:24:17:e4:8d:d5:6d:db:e6:ba:c6:cb:9d:c2:2a:
5f:64:5e:31:03:f3:4f:cb:f0:2f:4c:60:02:ab:80:d4:4b:07:
d7:78:54:fa:ce:ab:4d:22:77:c8:1e:2f:ed:dc:4a:17:18:e1:
e6:f9:ff:56:32:bc:5d:ef:63:92:45:43:d1:c0:0a:55:0e:78:
88:1d:04:00:9a:65:08:74:29:39:85:f7:88:1f:fb:54:a2:96:
53:bb:0a:ff
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ3gRPd/GBZ0rCvMSf1jy47lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjYwNDMwMjEyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg2ZmZiMTNjZmEyMWFhYzc4NDA5YWUxYzJkYjY4YzllNmRjNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3HGzIslXtKPMVTeTMAQxmYR1/yO
ul276SH8uuZf4ntTyMJMRH3+b+m6p2zUDMtSCJM89wr51HybO8zNdGCtPhUtOgJO
+0/KrseMcBh4Uea2YaKNfFM6WJxVfLe92C1O7/w8esfI8DM2JiYsdJELPTyrRvoO
q9RVomZtrToTsnAvZRvxBnGi3fQcsZOFxsHsxRTMIC1xxLiqcEBHENrdUOFot61h
BbHjrJXMXQM6pmK0R4cx43fpHZCJiK0VKMfYBDwAnmpAk0Z2dCJpK5DuljhgggG6
0elX8k8l4h+0snvqm+sq+kjECF49P/GrvF1xZLnh4XQUk/Sd56KrnCfgYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAGG/7E8+iGqx4QJrhwttoyebcVtMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvQVliX3NUejZJYXJIaEFtdUhDMjJqSjV0eFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACQOCMD
BACQOCQDBACQOCYDBACQOHIwDQYJKoZIhvcNAQELBQADggEBAGSc4RjP3ntO+1X1
oPQl96vFK9c1ZB31tIw5ZSMoMMP9C5laGf04g1VlE6sYq27xoBpexSIJKTwHqpK4
CeA8fPIeN8jeJHws8mI663vEvcbQHpDWlKOC2QsGiLxhiF76v5h0CZqApchaIuQP
XEGpNS15CulkI+pGCZc7sokWXYCmQX1LhonPZ8fdE1LXLkcj75pzOL3AvCMdHCE1
59nD4L+COBMMhBIkF+SN1W3b5rrGy53CKl9kXjED80/L8C9MYAKrgNRLB9d4VPrO
q00id8geL+3cShcY4eb5/1YyvF3vY5JFQ9HAClUOeIgdBACaZQh0KTmF94gf+1Si
llO7Cv8=
-----END CERTIFICATE-----
Generated at Wed May 13 10:26:23 2026 by rpki-client