Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TzBfxYZTXppI-TeRdTOaEkWTwIE.roa
File: TzBfxYZTXppI-TeRdTOaEkWTwIE.roa (raw, json)
Hash identifier: nAp7JpYVpDTeNiHlDXUbpTeLP0l3j3t4ITTrMd7RSfk=
Subject key identifier: 4F:30:5F:C5:86:53:5E:9A:48:F9:37:91:75:33:9A:12:45:93:C0:81
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019DE044F709FC74B362D5181F3A3ADE4705
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TzBfxYZTXppI-TeRdTOaEkWTwIE.roa
Signing time: Thu 30 Apr 2026 21:21:49 +0000
ROA not before: Thu 30 Apr 2026 21:21:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 144.56.7.0/24 maxlen: 24
144.56.9.0/24 maxlen: 24
144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.29.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
144.56.41.0/24 maxlen: 24
144.56.51.0/24 maxlen: 24
144.56.71.0/24 maxlen: 24
144.56.72.0/24 maxlen: 24
144.56.76.0/24 maxlen: 24
144.56.78.0/24 maxlen: 24
144.56.80.0/24 maxlen: 24
144.56.81.0/24 maxlen: 24
144.56.85.0/24 maxlen: 24
144.56.86.0/24 maxlen: 24
144.56.88.0/24 maxlen: 24
144.56.91.0/24 maxlen: 24
144.56.93.0/24 maxlen: 24
144.56.94.0/24 maxlen: 24
144.56.97.0/24 maxlen: 24
144.56.98.0/24 maxlen: 24
144.56.99.0/24 maxlen: 24
144.56.100.0/24 maxlen: 24
144.56.101.0/24 maxlen: 24
144.56.102.0/24 maxlen: 24
144.56.103.0/24 maxlen: 24
144.56.105.0/24 maxlen: 24
144.56.106.0/24 maxlen: 24
144.56.107.0/24 maxlen: 24
144.56.108.0/24 maxlen: 24
144.56.112.0/24 maxlen: 24
144.56.117.0/24 maxlen: 24
144.56.118.0/24 maxlen: 24
144.56.119.0/24 maxlen: 24
144.56.121.0/24 maxlen: 24
144.56.122.0/24 maxlen: 24
144.56.124.0/24 maxlen: 24
144.56.125.0/24 maxlen: 24
144.56.126.0/24 maxlen: 24
144.56.127.0/24 maxlen: 24
144.56.128.0/24 maxlen: 24
144.56.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e0:44:f7:09:fc:74:b3:62:d5:18:1f:3a:3a:de:47:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 30 21:21:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f305fc586535e9a48f9379175339a124593c081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:d8:ce:cb:f1:90:2f:fa:2a:51:a9:82:f5:ae:
c3:71:d1:9b:91:1e:f4:ca:1f:21:c3:e5:8b:26:21:
68:53:6a:19:2a:31:27:64:a2:ec:0a:6e:fc:73:28:
a8:db:e2:e4:fa:39:31:94:2e:6d:32:df:dc:e4:ab:
e3:a5:a4:ee:f0:c7:51:bf:1f:c6:78:db:3f:e5:9c:
34:12:77:5d:ee:0f:c8:2d:8c:d6:a1:6c:c4:bc:11:
fb:9b:bf:e1:c4:4c:03:3d:29:29:90:70:9a:e7:fe:
85:b2:8a:8f:6e:7e:28:94:b3:db:a7:d2:82:af:96:
07:84:c2:5d:aa:75:9f:7c:b7:d8:4c:6f:58:69:9f:
44:f1:f2:50:4e:93:04:57:87:76:bf:aa:a2:22:ed:
aa:c0:36:77:d6:c8:e4:f2:c0:f0:d1:43:a7:2a:0b:
b9:fe:e1:94:e6:bb:1e:c0:ac:af:0b:51:6b:af:ca:
dd:68:df:61:5a:de:e1:e7:58:8a:e5:6b:a3:2a:2b:
54:c7:e1:77:a9:be:41:49:17:d9:4e:14:ea:0b:21:
d2:eb:69:e8:f5:2e:0e:95:e9:53:62:32:1b:a8:17:
df:f0:90:be:36:ef:f4:f8:d5:18:60:d9:46:22:cc:
fe:49:ce:5f:e4:26:55:08:01:ec:e7:83:e0:3f:f4:
bd:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:30:5F:C5:86:53:5E:9A:48:F9:37:91:75:33:9A:12:45:93:C0:81
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TzBfxYZTXppI-TeRdTOaEkWTwIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.7.0/24
144.56.9.0/24
144.56.13.0/24
144.56.17.0/24
144.56.24.0/24
144.56.27.0/24
144.56.29.0/24
144.56.31.0/24
144.56.34.0/24
144.56.41.0/24
144.56.51.0/24
144.56.71.0-144.56.72.255
144.56.76.0/24
144.56.78.0/24
144.56.80.0/23
144.56.85.0-144.56.86.255
144.56.88.0/24
144.56.91.0/24
144.56.93.0-144.56.94.255
144.56.97.0-144.56.103.255
144.56.105.0-144.56.108.255
144.56.112.0/24
144.56.117.0-144.56.119.255
144.56.121.0-144.56.122.255
144.56.124.0-144.56.129.255
Signature Algorithm: sha256WithRSAEncryption
65:95:90:2e:91:ae:b0:d2:c8:be:b3:ec:8f:99:8d:f8:09:8b:
6d:78:50:8d:6d:dd:8d:ed:b3:17:43:09:f8:f4:a1:a4:71:cc:
30:b3:0c:2f:d4:38:b8:76:82:22:aa:55:42:43:c4:6a:9d:4d:
db:51:01:9e:7e:45:ae:e3:eb:a4:b8:f7:98:e6:ca:4d:af:de:
42:03:15:02:75:da:80:ff:ce:47:35:19:9b:af:0c:3e:21:17:
71:cb:06:08:16:cc:ca:de:6b:16:1a:4e:85:26:0d:77:4b:ed:
9c:a2:b4:bf:ef:89:b4:e9:76:c5:99:9a:fa:ca:a3:5e:9f:e8:
ce:97:19:26:77:23:4d:c6:14:5d:7f:1e:c3:83:76:2e:4b:6b:
88:f6:29:b4:77:f3:b8:db:ce:b1:b3:e6:b9:f7:ff:be:a2:23:
3d:fa:8c:94:29:82:2d:40:3b:e7:10:99:ed:84:9b:32:14:0d:
a8:9d:a0:bf:e5:0e:cc:15:a3:bd:88:58:02:87:ed:63:a0:d0:
b9:68:84:9d:26:89:98:2a:45:f2:66:13:f0:b8:1c:2a:20:a2:
13:d9:65:b0:f9:3d:29:9d:6c:e4:5d:d4:06:fd:03:40:aa:3a:
63:1d:8a:d0:12:95:7a:f1:e6:ca:b7:cd:91:a9:80:db:38:9a:
4e:98:4a:6e
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZ3gRPcJ/HSzYtUYHzo63kcFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjYwNDMwMjEyMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMwNWZjNTg2NTM1ZTlhNDhmOTM3OTE3NTMzOWExMjQ1OTNjMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9jOy/GQL/oqUamC9a7DcdGbkR70
yh8hw+WLJiFoU2oZKjEnZKLsCm78cyio2+Lk+jkxlC5tMt/c5KvjpaTu8MdRvx/G
eNs/5Zw0Endd7g/ILYzWoWzEvBH7m7/hxEwDPSkpkHCa5/6FsoqPbn4olLPbp9KC
r5YHhMJdqnWffLfYTG9YaZ9E8fJQTpMEV4d2v6qiIu2qwDZ31sjk8sDw0UOnKgu5
/uGU5rsewKyvC1Frr8rdaN9hWt7h51iK5WujKitUx+F3qb5BSRfZThTqCyHS62no
9S4OlelTYjIbqBff8JC+Nu/0+NUYYNlGIsz+Sc5f5CZVCAHs54PgP/S9fQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFE8wX8WGU16aSPk3kXUzmhJFk8CBMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvVHpCZnhZWlRYcHBJLVRlUmRUT2FFa1dUd0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBACQ
OAcDBACQOAkDBACQOA0DBACQOBEDBACQOBgDBACQOBsDBACQOB0DBACQOB8DBACQ
OCIDBACQOCkDBACQODMwDAMEAJA4RwMEAJA4SAMEAJA4TAMEAJA4TgMEAZA4UDAM
AwQAkDhVAwQAkDhWAwQAkDhYAwQAkDhbMAwDBACQOF0DBACQOF4wDAMEAJA4YQME
A5A4YDAMAwQAkDhpAwQAkDhsAwQAkDhwMAwDBACQOHUDBAOQOHAwDAMEAJA4eQME
AJA4ejAMAwQCkDh8AwQBkDiAMA0GCSqGSIb3DQEBCwUAA4IBAQBllZAuka6w0si+
s+yPmY34CYtteFCNbd2N7bMXQwn49KGkccwwswwv1Di4doIiqlVCQ8RqnU3bUQGe
fkWu4+ukuPeY5spNr95CAxUCddqA/85HNRmbrww+IRdxywYIFszK3msWGk6FJg13
S+2corS/74m06XbFmZr6yqNen+jOlxkmdyNNxhRdfx7Dg3YuS2uI9im0d/O4286x
s+a59/++oiM9+oyUKYItQDvnEJnthJsyFA2onaC/5Q7MFaO9iFgCh+1joNC5aISd
JomYKkXyZhPwuBwqIKIT2WWw+T0pnWzkXdQG/QNAqjpjHYrQEpV68ebKt82RqYDb
OJpOmEpu
-----END CERTIFICATE-----
Generated at Wed May 13 02:37:45 2026 by rpki-client