Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Z8p5c-rlAPW0cZ-sWH7G-yZd9To.roa
File: Z8p5c-rlAPW0cZ-sWH7G-yZd9To.roa (raw, json)
Hash identifier: 14NxmVMH2EBfG9yj1NkfTzczT8KoDClH3gg1peZJpIk=
Subject key identifier: 67:CA:79:73:EA:E5:00:F5:B4:71:9F:AC:58:7E:C6:FB:26:5D:F5:3A
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019772E2D6AFF1C0DF5273727BBF9D269ECF
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Z8p5c-rlAPW0cZ-sWH7G-yZd9To.roa
Signing time: Sun 15 Jun 2025 09:19:18 +0000
ROA not before: Sun 15 Jun 2025 09:19:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3196
IP address blocks: 144.56.56.0/24 maxlen: 24
144.56.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 20:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:72:e2:d6:af:f1:c0:df:52:73:72:7b:bf:9d:26:9e:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Jun 15 09:19:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ca7973eae500f5b4719fac587ec6fb265df53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:2a:56:09:4d:2a:24:00:7c:e8:a8:b1:83:
73:cf:be:69:e7:5f:19:d2:d9:ab:e9:18:75:61:4d:
c2:2f:cb:08:b0:54:1f:fe:54:63:3e:d2:a2:97:66:
56:55:d3:66:55:e2:f9:3a:aa:5b:bd:cf:e2:30:90:
7b:b5:f4:da:6f:28:89:f5:11:ec:54:07:57:70:81:
f5:3e:59:2a:2c:c4:01:df:af:d4:be:25:bc:cb:59:
bc:b7:ac:6e:49:91:8b:4f:0e:27:fd:ac:f4:e6:d8:
72:9c:a3:83:92:b5:43:89:56:3e:06:f0:1e:12:4e:
44:d4:6a:22:aa:15:f8:b7:d1:8c:0d:95:a0:9a:8f:
30:2a:86:32:f5:01:d9:03:21:39:3c:51:14:03:95:
03:67:5d:6c:21:a7:75:71:a0:c0:96:59:8d:3a:6a:
91:b3:ad:d4:28:d6:27:07:7e:78:2f:c4:55:96:b8:
a8:0c:e5:dc:ff:18:48:e6:d9:34:f8:ff:ac:2a:0a:
fe:24:64:7d:cf:07:5d:a5:00:e0:57:41:cf:b9:7a:
8c:4d:d9:d0:ba:03:36:46:c6:4e:c0:4a:1f:ce:62:
b4:80:da:a7:1a:58:ee:13:3c:47:db:3d:09:a0:81:
28:95:74:24:ba:b1:6a:46:d9:06:c5:e3:bf:14:f4:
e6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CA:79:73:EA:E5:00:F5:B4:71:9F:AC:58:7E:C6:FB:26:5D:F5:3A
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/Z8p5c-rlAPW0cZ-sWH7G-yZd9To.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.56.0/24
144.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:78:19:26:b4:91:4b:8f:b1:84:3e:26:37:cd:78:7b:99:bb:
4d:d1:4f:d2:6d:91:5a:ee:de:7e:75:6b:a0:28:76:d2:27:36:
5a:fb:7c:9f:b9:65:92:29:f4:6c:cc:d0:3f:48:0c:97:7a:7a:
72:ef:51:30:4d:5f:7b:d8:64:48:7a:83:af:d2:b0:45:e1:5e:
4c:ef:79:83:f9:97:45:3e:41:86:31:5a:ae:ec:39:fb:34:25:
73:de:45:b0:be:46:5a:59:7e:7c:9d:29:bc:58:71:86:c7:e7:
3d:ad:71:39:8c:7d:c5:12:68:95:2d:36:6d:75:73:7e:b8:fd:
bb:44:f0:68:fe:44:af:4b:6a:7d:09:aa:16:6a:1f:35:58:92:
e3:6c:48:e8:67:af:a1:cf:66:43:28:f9:8c:e5:bc:01:ab:74:
59:d5:9d:d4:25:f8:64:75:6b:67:42:d4:88:b6:3a:07:f6:b4:
d9:91:0c:75:7d:84:65:5c:ec:4e:b6:f1:97:08:96:eb:84:79:
3c:56:93:ea:f0:19:79:92:49:b6:e1:23:3f:b8:fa:93:4e:26:
a8:9e:2c:ac:57:7f:d3:a0:89:e9:c5:88:a9:0f:62:e1:16:4a:
2f:86:f7:2b:21:fb:fb:4f:f1:13:a6:d7:d7:4b:7e:72:9a:09:
11:c1:54:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdy4tav8cDfUnNye7+dJp7PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNjE1MDkxOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NhNzk3M2VhZTUwMGY1YjQ3MTlmYWM1ODdlYzZmYjI2NWRmNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBgqVglNKiQAfOiosYNzz75p518Z
0tmr6Rh1YU3CL8sIsFQf/lRjPtKil2ZWVdNmVeL5Oqpbvc/iMJB7tfTabyiJ9RHs
VAdXcIH1PlkqLMQB36/UviW8y1m8t6xuSZGLTw4n/az05thynKODkrVDiVY+BvAe
Ek5E1GoiqhX4t9GMDZWgmo8wKoYy9QHZAyE5PFEUA5UDZ11sIad1caDAllmNOmqR
s63UKNYnB354L8RVlrioDOXc/xhI5tk0+P+sKgr+JGR9zwddpQDgV0HPuXqMTdnQ
ugM2RsZOwEofzmK0gNqnGljuEzxH2z0JoIEolXQkurFqRtkGxeO/FPTm8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGfKeXPq5QD1tHGfrFh+xvsmXfU6MB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvWjhwNWMtcmxBUFcwY1otc1dIN0cteVpkOVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkDg4AwQA
kDiQMA0GCSqGSIb3DQEBCwUAA4IBAQAfeBkmtJFLj7GEPiY3zXh7mbtN0U/SbZFa
7t5+dWugKHbSJzZa+3yfuWWSKfRszNA/SAyXenpy71EwTV972GRIeoOv0rBF4V5M
73mD+ZdFPkGGMVqu7Dn7NCVz3kWwvkZaWX58nSm8WHGGx+c9rXE5jH3FEmiVLTZt
dXN+uP27RPBo/kSvS2p9CaoWah81WJLjbEjoZ6+hz2ZDKPmM5bwBq3RZ1Z3UJfhk
dWtnQtSItjoH9rTZkQx1fYRlXOxOtvGXCJbrhHk8VpPq8Bl5kkm24SM/uPqTTiao
niysV3/ToInpxYipD2LhFkovhvcrIfv7T/ETptfXS35ymgkRwVQo
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:12:42 2025 by rpki-client