Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/fFxd6IjDHrKSpZrz2bhYu6DxRZM.roa
File: fFxd6IjDHrKSpZrz2bhYu6DxRZM.roa (raw, json)
Hash identifier: RE/gCi0xRSTT+cmlqllde9+LarwQAFnH3GWtWOYEpmY=
Subject key identifier: 7C:5C:5D:E8:88:C3:1E:B2:92:A5:9A:F3:D9:B8:58:BB:A0:F1:45:93
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 01969179F2C924EA269C1CAB6836BBA361D2
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/fFxd6IjDHrKSpZrz2bhYu6DxRZM.roa
Signing time: Fri 02 May 2025 14:50:10 +0000
ROA not before: Fri 02 May 2025 14:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:79:f2:c9:24:ea:26:9c:1c:ab:68:36:bb:a3:61:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: May 2 14:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c5c5de888c31eb292a59af3d9b858bba0f14593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:15:d8:2d:e6:e9:0e:af:7d:77:e8:be:a0:ae:
68:4a:7f:9b:22:fd:b1:09:b6:f2:9c:fd:f7:96:94:
c2:c3:d7:dc:20:e8:37:f9:e5:a7:45:d6:62:5b:85:
98:a0:dd:4b:39:47:24:fc:3c:37:33:56:09:e0:7b:
c7:bc:e7:9a:6f:f6:0e:cd:9c:c7:a1:96:3d:85:39:
77:30:2b:a5:1d:55:e0:1c:fa:fc:25:be:a2:87:1c:
71:83:da:67:f6:b3:2f:91:95:3b:4f:14:75:98:5b:
03:43:80:71:7e:c7:ca:c6:22:18:52:05:24:94:de:
8f:ac:32:42:93:26:01:65:ba:78:c2:e0:88:3e:e0:
2a:a3:89:14:9b:3a:1b:11:2f:84:c5:08:57:cc:5b:
d9:ee:72:75:59:cf:76:1b:51:12:70:21:94:ea:57:
d4:9e:bd:60:8c:52:15:80:57:f0:fc:1d:a9:7b:0e:
af:77:ad:9b:2d:07:dc:7d:55:c8:49:26:7f:b7:ce:
dc:fe:4e:38:44:99:05:53:87:84:16:8c:f8:7e:69:
23:24:06:aa:0a:87:67:6d:0b:0b:05:e5:29:57:97:
ec:3a:1a:d8:27:70:df:58:06:54:ab:22:89:4f:f7:
d6:ae:76:7b:3c:cc:9d:7d:e2:78:d8:e8:4f:25:92:
8d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5C:5D:E8:88:C3:1E:B2:92:A5:9A:F3:D9:B8:58:BB:A0:F1:45:93
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/fFxd6IjDHrKSpZrz2bhYu6DxRZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.17.0/24
144.56.24.0/24
144.56.31.0/24
144.56.33.0-144.56.34.255
Signature Algorithm: sha256WithRSAEncryption
c3:b9:65:f8:02:a3:20:50:66:2c:5f:0b:b6:09:df:8f:9e:c4:
52:05:f8:84:84:99:7d:46:36:ce:ba:4e:d5:ff:7f:72:4f:6c:
aa:36:77:3a:a4:b2:2c:67:33:6d:83:7e:d8:04:b2:c1:2c:12:
8a:c1:f0:0d:03:49:90:f6:2b:e7:62:9a:9a:cf:96:59:cb:d2:
76:00:04:d6:11:6f:0d:83:5e:c0:b4:39:c9:92:e2:bd:e2:7c:
32:ed:9d:13:e7:30:a5:fa:df:c6:d6:63:70:1f:36:7a:a3:03:
6f:a4:4b:87:95:cd:95:32:fd:7f:91:2c:32:29:75:ee:78:b1:
0d:dd:83:0e:5d:92:0c:94:01:01:1b:61:54:32:29:33:66:b6:
29:ce:8f:c5:8e:1b:f7:20:dd:2b:a1:1f:13:e8:2a:e3:79:42:
04:d9:bb:d7:a0:7b:d8:e0:d7:02:62:20:4b:67:1b:2e:b0:bd:
a0:7f:5f:24:66:c1:1b:8c:e3:f0:5b:43:6a:47:53:7e:c7:f3:
9f:b9:a6:af:75:5d:4c:0d:d9:30:b3:f3:75:31:0d:1c:43:65:
66:6c:c6:f4:80:1f:e7:d1:dc:97:5f:9a:d0:a9:7b:9b:c0:f7:
1e:89:04:4b:83:1b:c0:2f:96:6f:5f:ed:03:aa:42:08:00:40:
cd:b7:bc:a7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZaRefLJJOomnByraDa7o2HSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNTAyMTQ1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVjNWRlODg4YzMxZWIyOTJhNTlhZjNkOWI4NThiYmEwZjE0NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RXYLebpDq99d+i+oK5oSn+bIv2x
CbbynP33lpTCw9fcIOg3+eWnRdZiW4WYoN1LOUck/Dw3M1YJ4HvHvOeab/YOzZzH
oZY9hTl3MCulHVXgHPr8Jb6ihxxxg9pn9rMvkZU7TxR1mFsDQ4BxfsfKxiIYUgUk
lN6PrDJCkyYBZbp4wuCIPuAqo4kUmzobES+ExQhXzFvZ7nJ1Wc92G1EScCGU6lfU
nr1gjFIVgFfw/B2pew6vd62bLQfcfVXISSZ/t87c/k44RJkFU4eEFoz4fmkjJAaq
CodnbQsLBeUpV5fsOhrYJ3DfWAZUqyKJT/fWrnZ7PMydfeJ42OhPJZKNjQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHxcXeiIwx6ykqWa89m4WLug8UWTMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvZkZ4ZDZJakRIcktTcFpyejJiaFl1NkR4UlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAkDgNAwQA
kDgRAwQAkDgYAwQAkDgfMAwDBACQOCEDBACQOCIwDQYJKoZIhvcNAQELBQADggEB
AMO5ZfgCoyBQZixfC7YJ34+exFIF+ISEmX1GNs66TtX/f3JPbKo2dzqksixnM22D
ftgEssEsEorB8A0DSZD2K+dimprPllnL0nYABNYRbw2DXsC0OcmS4r3ifDLtnRPn
MKX638bWY3AfNnqjA2+kS4eVzZUy/X+RLDIpde54sQ3dgw5dkgyUAQEbYVQyKTNm
tinOj8WOG/cg3SuhHxPoKuN5QgTZu9ege9jg1wJiIEtnGy6wvaB/XyRmwRuM4/Bb
Q2pHU37H85+5pq91XUwN2TCz83UxDRxDZWZsxvSAH+fR3JdfmtCpe5vA9x6JBEuD
G8Avlm9f7QOqQggAQM23vKc=
-----END CERTIFICATE-----
Generated at Wed May 14 08:37:43 2025 by rpki-client