
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/HZzrBLqLniSsznGdguAgPtgtGbM.roa
File: HZzrBLqLniSsznGdguAgPtgtGbM.roa (raw, json)
Hash identifier: xGzu0AMRP3+zdSrMRPZ1toX3l/+Zg2MbklKfsZKKMdM=
Subject key identifier: 1D:9C:EB:04:BA:8B:9E:24:AC:CE:71:9D:82:E0:20:3E:D8:2D:19:B3
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 0199EC153D5FFDC0C8AB467A4398DA7E4B30
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/HZzrBLqLniSsznGdguAgPtgtGbM.roa
Signing time: Thu 16 Oct 2025 08:13:58 +0000
ROA not before: Thu 16 Oct 2025 08:13:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 153.98.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:15:3d:5f:fd:c0:c8:ab:46:7a:43:98:da:7e:4b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: Oct 16 08:13:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d9ceb04ba8b9e24acce719d82e0203ed82d19b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b2:1a:dc:7e:5f:48:2a:66:48:75:61:d2:0b:
19:24:a9:8c:70:96:ce:88:90:73:87:59:a9:9d:3f:
b6:b4:09:54:51:29:8d:ce:61:56:8f:aa:85:fe:6c:
b6:19:e0:c4:76:60:13:fa:b4:91:01:63:88:2f:dd:
0c:46:83:2f:4f:fe:a4:c4:c6:79:ee:81:e2:fc:ad:
fd:d2:4c:07:8d:4b:6f:97:f5:98:37:8d:ad:c8:e2:
70:b0:32:50:13:77:2a:9b:88:7a:c5:0d:76:2e:aa:
b1:5f:46:f3:80:eb:74:9b:97:4f:fe:fc:cf:67:e2:
0f:d0:ce:76:45:0c:c8:44:0e:2d:53:9c:e4:74:79:
75:af:d7:36:b2:9b:c5:8e:dd:a9:81:ad:34:1f:9d:
87:81:ca:3b:57:9d:fc:0d:84:d8:53:c8:90:07:8e:
a9:9c:da:46:1e:fd:4a:ce:eb:eb:b6:12:f2:98:13:
e2:70:23:04:cb:73:b6:da:6f:a6:0c:29:2e:02:56:
54:a3:b5:ec:14:44:b3:ce:04:13:ec:fb:0b:f8:fa:
37:ab:8d:0f:ac:71:75:8a:b3:c0:56:fd:4e:29:63:
46:19:11:f1:8d:3a:74:51:3c:a5:4a:dd:ce:09:02:
54:63:fc:88:46:ac:fa:93:19:64:cb:93:21:b1:c0:
be:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9C:EB:04:BA:8B:9E:24:AC:CE:71:9D:82:E0:20:3E:D8:2D:19:B3
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/HZzrBLqLniSsznGdguAgPtgtGbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.98.30.0/24
Signature Algorithm: sha256WithRSAEncryption
72:39:db:7a:23:98:16:41:50:03:09:91:f9:36:db:7d:cc:46:
61:2c:16:c3:44:be:cb:73:5f:93:32:96:f6:34:f3:47:06:a3:
04:5f:9f:57:1a:72:b7:7f:37:32:42:da:1d:49:ea:80:b7:32:
bf:fb:25:31:92:3d:26:42:4e:34:ec:69:02:d5:6c:9a:8b:65:
6e:af:d4:4d:37:62:24:fd:bd:80:c1:0c:a4:48:84:53:6a:a6:
a7:c5:6f:dd:62:af:dd:e9:09:1e:9f:bc:30:a4:12:a9:e1:7c:
1b:8d:07:eb:84:b6:49:dd:67:1e:21:01:8a:3c:b5:c5:58:ea:
17:88:5b:e1:4b:b3:f8:8f:7f:bf:3f:cb:7b:c3:db:61:f1:24:
99:33:f5:05:00:8f:d8:b5:a0:bf:65:fa:b7:fb:42:1a:da:a7:
97:7e:0a:58:d3:38:88:62:0b:cd:ab:5a:e2:ca:2a:dd:4c:79:
97:ea:ea:31:ec:71:40:a6:3a:05:ab:06:9e:90:4d:44:7b:81:
cc:c6:59:fe:74:cc:98:97:e6:f0:c4:9b:d9:ef:e8:87:a7:a0:
a5:c2:9c:50:97:cf:97:1e:29:b8:45:d3:dd:e1:e5:c3:ac:82:
32:7c:5b:7b:dd:52:b2:57:47:d1:45:d8:10:1d:55:7e:c4:21:
6d:f9:aa:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnsFT1f/cDIq0Z6Q5jafkswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjUxMDE2MDgxMzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDljZWIwNGJhOGI5ZTI0YWNjZTcxOWQ4MmUwMjAzZWQ4MmQxOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbIa3H5fSCpmSHVh0gsZJKmMcJbO
iJBzh1mpnT+2tAlUUSmNzmFWj6qF/my2GeDEdmAT+rSRAWOIL90MRoMvT/6kxMZ5
7oHi/K390kwHjUtvl/WYN42tyOJwsDJQE3cqm4h6xQ12LqqxX0bzgOt0m5dP/vzP
Z+IP0M52RQzIRA4tU5zkdHl1r9c2spvFjt2pga00H52Hgco7V538DYTYU8iQB46p
nNpGHv1KzuvrthLymBPicCMEy3O22m+mDCkuAlZUo7XsFESzzgQT7PsL+Po3q40P
rHF1irPAVv1OKWNGGRHxjTp0UTylSt3OCQJUY/yIRqz6kxlky5MhscC+jwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2c6wS6i54krM5xnYLgID7YLRmzMB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvSFp6ckJMcUxuaVNzem5HZGd1QWdQdGd0R2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmWIeMA0G
CSqGSIb3DQEBCwUAA4IBAQByOdt6I5gWQVADCZH5Ntt9zEZhLBbDRL7Lc1+TMpb2
NPNHBqMEX59XGnK3fzcyQtodSeqAtzK/+yUxkj0mQk407GkC1Wyai2Vur9RNN2Ik
/b2AwQykSIRTaqanxW/dYq/d6Qken7wwpBKp4XwbjQfrhLZJ3WceIQGKPLXFWOoX
iFvhS7P4j3+/P8t7w9th8SSZM/UFAI/YtaC/Zfq3+0Ia2qeXfgpY0ziIYgvNq1ri
yirdTHmX6uox7HFApjoFqwaekE1Ee4HMxln+dMyYl+bwxJvZ7+iHp6ClwpxQl8+X
Him4RdPd4eXDrIIyfFt73VKyV0fRRdgQHVV+xCFt+apS
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:10:14 2025 by rpki-client