Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/X2zPXDZDw062_b_HvXSPFiahZHE.roa
File: X2zPXDZDw062_b_HvXSPFiahZHE.roa (raw, json)
Hash identifier: HHiPpVTX6x6BIWaFkT1eYQ6ttHeAln3bmKcpARZzNPU=
Subject key identifier: 5F:6C:CF:5C:36:43:C3:4E:B6:FD:BF:C7:BD:74:8F:16:26:A1:64:71
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0198B760161AA48F41C3046C1A4D8EFBE966
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/X2zPXDZDw062_b_HvXSPFiahZHE.roa
Signing time: Sun 17 Aug 2025 09:33:04 +0000
ROA not before: Sun 17 Aug 2025 09:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 23532
IP address blocks: 45.136.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:60:16:1a:a4:8f:41:c3:04:6c:1a:4d:8e:fb:e9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Aug 17 09:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f6ccf5c3643c34eb6fdbfc7bd748f1626a16471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:d2:07:bf:16:ef:25:e3:5d:4d:0d:4a:b8:b4:
d5:7a:50:39:cd:c6:3d:d4:a2:32:b8:9b:bb:9c:61:
cb:bb:45:87:0a:0d:a3:7e:ac:81:a5:8e:21:db:e3:
18:ba:08:8c:80:72:04:e5:98:7d:5a:3e:2e:40:81:
2e:a6:21:48:5d:88:e0:4f:52:b0:21:66:05:74:04:
a4:10:22:f7:1b:35:7b:d5:ff:7d:88:d3:89:93:1e:
32:fd:27:e3:d7:38:40:58:5d:47:ca:2a:12:41:00:
6c:24:47:33:47:7e:d9:67:22:cb:73:2a:2f:50:6e:
f5:76:dc:f2:d6:f7:ad:4d:05:66:a1:3f:3b:22:4f:
17:10:7a:e8:31:9b:f4:f0:13:8b:3b:86:02:51:a6:
af:9f:fc:94:aa:0c:4a:0a:c2:c0:33:29:66:4f:d9:
54:e1:40:a1:db:fc:bf:13:b8:0f:85:bb:de:cc:9d:
2f:d7:66:72:6a:6c:2f:f9:bb:88:10:96:ac:ae:b8:
66:43:9f:2e:5c:b9:19:25:3b:4a:49:2b:ea:ad:34:
19:0b:7c:66:0a:7e:ac:77:bf:6e:79:48:50:3e:c1:
c3:7b:9b:7b:8d:32:e5:0c:30:38:5a:f5:ac:8b:12:
94:e0:33:86:da:db:ef:3a:90:69:ee:15:2b:01:97:
73:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:6C:CF:5C:36:43:C3:4E:B6:FD:BF:C7:BD:74:8F:16:26:A1:64:71
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/X2zPXDZDw062_b_HvXSPFiahZHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:eb:83:d7:cd:2d:10:e1:72:ae:28:0d:24:82:2c:ad:a6:d1:
c4:e9:12:8e:24:df:7e:df:10:38:1a:4b:eb:d3:5e:bb:24:f5:
27:72:77:25:f2:65:17:39:2a:39:58:b5:b5:9f:6a:d4:17:3a:
4f:b9:06:84:83:ef:47:c6:48:83:f4:0b:c2:04:1c:da:f9:6a:
25:83:55:bd:51:16:cd:c6:3c:1f:f9:7a:dc:9a:c3:27:e4:e1:
f3:be:db:f2:80:fd:87:a6:62:1d:db:41:3e:10:44:2a:d7:67:
d1:35:2c:74:93:47:28:4c:b2:2b:56:a7:ce:9f:cc:0e:d8:62:
6e:ba:5a:27:f2:29:ca:4f:52:fc:24:3f:93:b8:ef:6a:f8:fa:
73:18:d4:83:a1:41:07:c7:6e:27:17:17:5b:59:79:46:30:1c:
fe:8d:48:e4:f2:db:28:bb:8b:c0:64:41:ef:b0:77:0e:6c:ca:
6f:97:4c:b2:b1:1e:e9:37:5d:8f:33:95:3b:59:71:60:64:0c:
ca:ad:04:70:71:2c:d4:ff:4c:b5:33:4f:69:9e:01:35:06:7e:
ee:51:a5:2f:f1:e4:2b:cc:8f:07:43:4f:95:83:f7:1e:8d:28:
f1:31:fb:1f:b0:60:34:77:62:d4:9e:41:74:c9:79:1a:3f:a4:
69:30:8f:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZi3YBYapI9BwwRsGk2O++lmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwODE3MDkzMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjZjY2Y1YzM2NDNjMzRlYjZmZGJmYzdiZDc0OGYxNjI2YTE2NDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9IHvxbvJeNdTQ1KuLTVelA5zcY9
1KIyuJu7nGHLu0WHCg2jfqyBpY4h2+MYugiMgHIE5Zh9Wj4uQIEupiFIXYjgT1Kw
IWYFdASkECL3GzV71f99iNOJkx4y/Sfj1zhAWF1HyioSQQBsJEczR37ZZyLLcyov
UG71dtzy1vetTQVmoT87Ik8XEHroMZv08BOLO4YCUaavn/yUqgxKCsLAMylmT9lU
4UCh2/y/E7gPhbvezJ0v12Zyamwv+buIEJasrrhmQ58uXLkZJTtKSSvqrTQZC3xm
Cn6sd79ueUhQPsHDe5t7jTLlDDA4WvWsixKU4DOG2tvvOpBp7hUrAZdzgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF9sz1w2Q8NOtv2/x710jxYmoWRxMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvWDJ6UFhEWkR3MDYyX2JfSHZYU1BGaWFoWkhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYglMA0G
CSqGSIb3DQEBCwUAA4IBAQC364PXzS0Q4XKuKA0kgiytptHE6RKOJN9+3xA4Gkvr
0167JPUncncl8mUXOSo5WLW1n2rUFzpPuQaEg+9HxkiD9AvCBBza+Wolg1W9URbN
xjwf+XrcmsMn5OHzvtvygP2HpmId20E+EEQq12fRNSx0k0coTLIrVqfOn8wO2GJu
ulon8inKT1L8JD+TuO9q+PpzGNSDoUEHx24nFxdbWXlGMBz+jUjk8tsou4vAZEHv
sHcObMpvl0yysR7pN12PM5U7WXFgZAzKrQRwcSzU/0y1M09pngE1Bn7uUaUv8eQr
zI8HQ0+Vg/cejSjxMfsfsGA0d2LUnkF0yXkaP6RpMI+m
-----END CERTIFICATE-----
Generated at Thu Aug 21 05:44:22 2025 by rpki-client