Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2P2uTpkvl3VGGSukB7xZDZ4FgNY.roa
File: 2P2uTpkvl3VGGSukB7xZDZ4FgNY.roa (raw, json)
Hash identifier: VRAizC+jBHA5Hu6QFIKf2a26vU2bi91/F8nkNo6HyF4=
Subject key identifier: D8:FD:AE:4E:99:2F:97:75:46:19:2B:A4:07:BC:59:0D:9E:05:80:D6
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0197A085D5BFCDB04419E17E5E4E4D9FB435
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2P2uTpkvl3VGGSukB7xZDZ4FgNY.roa
Signing time: Tue 24 Jun 2025 06:00:14 +0000
ROA not before: Tue 24 Jun 2025 06:00:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.136.37.0/24 maxlen: 24
194.31.165.0/24 maxlen: 24
194.31.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:85:d5:bf:cd:b0:44:19:e1:7e:5e:4e:4d:9f:b4:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Jun 24 06:00:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8fdae4e992f977546192ba407bc590d9e0580d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:54:7a:e2:ca:11:a3:eb:70:9d:86:9b:b4:ff:
20:ee:e6:f8:f2:04:94:b2:05:21:02:f2:e3:24:34:
05:bc:3a:5d:98:aa:c0:fc:e6:c7:ae:ff:16:7d:04:
ce:22:3f:bc:de:dd:b6:6d:ea:af:ad:ed:f0:1f:59:
6f:db:fc:62:e3:78:ab:33:72:2a:81:22:a0:5f:95:
b9:67:ac:f2:f7:12:90:d0:7e:64:04:bf:a1:1f:9f:
a6:ea:e1:c5:05:82:d5:17:86:a9:86:d7:7a:70:d1:
c3:92:89:d5:9f:ab:71:b4:52:72:d3:12:dd:b4:38:
0e:5c:6d:9f:61:25:b5:2f:1d:2e:ad:2d:ee:ee:0b:
c4:46:dc:8b:43:49:10:9b:4d:5f:38:c5:ab:72:cb:
a9:f6:68:90:1a:0d:16:03:10:23:10:0b:22:a6:ae:
9e:99:0e:60:90:df:df:3d:72:24:f3:24:d4:b4:89:
0e:c0:2a:54:26:de:93:5b:36:f3:ff:d8:ad:79:4e:
6f:bc:11:47:53:ac:ff:2a:1c:70:cc:b4:2d:2c:6f:
65:5c:94:95:5f:ef:9c:bd:3b:f2:07:0b:82:90:d8:
fd:bb:77:fb:f7:1c:41:b6:02:5b:77:f7:84:f6:8a:
65:4b:cb:80:cb:ab:43:70:13:6b:0e:93:56:11:50:
88:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FD:AE:4E:99:2F:97:75:46:19:2B:A4:07:BC:59:0D:9E:05:80:D6
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/2P2uTpkvl3VGGSukB7xZDZ4FgNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0/24
194.31.165.0/24
194.31.167.0/24
Signature Algorithm: sha256WithRSAEncryption
71:69:23:e7:1d:26:3e:be:8c:58:aa:76:c1:3c:d8:a6:fd:73:
85:74:a3:b0:69:a8:c2:4e:21:55:1b:00:5a:f0:cc:3d:44:96:
3d:c0:ed:41:68:bc:2f:aa:c4:68:a0:03:0d:5c:91:a7:b6:22:
fb:61:a6:02:43:78:98:fc:82:d3:11:f8:64:11:d2:3c:1c:58:
44:1d:14:f3:88:70:22:90:bc:25:b8:b9:c1:55:10:03:32:98:
86:a8:0d:75:ac:9b:10:fb:d0:a4:d4:94:4a:bd:4b:a1:ce:3b:
a1:e4:0c:f6:8d:49:93:cc:e5:e8:4c:40:7c:7c:0d:f9:23:e4:
9e:2e:2d:bc:43:43:45:9b:ab:c8:86:7d:d1:74:97:f4:e9:ea:
3e:81:9f:a5:d7:8a:bb:07:d8:be:e8:2d:34:fb:02:be:2a:6d:
20:42:0c:e6:6e:3b:ed:58:4c:32:32:64:84:aa:03:ee:ac:b1:
cf:f1:92:0c:aa:2e:5e:93:d0:c0:2b:42:f4:3e:a9:e9:de:ae:
74:3d:00:af:f1:11:6f:82:89:a9:cd:50:d6:ae:4e:a7:8f:45:
b0:5e:bc:55:81:a3:60:ef:a1:b6:0c:b9:58:06:75:51:66:17:
d8:a2:42:24:af:56:87:73:02:b9:16:43:4f:b7:61:c4:5c:63:
54:a9:ea:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeghdW/zbBEGeF+Xk5Nn7Q1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNjI0MDYwMDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGZkYWU0ZTk5MmY5Nzc1NDYxOTJiYTQwN2JjNTkwZDllMDU4MGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlR64soRo+twnYabtP8g7ub48gSU
sgUhAvLjJDQFvDpdmKrA/ObHrv8WfQTOIj+83t22beqvre3wH1lv2/xi43irM3Iq
gSKgX5W5Z6zy9xKQ0H5kBL+hH5+m6uHFBYLVF4aphtd6cNHDkonVn6txtFJy0xLd
tDgOXG2fYSW1Lx0urS3u7gvERtyLQ0kQm01fOMWrcsup9miQGg0WAxAjEAsipq6e
mQ5gkN/fPXIk8yTUtIkOwCpUJt6TWzbz/9iteU5vvBFHU6z/KhxwzLQtLG9lXJSV
X++cvTvyBwuCkNj9u3f79xxBtgJbd/eE9oplS8uAy6tDcBNrDpNWEVCI8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNj9rk6ZL5d1RhkrpAe8WQ2eBYDWMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvMlAydVRwa3ZsM1ZHR1N1a0I3eFpEWjRGZ05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYglAwQA
wh+lAwQAwh+nMA0GCSqGSIb3DQEBCwUAA4IBAQBxaSPnHSY+voxYqnbBPNim/XOF
dKOwaajCTiFVGwBa8Mw9RJY9wO1BaLwvqsRooAMNXJGntiL7YaYCQ3iY/ILTEfhk
EdI8HFhEHRTziHAikLwluLnBVRADMpiGqA11rJsQ+9Ck1JRKvUuhzjuh5Az2jUmT
zOXoTEB8fA35I+SeLi28Q0NFm6vIhn3RdJf06eo+gZ+l14q7B9i+6C00+wK+Km0g
QgzmbjvtWEwyMmSEqgPurLHP8ZIMqi5ek9DAK0L0Pqnp3q50PQCv8RFvgompzVDW
rk6nj0WwXrxVgaNg76G2DLlYBnVRZhfYokIkr1aHcwK5FkNPt2HEXGNUqep1
-----END CERTIFICATE-----
Generated at Wed Jul 2 20:19:14 2025 by rpki-client