Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/KXfP7XKNaMn2JhuLJT9dpckmiyA.roa
File: KXfP7XKNaMn2JhuLJT9dpckmiyA.roa (raw, json)
Hash identifier: GS9b0UNjXL4SmRFzEHGDNFVlOx4BK3qOMQxT+UosqWQ=
Subject key identifier: 29:77:CF:ED:72:8D:68:C9:F6:26:1B:8B:25:3F:5D:A5:C9:26:8B:20
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 0198AD22F03E44E8371E0CA5476246AC3163
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/KXfP7XKNaMn2JhuLJT9dpckmiyA.roa
Signing time: Fri 15 Aug 2025 09:50:04 +0000
ROA not before: Fri 15 Aug 2025 09:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216138
IP address blocks: 45.136.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:22:f0:3e:44:e8:37:1e:0c:a5:47:62:46:ac:31:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Aug 15 09:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2977cfed728d68c9f6261b8b253f5da5c9268b20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b6:b9:04:76:ad:7d:b4:12:7c:cb:6c:56:19:
d5:e0:3f:bf:6f:92:56:e6:10:1f:d6:b4:f4:3e:17:
cd:17:d1:38:0f:f8:30:93:f3:3b:c5:0a:5c:0a:41:
9e:cf:2a:38:2c:c2:e4:ab:e2:e0:a3:21:05:c9:f9:
0d:a2:64:2f:02:23:58:04:e8:ed:6d:16:9b:9e:32:
9d:a8:34:eb:b9:ba:9d:21:ce:00:71:d2:7a:db:80:
4b:9e:6f:a6:c9:4d:70:04:22:b4:bb:a3:69:2b:ab:
36:77:b1:0c:da:af:ac:7e:f6:69:1a:5a:df:b8:6f:
b4:5e:bb:fd:e9:1c:a9:1d:5b:55:fa:0d:17:a0:66:
17:a4:65:7c:1d:ac:8c:cd:72:e2:94:79:b3:9e:21:
14:07:19:ce:41:c1:64:22:01:f0:10:5e:48:3d:b9:
27:55:52:f3:8f:75:92:06:ad:0b:bc:c2:52:7b:2d:
34:d1:6e:f9:cf:ae:1b:0b:a8:9b:06:25:73:70:9f:
e7:4f:f9:ab:58:9d:13:48:b0:5c:3f:43:5e:16:a4:
00:76:cf:24:27:9e:eb:1e:8b:4d:ef:6f:9b:2b:37:
4c:57:0d:9a:7b:e6:d2:04:5f:2b:ea:31:b8:5e:cf:
4d:50:83:dc:64:d8:ce:9c:c3:7c:a4:9c:19:d7:7b:
86:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:77:CF:ED:72:8D:68:C9:F6:26:1B:8B:25:3F:5D:A5:C9:26:8B:20
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/KXfP7XKNaMn2JhuLJT9dpckmiyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.37.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:67:02:b4:1d:d7:68:86:67:c6:7c:6e:4f:4e:9c:44:c0:89:
ac:ca:a8:6a:71:cc:b0:1d:35:c7:e5:07:d2:d8:11:2d:99:8e:
15:e8:50:3d:e5:06:2d:81:90:93:f7:26:90:54:29:b9:b2:28:
7c:99:0d:72:0c:5a:46:6d:fc:60:01:5a:ce:ee:23:a4:30:40:
75:a1:a2:f0:f9:f6:53:08:6c:a3:6b:9b:5b:aa:a0:74:bd:be:
9a:5f:0d:4b:69:a2:c3:6e:bb:af:12:aa:10:5f:34:e1:c9:86:
1c:22:b7:c0:c6:e5:f2:10:6c:53:92:0e:fa:f0:0a:8c:b5:67:
52:2b:10:1b:08:e3:92:43:e8:07:07:d8:13:af:84:98:c3:98:
53:43:2e:c9:e5:e1:2a:47:1c:a3:06:07:59:cf:b2:91:49:2b:
ba:4d:6f:aa:71:ce:99:fe:39:2c:24:c6:4d:cf:4e:ea:c6:49:
04:18:90:27:32:6d:a1:44:b4:00:d0:26:43:65:08:72:ad:67:
96:c7:1d:23:d2:3e:bd:04:ee:52:d8:5c:ba:e5:9f:0c:fb:cd:
52:8d:34:94:af:c2:ae:32:c5:7d:f7:80:a9:7f:80:0e:17:fe:
1e:78:61:a7:82:0f:f8:da:6c:e8:5b:93:8f:00:df:90:c5:44:
f3:87:45:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZitIvA+ROg3HgylR2JGrDFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwODE1MDk1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTc3Y2ZlZDcyOGQ2OGM5ZjYyNjFiOGIyNTNmNWRhNWM5MjY4YjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7a5BHatfbQSfMtsVhnV4D+/b5JW
5hAf1rT0PhfNF9E4D/gwk/M7xQpcCkGezyo4LMLkq+LgoyEFyfkNomQvAiNYBOjt
bRabnjKdqDTrubqdIc4AcdJ624BLnm+myU1wBCK0u6NpK6s2d7EM2q+sfvZpGlrf
uG+0Xrv96RypHVtV+g0XoGYXpGV8HayMzXLilHmzniEUBxnOQcFkIgHwEF5IPbkn
VVLzj3WSBq0LvMJSey000W75z64bC6ibBiVzcJ/nT/mrWJ0TSLBcP0NeFqQAds8k
J57rHotN72+bKzdMVw2ae+bSBF8r6jG4Xs9NUIPcZNjOnMN8pJwZ13uG3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCl3z+1yjWjJ9iYbiyU/XaXJJosgMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvS1hmUDdYS05hTW4ySmh1TEpUOWRwY2ttaXlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYglMA0G
CSqGSIb3DQEBCwUAA4IBAQBLZwK0HddohmfGfG5PTpxEwImsyqhqccywHTXH5QfS
2BEtmY4V6FA95QYtgZCT9yaQVCm5sih8mQ1yDFpGbfxgAVrO7iOkMEB1oaLw+fZT
CGyja5tbqqB0vb6aXw1LaaLDbruvEqoQXzThyYYcIrfAxuXyEGxTkg768AqMtWdS
KxAbCOOSQ+gHB9gTr4SYw5hTQy7J5eEqRxyjBgdZz7KRSSu6TW+qcc6Z/jksJMZN
z07qxkkEGJAnMm2hRLQA0CZDZQhyrWeWxx0j0j69BO5S2Fy65Z8M+81SjTSUr8Ku
MsV994Cpf4AOF/4eeGGngg/42mzoW5OPAN+QxUTzh0U7
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:17:30 2025 by rpki-client