Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cYE1v-xQBG1FEu-HVJAwt6LuZvw.roa
File: cYE1v-xQBG1FEu-HVJAwt6LuZvw.roa (raw, json)
Hash identifier: ++DJMB3dVyeXV7GbT4TawNPLC7+cgzNLx9nq2fJcerU=
Subject key identifier: 71:81:35:BF:EC:50:04:6D:45:12:EF:87:54:90:30:B7:A2:EE:66:FC
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019A56016580D13E7DEAB169AB0B17CF681B
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cYE1v-xQBG1FEu-HVJAwt6LuZvw.roa
Signing time: Wed 05 Nov 2025 21:52:03 +0000
ROA not before: Wed 05 Nov 2025 21:52:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.116.228.0/22 maxlen: 24
212.116.229.0/24 maxlen: 24
212.116.238.0/23 maxlen: 24
212.116.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:56:01:65:80:d1:3e:7d:ea:b1:69:ab:0b:17:cf:68:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Nov 5 21:52:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=718135bfec50046d4512ef87549030b7a2ee66fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:32:b7:c2:82:51:c4:92:0d:83:64:ad:a1:bd:
97:5f:7f:58:6c:fe:8c:f0:1e:9b:94:04:b0:7c:21:
41:13:06:67:e8:59:16:15:e3:99:77:6e:dd:fc:4a:
69:e1:be:d5:e6:d0:36:ac:0f:5e:80:c0:8b:6c:3d:
8f:db:42:47:47:e9:26:e4:5b:7b:fe:8e:08:c3:9b:
50:3a:84:34:f8:08:e8:e5:49:d3:cf:81:80:e2:d8:
6b:ae:d1:ce:e0:08:43:0e:2e:b0:6d:d7:0d:32:cc:
3d:75:1a:30:56:fc:17:59:a4:8a:6d:4e:b6:46:9f:
5e:a2:28:74:56:3d:c1:99:e7:c9:89:cd:2c:ee:b2:
f1:73:63:7f:7f:6f:65:b2:7e:94:f8:6a:b3:08:11:
6e:1d:fa:ce:9d:67:f2:91:99:5a:28:98:65:1a:32:
28:e1:91:69:69:6f:13:55:d6:9c:56:e8:2a:b8:64:
5f:21:b0:be:2f:08:ab:6e:38:c4:a5:be:c0:3d:7f:
ea:4c:70:c3:e0:85:03:42:f3:5e:34:04:e8:ea:26:
d5:b6:f3:75:fe:d8:8c:ac:4a:c6:b0:b4:d3:58:37:
74:bc:b9:c4:26:2b:96:cb:6f:6c:64:da:59:a5:1b:
a3:e7:4f:5f:eb:85:09:5e:84:5a:d7:d8:07:83:5c:
d2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:81:35:BF:EC:50:04:6D:45:12:EF:87:54:90:30:B7:A2:EE:66:FC
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/cYE1v-xQBG1FEu-HVJAwt6LuZvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/22
212.116.238.0/23
212.116.243.0/24
Signature Algorithm: sha256WithRSAEncryption
32:06:8f:c7:8f:bf:74:5a:52:19:4e:fe:b3:17:63:1b:14:5a:
59:74:f7:95:14:ba:4a:80:1a:b5:f6:d5:65:a6:48:88:ac:0d:
62:74:f6:a6:83:05:ef:f5:7c:f3:d4:53:19:97:22:27:19:8c:
22:c9:ff:63:59:00:c3:d5:df:1d:8f:96:d4:73:ba:c2:40:c6:
54:30:0e:93:80:df:cc:05:50:38:d0:fb:08:cd:70:f7:a9:eb:
e6:9c:aa:56:a5:59:b7:7d:43:dc:af:d5:f6:32:78:75:a8:07:
b6:b6:42:60:f6:4b:99:93:b5:b2:da:dd:2a:ef:50:18:cc:ef:
98:66:92:02:9f:a1:89:67:d8:92:d4:8e:75:93:03:6a:cb:9a:
c2:a5:ba:c2:69:95:98:05:fd:dd:ce:eb:eb:c3:c7:2d:91:2b:
c5:3e:98:e5:ce:7d:44:bc:a6:2a:fb:bd:01:4e:bf:c1:6e:d6:
ea:7f:69:a7:d6:4b:15:db:ce:b1:a9:5e:af:e0:bc:13:23:d8:
86:01:90:82:de:e0:d6:a7:5a:0b:58:91:38:dd:3d:8c:b5:e8:
21:1e:54:6e:1c:3f:8e:fe:87:2a:d8:c6:1e:ac:df:31:3b:89:
c8:01:7c:98:65:f1:79:64:7f:cc:d3:99:6c:ec:e2:db:6e:2d:
c1:38:a5:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZpWAWWA0T596rFpqwsXz2gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUxMTA1MjE1MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTgxMzViZmVjNTAwNDZkNDUxMmVmODc1NDkwMzBiN2EyZWU2NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTK3woJRxJINg2Stob2XX39YbP6M
8B6blASwfCFBEwZn6FkWFeOZd27d/Epp4b7V5tA2rA9egMCLbD2P20JHR+km5Ft7
/o4Iw5tQOoQ0+Ajo5UnTz4GA4thrrtHO4AhDDi6wbdcNMsw9dRowVvwXWaSKbU62
Rp9eoih0Vj3BmefJic0s7rLxc2N/f29lsn6U+GqzCBFuHfrOnWfykZlaKJhlGjIo
4ZFpaW8TVdacVugquGRfIbC+LwirbjjEpb7APX/qTHDD4IUDQvNeNATo6ibVtvN1
/tiMrErGsLTTWDd0vLnEJiuWy29sZNpZpRuj509f64UJXoRa19gHg1zSUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHGBNb/sUARtRRLvh1SQMLei7mb8MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvY1lFMXYteFFCRzFGRXUtSFZKQXd0Nkx1WnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQC1HTkAwQB
1HTuAwQA1HTzMA0GCSqGSIb3DQEBCwUAA4IBAQAyBo/Hj790WlIZTv6zF2MbFFpZ
dPeVFLpKgBq19tVlpkiIrA1idPamgwXv9Xzz1FMZlyInGYwiyf9jWQDD1d8dj5bU
c7rCQMZUMA6TgN/MBVA40PsIzXD3qevmnKpWpVm3fUPcr9X2Mnh1qAe2tkJg9kuZ
k7Wy2t0q71AYzO+YZpICn6GJZ9iS1I51kwNqy5rCpbrCaZWYBf3dzuvrw8ctkSvF
Ppjlzn1EvKYq+70BTr/Bbtbqf2mn1ksV286xqV6v4LwTI9iGAZCC3uDWp1oLWJE4
3T2MteghHlRuHD+O/ocq2MYerN8xO4nIAXyYZfF5ZH/M05ls7OLbbi3BOKU9
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:41 2025 by rpki-client