Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/dbau0xstNC0a9Fpwh6CWAAAnHyM.roa
File: dbau0xstNC0a9Fpwh6CWAAAnHyM.roa (raw, json)
Hash identifier: e/zjCnrdCYGxw6Ltb9IbAiAiIi8CP9A+KZqcWKp2hGc=
Subject key identifier: 75:B6:AE:D3:1B:2D:34:2D:1A:F4:5A:70:87:A0:96:00:00:27:1F:23
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019D9EA1DB5749A32188C3024772FC37AF1E
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/dbau0xstNC0a9Fpwh6CWAAAnHyM.roa
Signing time: Sat 18 Apr 2026 03:28:20 +0000
ROA not before: Sat 18 Apr 2026 03:28:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.116.228.0/23 maxlen: 23
212.116.228.0/24 maxlen: 24
212.116.229.0/24 maxlen: 24
212.116.237.0/24 maxlen: 24
212.116.238.0/23 maxlen: 24
212.116.238.0/24 maxlen: 24
212.116.243.0/24 maxlen: 24
212.116.245.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9e:a1:db:57:49:a3:21:88:c3:02:47:72:fc:37:af:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Apr 18 03:28:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=75b6aed31b2d342d1af45a7087a0960000271f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:85:05:93:34:5b:29:0d:b3:f6:a0:ac:9d:f3:
27:7e:12:ba:f5:a4:65:95:ae:35:e4:10:b3:ef:6c:
19:cf:a2:58:f0:11:63:0c:44:6c:f2:23:e9:dc:a4:
77:24:d6:05:ef:b6:9e:0a:e1:9b:dc:71:e3:45:80:
dd:26:5d:6a:b9:9f:eb:3f:af:bc:4a:59:6a:0c:09:
fb:81:e8:ad:b6:82:18:1a:39:cd:49:e7:78:37:c3:
dc:9b:3d:a8:82:02:69:37:d5:7f:6d:ba:75:ef:de:
88:68:71:34:46:14:c0:2f:e5:7b:97:b4:ad:ef:3e:
b1:4c:9a:50:54:18:52:af:36:47:35:09:d7:50:e1:
81:60:4c:6f:9e:25:b2:c3:56:1e:d5:30:52:6b:57:
f5:b4:bf:f0:4f:07:85:1d:b1:c7:85:f7:86:a9:5c:
28:dd:c0:e2:1f:27:65:1e:83:4c:67:df:a2:0c:e4:
87:13:ec:3e:7b:e7:a1:8d:d1:3b:80:0b:26:2f:88:
41:df:bf:5d:ca:b3:08:4f:34:6a:f2:df:17:a6:5d:
81:2e:ef:24:60:16:56:f5:64:c4:e6:13:3f:18:c9:
ce:61:80:ef:41:3c:69:37:83:09:e1:99:2b:c4:7f:
9b:37:df:90:f9:35:83:1b:b2:90:6a:ba:37:ab:d3:
a7:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B6:AE:D3:1B:2D:34:2D:1A:F4:5A:70:87:A0:96:00:00:27:1F:23
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/dbau0xstNC0a9Fpwh6CWAAAnHyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/23
212.116.237.0-212.116.239.255
212.116.243.0/24
212.116.245.0-212.116.246.255
Signature Algorithm: sha256WithRSAEncryption
56:03:b5:7d:c3:0f:50:ae:e4:3e:7e:60:eb:ea:3f:13:6d:62:
49:ee:14:1f:fe:73:72:7b:cc:3f:ad:72:f9:03:09:25:55:37:
6f:a7:bc:9d:69:68:93:00:e4:2b:80:10:c9:9e:c1:bf:e4:1f:
92:02:73:e0:0c:28:55:fb:67:f4:ad:79:af:2b:c4:73:60:5f:
c7:7a:5d:39:53:97:4a:ae:d1:42:23:c1:eb:ae:55:09:ec:dd:
2d:61:e2:de:92:e4:ec:e2:da:08:53:12:64:b5:ca:87:a3:92:
c5:e5:ca:57:c2:13:b3:61:2f:85:1f:97:b8:04:e3:75:27:97:
cf:4b:c5:1f:06:ea:26:ab:37:cc:ad:7e:d9:1d:94:d4:5b:af:
a5:5e:7b:60:90:4e:38:9f:ba:b7:cb:3b:45:80:46:7c:34:8a:
cb:9c:ef:60:66:5a:3f:e1:da:f8:2e:1c:22:7e:6b:d0:2c:01:
bf:02:06:cb:28:39:33:82:ed:16:47:d1:8a:15:89:f0:58:62:
4f:3a:14:ee:33:07:a8:94:a3:5b:88:2e:de:c8:9d:6c:c7:08:
22:c7:50:c3:89:64:1f:6b:2e:54:97:a8:3f:6a:bc:f5:bd:2a:
4a:89:54:cc:66:18:98:3b:ed:f9:b2:95:3a:52:df:6e:57:b7:
d7:bc:e5:2e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ2eodtXSaMhiMMCR3L8N68eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjYwNDE4MDMyODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI2YWVkMzFiMmQzNDJkMWFmNDVhNzA4N2EwOTYwMDAwMjcxZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYUFkzRbKQ2z9qCsnfMnfhK69aRl
la415BCz72wZz6JY8BFjDERs8iPp3KR3JNYF77aeCuGb3HHjRYDdJl1quZ/rP6+8
SllqDAn7geittoIYGjnNSed4N8Pcmz2oggJpN9V/bbp1796IaHE0RhTAL+V7l7St
7z6xTJpQVBhSrzZHNQnXUOGBYExvniWyw1Ye1TBSa1f1tL/wTweFHbHHhfeGqVwo
3cDiHydlHoNMZ9+iDOSHE+w+e+ehjdE7gAsmL4hB379dyrMITzRq8t8Xpl2BLu8k
YBZW9WTE5hM/GMnOYYDvQTxpN4MJ4ZkrxH+bN9+Q+TWDG7KQaro3q9OnmwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHW2rtMbLTQtGvRacIeglgAAJx8jMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvZGJhdTB4c3ROQzBhOUZwd2g2Q1dBQUFuSHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQB1HTkMAwD
BADUdO0DBATUdOADBADUdPMwDAMEANR09QMEANR09jANBgkqhkiG9w0BAQsFAAOC
AQEAVgO1fcMPUK7kPn5g6+o/E21iSe4UH/5zcnvMP61y+QMJJVU3b6e8nWlokwDk
K4AQyZ7Bv+QfkgJz4AwoVftn9K15ryvEc2Bfx3pdOVOXSq7RQiPB665VCezdLWHi
3pLk7OLaCFMSZLXKh6OSxeXKV8ITs2EvhR+XuATjdSeXz0vFHwbqJqs3zK1+2R2U
1FuvpV57YJBOOJ+6t8s7RYBGfDSKy5zvYGZaP+Ha+C4cIn5r0CwBvwIGyyg5M4Lt
FkfRihWJ8FhiTzoU7jMHqJSjW4gu3sidbMcIIsdQw4lkH2suVJeoP2q89b0qSolU
zGYYmDvt+bKVOlLfble317zlLg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:55:35 2026 by rpki-client