Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/1-nVBMclHTDps1NSLbwKMKR1iiTs.roa
File: 1-nVBMclHTDps1NSLbwKMKR1iiTs.roa (raw, json)
Hash identifier: 4AkcTj0fNGL65T6WanUrryLYpvk8ooyp6N8RAfw9n+c=
Subject key identifier: FA:75:41:31:C9:47:4C:3A:6C:D4:D4:8B:6F:02:8C:29:1D:62:89:3B
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0197AC64E440F94926B756D971050D517936
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/1-nVBMclHTDps1NSLbwKMKR1iiTs.roa
Signing time: Thu 26 Jun 2025 13:19:42 +0000
ROA not before: Thu 26 Jun 2025 13:19:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34927
IP address blocks: 212.116.228.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:64:e4:40:f9:49:26:b7:56:d9:71:05:0d:51:79:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Jun 26 13:19:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa754131c9474c3a6cd4d48b6f028c291d62893b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2e:46:71:9c:53:e7:e6:c5:1c:eb:2d:cc:02:
1c:b0:c8:22:9f:c0:ab:f2:7a:d5:2c:6e:5c:93:fd:
73:a2:1f:43:59:23:80:7c:16:f4:c9:d5:7b:21:e8:
2b:b2:52:f3:6f:98:86:4e:e1:63:b5:91:90:c8:ca:
25:04:3d:42:90:7f:fb:00:db:de:8e:29:16:3f:f8:
04:da:81:d1:56:68:cb:07:e1:09:15:a8:89:a0:68:
4a:ff:97:1b:20:31:92:77:27:d5:ed:31:60:53:91:
83:89:2a:b5:70:16:db:a1:dc:7a:f3:93:42:fc:92:
53:5c:e2:ed:65:c7:8d:2c:32:15:d9:60:64:f8:3e:
1e:a6:28:14:07:3a:db:88:b3:b5:3d:03:91:f2:68:
fa:2d:b0:e4:69:fd:67:42:d1:b9:fd:e9:d5:89:ec:
2b:a0:3b:19:7f:26:da:c7:3c:e2:31:db:1a:ee:09:
77:c1:82:87:c9:fa:ec:d0:5d:ab:9b:ee:e0:49:8e:
f5:e1:85:b7:76:45:d7:13:ba:26:1c:ba:3c:e8:d3:
cc:0c:c4:ab:a2:f7:49:f6:da:8c:f2:d5:d6:b7:3d:
76:5f:1f:97:e0:05:e9:e8:7d:3d:d3:7b:bb:17:15:
aa:a4:f5:fa:cf:d1:ce:cf:ae:15:a3:64:12:cb:cb:
18:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:75:41:31:C9:47:4C:3A:6C:D4:D4:8B:6F:02:8C:29:1D:62:89:3B
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/1-nVBMclHTDps1NSLbwKMKR1iiTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/23
Signature Algorithm: sha256WithRSAEncryption
35:46:f4:d3:90:05:4d:2f:d0:c5:8f:9b:d5:c4:eb:52:58:7f:
78:45:97:0e:dd:41:ad:be:af:77:8a:ec:72:04:c3:8d:8d:79:
95:b2:da:e9:dd:bd:d0:17:eb:49:3f:d8:39:79:48:3d:dd:5d:
a2:7e:87:a8:cb:0f:00:e0:bd:17:61:4a:aa:50:d7:b0:66:cb:
f3:74:ca:ce:d9:ec:76:88:93:23:0b:b2:29:01:e6:0f:35:c8:
63:34:d0:a2:17:3c:81:97:63:8d:f5:bb:1c:e8:91:f1:8a:b7:
53:e9:7b:37:f0:8c:26:24:f1:77:2f:61:e0:b7:92:c5:ec:77:
8a:90:dc:23:a4:9e:08:3c:92:fb:35:d1:5a:bf:41:25:00:15:
a5:8b:2b:b3:8d:c4:10:13:00:85:64:11:ba:13:2c:3d:24:4a:
70:61:cc:db:3d:5b:a3:b0:14:5e:fa:d6:70:81:c2:5e:ac:22:
94:dd:de:56:d3:8d:49:ce:68:89:ca:37:ba:25:32:7b:c4:da:
69:46:1b:a6:10:29:a8:24:c0:d2:7c:da:dd:02:2f:f7:1f:d0:
97:5a:1d:65:c7:06:93:e5:db:47:13:66:e0:f5:48:84:ac:47:
c1:1f:74:40:c9:a2:55:f9:e3:ff:7e:1d:18:ec:70:2d:b3:55:
0b:4a:62:26
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZesZORA+Ukmt1bZcQUNUXk2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwNjI2MTMxOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTc1NDEzMWM5NDc0YzNhNmNkNGQ0OGI2ZjAyOGMyOTFkNjI4OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS5GcZxT5+bFHOstzAIcsMgin8Cr
8nrVLG5ck/1zoh9DWSOAfBb0ydV7IegrslLzb5iGTuFjtZGQyMolBD1CkH/7ANve
jikWP/gE2oHRVmjLB+EJFaiJoGhK/5cbIDGSdyfV7TFgU5GDiSq1cBbbodx685NC
/JJTXOLtZceNLDIV2WBk+D4epigUBzrbiLO1PQOR8mj6LbDkaf1nQtG5/enViewr
oDsZfybaxzziMdsa7gl3wYKHyfrs0F2rm+7gSY714YW3dkXXE7omHLo86NPMDMSr
ovdJ9tqM8tXWtz12Xx+X4AXp6H0903u7FxWqpPX6z9HOz64Vo2QSy8sY5QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPp1QTHJR0w6bNTUi28CjCkdYok7MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvMS1uVkJNY2xIVERwczFOU0xid0tNS1IxaWlUcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvOTU0ZDMxLWY3NGMtNDY3Yi05MDEzLWUxMmIxNjQyMTVi
OS8xL093bU9SZTlMdGRHTnZJYkZvVFgxZnJ5LUFGMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdR05DAN
BgkqhkiG9w0BAQsFAAOCAQEANUb005AFTS/QxY+b1cTrUlh/eEWXDt1Brb6vd4rs
cgTDjY15lbLa6d290BfrST/YOXlIPd1don6HqMsPAOC9F2FKqlDXsGbL83TKztns
doiTIwuyKQHmDzXIYzTQohc8gZdjjfW7HOiR8Yq3U+l7N/CMJiTxdy9h4LeSxex3
ipDcI6SeCDyS+zXRWr9BJQAVpYsrs43EEBMAhWQRuhMsPSRKcGHM2z1bo7AUXvrW
cIHCXqwilN3eVtONSc5oico3uiUye8TaaUYbphApqCTA0nza3QIv9x/Ql1odZccG
k+XbRxNm4PVIhKxHwR90QMmiVfnj/34dGOxwLbNVC0piJg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 22:36:51 2025 by rpki-client