Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Sa2A7xExTELpPMSIQECLbOLbVbY.roa
File: Sa2A7xExTELpPMSIQECLbOLbVbY.roa (raw, json)
Hash identifier: lUb2znphtJClDLO7Y7A5OYR7OMkhnaQN6ugZEy2cIuI=
Subject key identifier: 49:AD:80:EF:11:31:4C:42:E9:3C:C4:88:40:40:8B:6C:E2:DB:55:B6
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 0198B464890D59375B54CD9134D505FF91D0
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Sa2A7xExTELpPMSIQECLbOLbVbY.roa
Signing time: Sat 16 Aug 2025 19:39:04 +0000
ROA not before: Sat 16 Aug 2025 19:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.116.227.0/24 maxlen: 24
212.116.228.0/22 maxlen: 24
212.116.229.0/24 maxlen: 24
212.116.238.0/23 maxlen: 24
212.116.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b4:64:89:0d:59:37:5b:54:cd:91:34:d5:05:ff:91:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Aug 16 19:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49ad80ef11314c42e93cc48840408b6ce2db55b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f0:79:f4:26:cb:fc:c4:c2:45:3c:f4:87:52:
45:5f:43:b1:d9:74:9c:ce:5b:8e:bc:fa:46:92:fd:
09:48:f1:47:ae:63:2b:bd:22:e3:62:cb:66:66:85:
c2:6b:1b:7f:b6:a5:0d:73:d2:e9:a0:36:f1:e8:e9:
b1:bb:df:54:d7:59:55:9b:64:07:eb:28:83:94:a8:
5d:a4:8a:4a:98:00:ad:7c:fc:d6:e3:b6:a4:06:88:
57:12:73:f6:39:d4:95:b6:6a:c2:08:66:b8:f8:17:
63:66:22:b4:1d:42:79:9d:1a:54:61:82:77:25:d9:
df:cc:62:c6:3b:e1:c6:88:e0:8f:91:e5:c6:a8:e0:
51:93:19:6b:09:15:f3:1f:ff:80:5f:c6:d1:61:83:
48:4f:7b:0e:fa:b8:1b:ac:e8:2b:78:a0:4d:59:bd:
53:45:57:bf:27:94:75:2e:ee:f7:9b:56:6a:ad:3d:
ab:47:aa:dd:6a:98:06:40:dc:1d:50:74:f9:f2:16:
94:85:8b:5a:01:f3:36:83:66:bb:90:c7:a0:38:44:
6f:04:83:dd:8c:23:74:b8:64:77:ec:ea:33:52:62:
4b:76:ab:5d:49:6d:90:2d:b5:75:bd:d9:4f:26:eb:
ed:26:be:4e:a8:b4:1b:ef:7d:28:11:30:51:40:c0:
94:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AD:80:EF:11:31:4C:42:E9:3C:C4:88:40:40:8B:6C:E2:DB:55:B6
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/Sa2A7xExTELpPMSIQECLbOLbVbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.227.0-212.116.231.255
212.116.238.0/23
212.116.244.0/24
Signature Algorithm: sha256WithRSAEncryption
23:02:2f:7b:fc:d7:78:a0:07:cd:cd:86:37:a2:0c:7e:04:61:
2d:a4:94:0c:b5:19:57:82:0d:2f:47:19:63:ed:3a:f0:46:71:
23:ad:70:89:6d:11:d4:c8:92:19:77:e8:3c:3d:42:41:7f:dd:
10:08:1f:ff:9d:27:56:f7:92:35:07:9e:46:d2:e1:84:66:28:
00:22:b5:0c:ce:1c:90:aa:0b:0a:0d:22:2f:a4:27:78:19:f8:
5e:f0:fc:16:92:1a:c3:a5:53:42:4b:f4:c9:6a:f8:a2:f6:ca:
1e:d0:f9:0c:87:cf:f4:56:fc:a2:46:0c:31:61:3f:85:23:65:
eb:14:c8:94:aa:d6:68:3f:50:e1:21:86:ca:6e:17:ba:28:fb:
d2:e0:1e:d5:2a:f6:3c:6a:06:13:89:d9:b4:9a:89:bd:41:3b:
30:59:7e:90:fa:e3:c9:f9:76:cc:b1:98:09:0b:ac:ed:c1:25:
4b:63:71:bc:bf:4b:9e:2d:38:f7:76:79:8b:bf:b6:b0:39:fd:
0d:31:39:19:17:25:66:06:50:de:68:3f:d3:d1:b7:db:8c:85:
cc:c7:c0:e9:dd:d4:2f:67:08:b9:1e:62:43:94:22:eb:60:29:
8e:6f:97:8c:3c:22:da:12:c2:40:d6:7f:48:75:52:94:11:d4:
32:a2:a7:13
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZi0ZIkNWTdbVM2RNNUF/5HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwODE2MTkzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWFkODBlZjExMzE0YzQyZTkzY2M0ODg0MDQwOGI2Y2UyZGI1NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPB59CbL/MTCRTz0h1JFX0Ox2XSc
zluOvPpGkv0JSPFHrmMrvSLjYstmZoXCaxt/tqUNc9LpoDbx6Omxu99U11lVm2QH
6yiDlKhdpIpKmACtfPzW47akBohXEnP2OdSVtmrCCGa4+BdjZiK0HUJ5nRpUYYJ3
JdnfzGLGO+HGiOCPkeXGqOBRkxlrCRXzH/+AX8bRYYNIT3sO+rgbrOgreKBNWb1T
RVe/J5R1Lu73m1ZqrT2rR6rdapgGQNwdUHT58haUhYtaAfM2g2a7kMegOERvBIPd
jCN0uGR37OozUmJLdqtdSW2QLbV1vdlPJuvtJr5OqLQb730oETBRQMCUjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEmtgO8RMUxC6TzEiEBAi2zi21W2MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvU2EyQTd4RXhURUxwUE1TSVFFQ0xiT0xiVmJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADUdOMD
BAPUdOADBAHUdO4DBADUdPQwDQYJKoZIhvcNAQELBQADggEBACMCL3v813igB83N
hjeiDH4EYS2klAy1GVeCDS9HGWPtOvBGcSOtcIltEdTIkhl36Dw9QkF/3RAIH/+d
J1b3kjUHnkbS4YRmKAAitQzOHJCqCwoNIi+kJ3gZ+F7w/BaSGsOlU0JL9Mlq+KL2
yh7Q+QyHz/RW/KJGDDFhP4UjZesUyJSq1mg/UOEhhspuF7oo+9LgHtUq9jxqBhOJ
2bSaib1BOzBZfpD648n5dsyxmAkLrO3BJUtjcby/S54tOPd2eYu/trA5/Q0xORkX
JWYGUN5oP9PRt9uMhczHwOnd1C9nCLkeYkOUIutgKY5vl4w8ItoSwkDWf0h1UpQR
1DKipxM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:22:09 2025 by rpki-client