Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VUHE7mElGq-8LE5OD-SSnl378xE.roa
File: VUHE7mElGq-8LE5OD-SSnl378xE.roa (raw, json)
Hash identifier: 7XMR3BkGZzyWNu2F5LusIvhkcw2+TyuWtxZpms+zhEY=
Subject key identifier: 55:41:C4:EE:61:25:1A:AF:BC:2C:4E:4E:0F:E4:92:9E:5D:FB:F3:11
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 019DFEC391530CB120B07EF637CCA6B56B11
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VUHE7mElGq-8LE5OD-SSnl378xE.roa
Signing time: Wed 06 May 2026 19:28:42 +0000
ROA not before: Wed 06 May 2026 19:28:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.116.228.0/23 maxlen: 23
212.116.237.0/24 maxlen: 24
212.116.238.0/23 maxlen: 24
212.116.238.0/24 maxlen: 24
212.116.243.0/24 maxlen: 24
212.116.245.0/24 maxlen: 24
212.116.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fe:c3:91:53:0c:b1:20:b0:7e:f6:37:cc:a6:b5:6b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: May 6 19:28:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5541c4ee61251aafbc2c4e4e0fe4929e5dfbf311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:6e:65:5c:72:8b:31:a7:96:a5:22:88:4d:
fc:58:33:36:96:23:1a:5f:4c:f0:84:d1:34:b8:d9:
6c:e2:bf:ff:4e:5a:17:a4:5e:c1:44:df:d5:93:46:
5f:f9:24:af:dd:c2:0e:a4:2d:9a:dd:d3:77:05:95:
7f:43:be:95:2c:69:ba:e9:ee:c8:81:ff:49:26:37:
ec:4e:9e:c3:dd:0c:85:92:5f:f7:af:52:80:3a:a2:
0f:db:b6:7c:48:13:e1:58:4f:98:b0:95:ae:d7:2d:
c0:59:41:bd:17:46:29:98:b8:a6:d5:f9:d0:3e:72:
14:4f:56:59:45:1e:8c:d2:ca:8c:bd:28:22:15:6b:
bf:3b:a3:44:d0:82:c3:5b:a2:f8:29:a0:6b:c7:19:
fa:8b:08:9a:db:83:63:74:80:f5:92:8d:57:01:b4:
33:9f:b4:d7:0e:95:04:3b:49:56:3a:c4:bf:ef:76:
93:9e:33:77:3d:03:f0:6c:d3:61:e8:ba:f3:cb:08:
c2:9c:c0:e1:68:a9:95:62:e0:ac:01:e8:f9:5b:b8:
70:ce:ba:d5:51:7f:92:0c:b4:1b:78:c9:3b:c3:c3:
56:21:e3:c3:90:2c:eb:5e:85:c4:7d:c4:03:f6:d8:
81:9c:bb:1d:ce:14:20:4a:f3:a8:8e:8b:06:57:ea:
11:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:41:C4:EE:61:25:1A:AF:BC:2C:4E:4E:0F:E4:92:9E:5D:FB:F3:11
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/VUHE7mElGq-8LE5OD-SSnl378xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.228.0/23
212.116.237.0-212.116.239.255
212.116.243.0/24
212.116.245.0-212.116.246.255
Signature Algorithm: sha256WithRSAEncryption
74:6d:e5:28:8c:c7:85:9b:3d:0a:58:0e:d4:f1:ab:27:41:d4:
7a:84:28:9a:56:9c:7a:d8:47:b0:4f:14:c5:c6:e6:98:7b:bd:
d0:ae:88:3a:ab:4e:5b:18:a8:cc:0c:d4:74:ca:9f:53:04:2f:
42:ce:8f:61:27:d7:9b:09:96:ba:fd:06:b1:09:9f:0c:56:50:
ea:83:95:be:19:48:20:93:67:2f:b2:ff:05:76:6c:57:92:c0:
27:8f:27:9d:e9:6e:0c:9a:05:98:9c:22:7a:cb:5d:01:25:94:
99:a6:e3:f4:a0:01:e8:ef:32:03:9b:81:4c:71:c8:2a:e9:74:
bc:26:8c:eb:57:94:51:22:79:10:91:32:9a:75:6c:a1:23:3d:
8f:d8:0c:ea:35:5a:bd:c2:0a:bf:40:b5:a9:5f:2c:fb:24:2b:
ad:1f:be:fd:37:5c:02:24:4a:4e:e2:a0:11:21:4b:86:bb:6c:
de:de:ca:7e:bd:69:fb:32:2f:9c:5b:26:ec:c1:7d:6c:5e:ba:
aa:a4:60:8c:ef:14:d0:ba:21:df:bc:a9:d0:2f:1b:bf:32:f7:
05:7e:cc:e8:3b:a8:5d:49:89:ba:85:a1:ec:0b:ca:e4:2e:9c:
49:3e:4b:2a:c9:ae:f4:56:78:c3:79:98:7b:ab:7e:a5:df:22:
59:4f:02:85
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ3+w5FTDLEgsH72N8ymtWsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjYwNTA2MTkyODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTQxYzRlZTYxMjUxYWFmYmMyYzRlNGUwZmU0OTI5ZTVkZmJmMzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt1uZVxyizGnlqUiiE38WDM2liMa
X0zwhNE0uNls4r//TloXpF7BRN/Vk0Zf+SSv3cIOpC2a3dN3BZV/Q76VLGm66e7I
gf9JJjfsTp7D3QyFkl/3r1KAOqIP27Z8SBPhWE+YsJWu1y3AWUG9F0YpmLim1fnQ
PnIUT1ZZRR6M0sqMvSgiFWu/O6NE0ILDW6L4KaBrxxn6iwia24NjdID1ko1XAbQz
n7TXDpUEO0lWOsS/73aTnjN3PQPwbNNh6LrzywjCnMDhaKmVYuCsAej5W7hwzrrV
UX+SDLQbeMk7w8NWIePDkCzrXoXEfcQD9tiBnLsdzhQgSvOojosGV+oR9wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFVBxO5hJRqvvCxOTg/kkp5d+/MRMB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvVlVIRTdtRWxHcS04TEU1T0QtU1NubDM3OHhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQB1HTkMAwD
BADUdO0DBATUdOADBADUdPMwDAMEANR09QMEANR09jANBgkqhkiG9w0BAQsFAAOC
AQEAdG3lKIzHhZs9ClgO1PGrJ0HUeoQomlacethHsE8UxcbmmHu90K6IOqtOWxio
zAzUdMqfUwQvQs6PYSfXmwmWuv0GsQmfDFZQ6oOVvhlIIJNnL7L/BXZsV5LAJ48n
neluDJoFmJwiestdASWUmabj9KAB6O8yA5uBTHHIKul0vCaM61eUUSJ5EJEymnVs
oSM9j9gM6jVavcIKv0C1qV8s+yQrrR++/TdcAiRKTuKgESFLhrts3t7Kfr1p+zIv
nFsm7MF9bF66qqRgjO8U0Loh37yp0C8bvzL3BX7M6DuoXUmJuoWh7AvK5C6cST5L
Ksmu9FZ4w3mYe6t+pd8iWU8ChQ==
-----END CERTIFICATE-----
Generated at Wed May 13 06:58:02 2026 by rpki-client