Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/O2g_KCSHTBtUkTmnZj5xACpZSnI.roa
File: O2g_KCSHTBtUkTmnZj5xACpZSnI.roa (raw, json)
Hash identifier: uP/CG7/+H7QBwYSZ9ySWOvBQiMlDRJGawcJEkDkwNtc=
Subject key identifier: 3B:68:3F:28:24:87:4C:1B:54:91:39:A7:66:3E:71:00:2A:59:4A:72
Certificate issuer: /CN=12e28039646dcc32eceb58428f97cc994b998577
Certificate serial: 019A2B9E904C2514B7D9ABCD11A4D9B8BBF4
Authority key identifier: 12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/O2g_KCSHTBtUkTmnZj5xACpZSnI.roa
Signing time: Tue 28 Oct 2025 16:20:03 +0000
ROA not before: Tue 28 Oct 2025 16:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33984
IP address blocks: 217.117.110.0/24 maxlen: 24
217.117.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 10:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:9e:90:4c:25:14:b7:d9:ab:cd:11:a4:d9:b8:bb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12e28039646dcc32eceb58428f97cc994b998577
Validity
Not Before: Oct 28 16:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b683f2824874c1b549139a7663e71002a594a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:15:ee:2c:03:57:e0:e3:fd:51:e0:88:3b:ca:
80:22:4f:03:61:a4:b7:44:35:41:8e:86:94:ff:30:
24:a7:61:e7:a0:f0:d2:a9:45:b5:98:e3:5d:c5:04:
d7:42:69:92:bc:2c:21:70:52:ae:ff:b6:56:ae:5f:
fa:ea:f2:50:25:39:de:49:38:f6:01:31:be:04:b3:
3b:95:9a:ec:48:b8:82:c0:67:c2:4a:d9:7e:fc:e4:
6e:45:da:b3:dc:06:a4:05:35:ce:ea:a8:97:8d:49:
24:a7:4d:8e:65:47:75:75:72:70:cb:cf:4a:52:c7:
cf:f7:9c:f8:27:80:ac:11:6c:9c:8f:c8:21:ff:50:
45:09:73:73:9c:d7:b1:36:d8:db:45:cc:07:1e:5d:
b7:fe:b6:4b:55:2e:3c:c3:d5:8c:fc:6e:5f:3f:40:
75:2e:7a:eb:f5:f1:fc:59:52:a5:8a:d4:70:c8:57:
c4:77:e4:55:74:a3:1d:31:37:31:07:dc:55:8e:66:
6c:dc:34:46:f8:f8:31:7b:34:1f:ee:c8:04:a2:22:
da:6b:c6:f6:a5:ff:0d:7f:3c:4a:30:c2:8e:b4:b8:
69:c4:ce:f7:25:80:98:e4:03:19:93:48:47:ca:eb:
34:ed:f1:b4:95:a3:58:10:7a:85:79:dd:ce:25:30:
96:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:68:3F:28:24:87:4C:1B:54:91:39:A7:66:3E:71:00:2A:59:4A:72
X509v3 Authority Key Identifier:
keyid:12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/O2g_KCSHTBtUkTmnZj5xACpZSnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.117.110.0/23
Signature Algorithm: sha256WithRSAEncryption
02:a5:f3:cd:1d:9b:6b:68:f4:5d:bf:d0:c2:49:35:32:16:c3:
b1:9d:bd:18:af:4b:6a:fa:04:c8:c6:1a:9f:49:f0:c0:6c:80:
33:2e:28:23:e7:44:5a:46:75:74:40:b8:20:35:b6:2c:32:0d:
96:ec:f6:b9:c5:af:74:62:84:5f:bc:8d:7c:ad:f4:a1:0e:59:
79:d7:27:9d:2b:7a:f1:46:cc:13:dd:86:f5:3c:8c:44:6d:81:
04:de:70:02:79:00:f3:3c:3a:e5:4c:ff:16:ae:4e:40:97:d6:
18:3d:ba:23:8e:32:85:f6:87:3a:0d:d9:53:f6:ff:37:d7:ea:
fb:64:49:21:cf:98:a2:7d:1d:f8:ab:fb:5f:2c:41:2c:5d:c5:
69:69:ec:2a:ca:0b:af:58:0e:c1:30:ef:f0:67:fc:bc:c5:92:
90:24:a5:f6:38:79:e8:15:54:44:22:9c:24:50:41:12:3e:5e:
1e:bb:2f:85:3d:b6:05:e9:54:27:b3:ee:db:52:3e:38:35:82:
f8:a7:8d:4a:85:84:ba:f7:da:01:e1:94:5c:54:23:80:4f:a8:
61:c9:bd:f6:a8:e3:fd:3c:4b:e5:cc:86:25:6f:42:e5:c3:77:
be:0d:c6:55:6b:66:81:c0:9c:17:c6:13:6d:55:75:78:9b:27:
79:7e:81:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZornpBMJRS32avNEaTZuLv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZTI4MDM5NjQ2ZGNjMzJlY2ViNTg0MjhmOTdjYzk5NGI5
OTg1NzcwHhcNMjUxMDI4MTYyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY4M2YyODI0ODc0YzFiNTQ5MTM5YTc2NjNlNzEwMDJhNTk0YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRXuLANX4OP9UeCIO8qAIk8DYaS3
RDVBjoaU/zAkp2HnoPDSqUW1mONdxQTXQmmSvCwhcFKu/7ZWrl/66vJQJTneSTj2
ATG+BLM7lZrsSLiCwGfCStl+/ORuRdqz3AakBTXO6qiXjUkkp02OZUd1dXJwy89K
UsfP95z4J4CsEWycj8gh/1BFCXNznNexNtjbRcwHHl23/rZLVS48w9WM/G5fP0B1
Lnrr9fH8WVKlitRwyFfEd+RVdKMdMTcxB9xVjmZs3DRG+PgxezQf7sgEoiLaa8b2
pf8NfzxKMMKOtLhpxM73JYCY5AMZk0hHyus07fG0laNYEHqFed3OJTCW8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtoPygkh0wbVJE5p2Y+cQAqWUpyMB8GA1UdIwQY
MBaAFBLigDlkbcwy7OtYQo+XzJlLmYV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAt
MzZkOTFkYmNmYzQxLzEvTzJnX0tDU0hUQnRVa1RtblpqNXhBQ3BaU25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAtMzZkOTFkYmNmYzQx
LzEvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2XVuMA0G
CSqGSIb3DQEBCwUAA4IBAQACpfPNHZtraPRdv9DCSTUyFsOxnb0Yr0tq+gTIxhqf
SfDAbIAzLigj50RaRnV0QLggNbYsMg2W7Pa5xa90YoRfvI18rfShDll51yedK3rx
RswT3Yb1PIxEbYEE3nACeQDzPDrlTP8Wrk5Al9YYPbojjjKF9oc6DdlT9v831+r7
ZEkhz5iifR34q/tfLEEsXcVpaewqyguvWA7BMO/wZ/y8xZKQJKX2OHnoFVREIpwk
UEESPl4euy+FPbYF6VQns+7bUj44NYL4p41KhYS699oB4ZRcVCOAT6hhyb32qOP9
PEvlzIYlb0Llw3e+DcZVa2aBwJwXxhNtVXV4myd5foFq
-----END CERTIFICATE-----
Generated at Wed Oct 29 20:02:37 2025 by rpki-client