Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ae1asIbAb-e5SyUNe51ydaRR_nY.roa
File: ae1asIbAb-e5SyUNe51ydaRR_nY.roa (raw, json)
Hash identifier: yOGfZbRrzHyb+JzDB6JXG8IJPfNrdjx+yFCHPncQpcA=
Subject key identifier: 69:ED:5A:B0:86:C0:6F:E7:B9:4B:25:0D:7B:9D:72:75:A4:51:FE:76
Certificate issuer: /CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Certificate serial: 01993D7D724FD090882EC87B0CCA971BF751
Authority key identifier: 3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ae1asIbAb-e5SyUNe51ydaRR_nY.roa
Signing time: Fri 12 Sep 2025 10:34:15 +0000
ROA not before: Fri 12 Sep 2025 10:34:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 843
IP address blocks: 212.116.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.mft
rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3d:7d:72:4f:d0:90:88:2e:c8:7b:0c:ca:97:1b:f7:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b098e45ef4bb5d18dbc86c5a135f57ebcbe005d
Validity
Not Before: Sep 12 10:34:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ed5ab086c06fe7b94b250d7b9d7275a451fe76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e3:a4:c5:ed:64:ba:79:fb:b4:45:1b:14:f3:
99:05:a6:38:88:a0:59:0a:5c:04:98:64:49:e5:b8:
cb:ad:a9:d6:da:93:bc:51:88:ab:4b:f6:08:4a:8f:
d7:ab:2d:90:aa:97:19:74:75:37:8c:b2:dc:51:35:
03:d6:df:80:fc:03:ad:d5:71:ef:c7:2d:e0:63:7a:
0c:a8:76:0c:80:8a:48:98:e5:2b:a6:f8:50:89:87:
50:b9:3e:c7:01:53:26:31:3c:de:53:ba:02:a5:5f:
08:3b:d9:97:17:2f:13:bb:d3:60:b2:a3:f6:80:ec:
90:66:36:55:fc:de:56:dc:d5:71:c5:9b:3c:7e:5a:
7e:6b:2e:b9:17:2c:d2:c2:b0:98:ef:0c:d2:b2:5e:
a1:fe:76:d9:7d:bf:ed:30:42:cf:f9:80:b4:98:a3:
6b:af:a9:8c:7b:6e:c4:93:54:b7:63:66:24:f4:5d:
9f:7c:1d:6b:fd:e4:ea:d8:86:a6:ff:c3:a0:10:cc:
7e:68:50:6a:6f:7e:cd:94:48:18:6d:b5:67:d1:9b:
b7:d6:3a:f7:c4:eb:98:08:b4:6a:bb:5d:91:f6:e3:
a6:32:d9:0f:0a:86:8d:75:0f:d7:bd:e0:bb:17:da:
87:64:4d:e7:fb:1f:8d:85:32:85:9f:1d:d3:e9:e0:
19:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:ED:5A:B0:86:C0:6F:E7:B9:4B:25:0D:7B:9D:72:75:A4:51:FE:76
X509v3 Authority Key Identifier:
keyid:3B:09:8E:45:EF:4B:B5:D1:8D:BC:86:C5:A1:35:F5:7E:BC:BE:00:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OwmORe9LtdGNvIbFoTX1fry-AF0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/ae1asIbAb-e5SyUNe51ydaRR_nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/954d31-f74c-467b-9013-e12b164215b9/1/OwmORe9LtdGNvIbFoTX1fry-AF0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.116.243.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:ed:91:a9:2e:38:e1:05:af:ec:61:1c:bb:aa:34:3f:be:c2:
bf:a2:c5:c4:2c:e4:58:35:93:ad:c7:84:66:e1:9f:61:dd:22:
41:6e:43:e4:ce:cd:a0:69:8d:01:2e:75:a1:80:2c:36:6f:74:
c8:24:9a:6d:ab:c1:25:a4:20:82:8c:cf:e5:ed:cb:05:a6:32:
c4:06:d4:8d:90:2b:0e:08:68:9f:42:27:97:4c:4d:83:1d:09:
ac:93:d4:a2:06:81:e6:73:c8:e1:bb:39:be:94:d9:ee:bf:98:
58:27:61:46:0e:d3:ff:0d:c3:2b:a2:4b:d0:9b:6a:67:71:37:
7c:9a:4a:6b:e4:d8:cb:ea:5a:25:7e:1d:85:0e:98:94:26:89:
cf:f7:cb:97:88:67:5f:a5:7f:c8:48:fd:b2:24:81:f1:bc:74:
8d:82:24:42:8b:5f:68:20:0e:c5:b5:bf:60:b2:62:31:50:ec:
1f:55:3f:48:ae:54:1f:aa:3c:4d:85:d2:64:56:4a:cc:13:91:
90:28:4c:c9:84:cc:fe:e8:de:1c:fa:8b:ef:d8:3e:f2:84:47:
0d:2f:3f:bb:6a:da:3e:41:f1:cf:be:00:69:11:ce:0f:e4:49:
12:9c:48:8f:31:6d:d8:0e:4a:a5:69:fb:0d:33:31:84:96:17:
be:0e:e7:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZk9fXJP0JCILsh7DMqXG/dRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiMDk4ZTQ1ZWY0YmI1ZDE4ZGJjODZjNWExMzVmNTdlYmNi
ZTAwNWQwHhcNMjUwOTEyMTAzNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVkNWFiMDg2YzA2ZmU3Yjk0YjI1MGQ3YjlkNzI3NWE0NTFmZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveOkxe1kunn7tEUbFPOZBaY4iKBZ
ClwEmGRJ5bjLranW2pO8UYirS/YISo/Xqy2QqpcZdHU3jLLcUTUD1t+A/AOt1XHv
xy3gY3oMqHYMgIpImOUrpvhQiYdQuT7HAVMmMTzeU7oCpV8IO9mXFy8Tu9NgsqP2
gOyQZjZV/N5W3NVxxZs8flp+ay65FyzSwrCY7wzSsl6h/nbZfb/tMELP+YC0mKNr
r6mMe27Ek1S3Y2Yk9F2ffB1r/eTq2Iam/8OgEMx+aFBqb37NlEgYbbVn0Zu31jr3
xOuYCLRqu12R9uOmMtkPCoaNdQ/XveC7F9qHZE3n+x+NhTKFnx3T6eAZfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGntWrCGwG/nuUslDXudcnWkUf52MB8GA1UdIwQY
MBaAFDsJjkXvS7XRjbyGxaE19X68vgBdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMt
ZTEyYjE2NDIxNWI5LzEvYWUxYXNJYkFiLWU1U3lVTmU1MXlkYVJSX25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi85NTRkMzEtZjc0Yy00NjdiLTkwMTMtZTEyYjE2NDIxNWI5
LzEvT3dtT1JlOUx0ZEdOdkliRm9UWDFmcnktQUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1HTzMA0G
CSqGSIb3DQEBCwUAA4IBAQDZ7ZGpLjjhBa/sYRy7qjQ/vsK/osXELORYNZOtx4Rm
4Z9h3SJBbkPkzs2gaY0BLnWhgCw2b3TIJJptq8ElpCCCjM/l7csFpjLEBtSNkCsO
CGifQieXTE2DHQmsk9SiBoHmc8jhuzm+lNnuv5hYJ2FGDtP/DcMrokvQm2pncTd8
mkpr5NjL6lolfh2FDpiUJonP98uXiGdfpX/ISP2yJIHxvHSNgiRCi19oIA7Ftb9g
smIxUOwfVT9IrlQfqjxNhdJkVkrME5GQKEzJhMz+6N4c+ovv2D7yhEcNLz+7ato+
QfHPvgBpEc4P5EkSnEiPMW3YDkqlafsNMzGElhe+Duek
-----END CERTIFICATE-----
Generated at Sun Sep 14 02:16:15 2025 by rpki-client