Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/7v8EaQuORaCogYfQLj5ZM03TJTM.roa
File: 7v8EaQuORaCogYfQLj5ZM03TJTM.roa (raw, json)
Hash identifier: ooPlkDHLnQfXu3fGjmpNDapzlwO5zeeeUgy5XtVR35Y=
Subject key identifier: EE:FF:04:69:0B:8E:45:A0:A8:81:87:D0:2E:3E:59:33:4D:D3:25:33
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A1EFA3070FA87871CE24B7B94FD47FC77
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/7v8EaQuORaCogYfQLj5ZM03TJTM.roa
Signing time: Sun 26 Oct 2025 05:25:04 +0000
ROA not before: Sun 26 Oct 2025 05:25:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56755
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:fa:30:70:fa:87:87:1c:e2:4b:7b:94:fd:47:fc:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 26 05:25:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eeff04690b8e45a0a88187d02e3e59334dd32533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3d:ca:50:db:dd:44:01:13:aa:76:80:97:28:
59:4e:3b:85:9a:ff:fb:37:5d:de:6f:c1:32:3d:78:
69:c8:56:2c:a2:ed:10:55:9f:46:07:6f:38:03:d9:
db:91:a4:8f:3e:10:50:4a:c1:36:ad:ec:ab:08:25:
69:b9:dd:1f:b9:5b:56:80:0e:52:8c:3f:0b:13:3e:
8c:0a:c6:0d:72:d1:60:78:c2:cc:9e:18:e6:bd:00:
3f:79:f8:6e:9c:c9:a2:12:19:83:65:fe:e6:2e:09:
d6:19:80:4a:57:98:f3:3c:05:7a:a0:63:64:5a:c5:
0e:a5:95:83:fd:ca:1b:07:3b:77:ff:47:f2:dd:44:
fb:ae:05:b2:01:6d:b8:17:94:cc:1d:1a:e6:f7:ac:
3c:af:42:23:88:eb:12:b0:f8:09:7f:96:75:83:c1:
ae:0d:2f:9a:6d:87:bf:40:7d:1c:16:a7:0d:df:1a:
65:18:c1:09:8d:34:79:bd:c4:67:b2:f8:2d:a0:64:
22:aa:30:d1:26:f1:ba:97:ad:fd:72:02:6f:2f:3b:
65:a1:fb:73:6e:fc:7b:9c:65:b2:c0:8b:17:b8:85:
f3:fe:ac:cd:96:be:ea:2e:32:ae:c5:c7:a3:8b:58:
08:6d:e9:46:61:7b:db:ad:50:20:10:c6:f3:2b:a8:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:FF:04:69:0B:8E:45:A0:A8:81:87:D0:2E:3E:59:33:4D:D3:25:33
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/7v8EaQuORaCogYfQLj5ZM03TJTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
Signature Algorithm: sha256WithRSAEncryption
76:5e:c6:f6:f9:2e:86:a4:c2:e8:0f:0b:7d:3c:51:9e:8a:19:
30:a4:43:4e:89:45:83:83:c6:45:86:09:d3:7c:11:93:6d:57:
e7:4c:4b:fa:80:34:58:c8:22:94:99:4e:12:01:83:c7:b9:c7:
25:a4:41:13:e8:62:46:92:a7:b4:6e:c9:f5:07:5a:ce:15:01:
19:66:f1:b1:5b:8d:51:ee:b3:f5:eb:4b:79:41:ad:97:19:18:
53:cb:7a:59:18:fd:fd:95:df:8e:12:09:11:e5:5d:01:af:1c:
d3:b4:1a:be:ad:d4:06:a8:53:a3:a9:ba:34:55:4c:d7:18:01:
17:91:4b:c8:b9:35:d2:39:39:c0:e6:79:bd:2c:13:19:8b:58:
4b:5a:e7:ca:bd:bd:58:d6:db:84:84:e6:18:8c:45:31:69:30:
90:7c:89:f8:93:76:e1:7b:79:d6:83:a8:b0:6e:da:7d:20:95:
ff:94:d3:fb:98:88:51:60:07:1c:e0:2c:c2:f3:6a:99:e5:be:
dd:39:a9:59:f4:46:fb:21:34:ed:31:69:75:27:71:f7:17:f0:
51:a3:1c:e2:d5:ed:09:27:f6:6a:0c:23:f3:2d:20:5e:bc:68:
ec:be:b4:1a:54:08:83:d5:e7:ad:f4:59:5b:56:e0:54:51:3c:
3b:ae:cb:8d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZoe+jBw+oeHHOJLe5T9R/x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI2MDUyNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWZmMDQ2OTBiOGU0NWEwYTg4MTg3ZDAyZTNlNTkzMzRkZDMyNTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4j3KUNvdRAETqnaAlyhZTjuFmv/7
N13eb8EyPXhpyFYsou0QVZ9GB284A9nbkaSPPhBQSsE2reyrCCVpud0fuVtWgA5S
jD8LEz6MCsYNctFgeMLMnhjmvQA/efhunMmiEhmDZf7mLgnWGYBKV5jzPAV6oGNk
WsUOpZWD/cobBzt3/0fy3UT7rgWyAW24F5TMHRrm96w8r0IjiOsSsPgJf5Z1g8Gu
DS+abYe/QH0cFqcN3xplGMEJjTR5vcRnsvgtoGQiqjDRJvG6l639cgJvLztloftz
bvx7nGWywIsXuIXz/qzNlr7qLjKuxceji1gIbelGYXvbrVAgEMbzK6jTkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO7/BGkLjkWgqIGH0C4+WTNN0yUzMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvN3Y4RWFRdU9SYUNvZ1lmUUxqNVpNMDNUSlRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAbc3BMA0E
AgACMAcDBQAqAfsBMA0GCSqGSIb3DQEBCwUAA4IBAQB2Xsb2+S6GpMLoDwt9PFGe
ihkwpENOiUWDg8ZFhgnTfBGTbVfnTEv6gDRYyCKUmU4SAYPHucclpEET6GJGkqe0
bsn1B1rOFQEZZvGxW41R7rP160t5Qa2XGRhTy3pZGP39ld+OEgkR5V0BrxzTtBq+
rdQGqFOjqbo0VUzXGAEXkUvIuTXSOTnA5nm9LBMZi1hLWufKvb1Y1tuEhOYYjEUx
aTCQfIn4k3bhe3nWg6iwbtp9IJX/lNP7mIhRYAcc4CzC82qZ5b7dOalZ9Eb7ITTt
MWl1J3H3F/BRoxzi1e0JJ/ZqDCPzLSBevGjsvrQaVAiD1eet9FlbVuBUUTw7rsuN
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:58:03 2025 by rpki-client