Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/GjEeTaJifmX3jwnQMBWByGQC-_Q.roa
File: GjEeTaJifmX3jwnQMBWByGQC-_Q.roa (raw, json)
Hash identifier: vUndINY1NdKbneNB7CPaUuA22DZ6k8tH2muK6ntjHw4=
Subject key identifier: 1A:31:1E:4D:A2:62:7E:65:F7:8F:09:D0:30:15:81:C8:64:02:FB:F4
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 01982D7604A3C52C125E9DDD20EBB54ACA4E
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/GjEeTaJifmX3jwnQMBWByGQC-_Q.roa
Signing time: Mon 21 Jul 2025 14:49:25 +0000
ROA not before: Mon 21 Jul 2025 14:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216096
IP address blocks: 109.175.210.0/24 maxlen: 24
2a01:fb00::/33 maxlen: 33
2a01:fb00::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 18:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:76:04:a3:c5:2c:12:5e:9d:dd:20:eb:b5:4a:ca:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Jul 21 14:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a311e4da2627e65f78f09d0301581c86402fbf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:35:48:41:ec:bc:02:b1:fa:9f:3e:5c:20:da:
3c:e6:98:ce:51:14:53:bf:57:3d:38:1e:97:d0:35:
ad:95:4a:1e:53:2b:56:22:aa:4e:c6:18:f0:01:b5:
be:e1:4a:67:e1:97:a1:18:fa:ce:64:65:98:91:ea:
2e:a1:d9:4d:d7:b8:ea:d1:60:7a:b5:4c:8f:b5:aa:
58:6e:5c:6f:57:04:60:3c:30:99:e9:4b:76:9a:46:
ee:aa:62:46:65:a8:00:11:37:e8:c0:84:ba:25:04:
0a:02:a7:cd:26:b7:66:ab:9a:59:7f:7b:4c:61:94:
37:4b:6c:06:17:f0:1b:8f:85:ca:a5:73:90:d4:75:
5c:00:e2:df:07:2b:86:76:50:8d:5e:70:ec:30:1b:
cb:5b:fa:ee:a0:e3:27:e4:85:bc:6d:56:e1:fd:2a:
9c:67:80:58:d5:06:16:ea:96:ef:e0:59:30:fe:c8:
17:06:8e:4f:b7:fd:99:87:bd:5b:42:3a:8f:50:21:
96:9a:07:e6:fd:a9:6b:58:2c:e5:07:a3:40:6f:7a:
36:11:75:56:8d:43:2a:7b:a5:7b:6b:85:bf:9a:c5:
cb:3d:da:49:a6:bd:03:11:0c:19:14:54:08:b0:22:
83:1a:54:a8:58:f8:d6:6d:72:07:37:03:bb:b4:8f:
0a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:31:1E:4D:A2:62:7E:65:F7:8F:09:D0:30:15:81:C8:64:02:FB:F4
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/GjEeTaJifmX3jwnQMBWByGQC-_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
IPv6:
2a01:fb00::/33
Signature Algorithm: sha256WithRSAEncryption
75:3e:3e:d6:1d:b6:a8:8d:fa:62:63:15:ad:4d:87:cf:1c:89:
44:60:af:b3:02:5c:f1:30:dd:d2:97:67:6a:9a:ec:28:99:a2:
e0:c1:09:a0:72:e3:20:6f:80:07:44:98:57:c7:76:91:03:7b:
b3:c0:5d:35:b8:50:80:f2:57:dc:9e:a4:02:d0:d3:f0:02:52:
37:36:b4:40:b0:36:56:8d:e2:03:86:c5:d8:22:53:fa:1d:6e:
d1:49:61:7e:b7:f5:d5:15:97:4d:72:a0:63:5b:ef:31:4d:67:
05:46:d7:91:af:44:9d:47:59:f5:92:a2:de:ef:b5:e7:10:6b:
db:5a:c4:1f:95:cc:0c:1d:ce:c5:4b:ce:05:3a:aa:a6:ac:58:
6e:5e:7b:f4:c8:c6:23:59:5a:91:52:44:8b:e4:a3:97:6f:a4:
68:c6:b6:c3:5e:09:fb:11:8c:c0:79:c3:dc:11:9c:ca:3a:cc:
d8:44:aa:f6:cf:6b:eb:d2:5d:7d:8e:62:d1:42:c1:63:22:d9:
d7:76:1f:6d:3b:3b:86:8f:ac:8d:03:00:24:82:6e:36:b2:91:
96:ac:56:55:4e:6c:6d:00:97:d7:5b:6d:37:c4:9f:6b:e9:3f:
b5:14:5e:42:6b:66:93:fd:02:47:8a:f9:b2:e6:0a:b5:50:5c:
fc:95:0d:b3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZgtdgSjxSwSXp3dIOu1SspOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUwNzIxMTQ0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTMxMWU0ZGEyNjI3ZTY1Zjc4ZjA5ZDAzMDE1ODFjODY0MDJmYmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDVIQey8ArH6nz5cINo85pjOURRT
v1c9OB6X0DWtlUoeUytWIqpOxhjwAbW+4Upn4ZehGPrOZGWYkeouodlN17jq0WB6
tUyPtapYblxvVwRgPDCZ6Ut2mkbuqmJGZagAETfowIS6JQQKAqfNJrdmq5pZf3tM
YZQ3S2wGF/Abj4XKpXOQ1HVcAOLfByuGdlCNXnDsMBvLW/ruoOMn5IW8bVbh/Sqc
Z4BY1QYW6pbv4Fkw/sgXBo5Pt/2Zh71bQjqPUCGWmgfm/alrWCzlB6NAb3o2EXVW
jUMqe6V7a4W/msXLPdpJpr0DEQwZFFQIsCKDGlSoWPjWbXIHNwO7tI8KrQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFBoxHk2iYn5l948J0DAVgchkAvv0MB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvR2pFZVRhSmlmbVgzanduUU1CV0J5R1FDLV9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAba/SMA4E
AgACMAgDBgcqAfsAADANBgkqhkiG9w0BAQsFAAOCAQEAdT4+1h22qI36YmMVrU2H
zxyJRGCvswJc8TDd0pdnaprsKJmi4MEJoHLjIG+AB0SYV8d2kQN7s8BdNbhQgPJX
3J6kAtDT8AJSNza0QLA2Vo3iA4bF2CJT+h1u0Ulhfrf11RWXTXKgY1vvMU1nBUbX
ka9EnUdZ9ZKi3u+15xBr21rEH5XMDB3OxUvOBTqqpqxYbl579MjGI1lakVJEi+Sj
l2+kaMa2w14J+xGMwHnD3BGcyjrM2ESq9s9r69JdfY5i0ULBYyLZ13YfbTs7ho+s
jQMAJIJuNrKRlqxWVU5sbQCX11ttN8Sfa+k/tRReQmtmk/0CR4r5suYKtVBc/JUN
sw==
-----END CERTIFICATE-----
Generated at Thu Aug 7 05:09:38 2025 by rpki-client