Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IAY7u9goKLtNUmdAyCWW-XnJFxI.roa
File: IAY7u9goKLtNUmdAyCWW-XnJFxI.roa (raw, json)
Hash identifier: z73m7/5g89l7Psf1mtxQc0bz6J7LCg5JeU16OHI7t1I=
Subject key identifier: 20:06:3B:BB:D8:28:28:BB:4D:52:67:40:C8:25:96:F9:79:C9:17:12
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A1CB96382FA851805BC3331E6F86DCFD1
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IAY7u9goKLtNUmdAyCWW-XnJFxI.roa
Signing time: Sat 25 Oct 2025 18:55:02 +0000
ROA not before: Sat 25 Oct 2025 18:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52025
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:2000::/36 maxlen: 36
2a01:fb05:9000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1c:b9:63:82:fa:85:18:05:bc:33:31:e6:f8:6d:cf:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 25 18:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20063bbbd82828bb4d526740c82596f979c91712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:dc:e4:89:e6:89:f0:fe:6b:f5:3f:67:1a:8b:
bd:db:66:94:03:fd:dc:a2:05:73:97:68:f3:19:aa:
6c:3a:ee:1f:89:b3:17:58:d1:54:75:73:83:e0:62:
94:dc:31:42:12:39:c5:96:87:98:ef:65:d4:bd:27:
74:65:cc:ca:a5:a7:e9:5e:46:fa:90:7d:b9:59:16:
40:15:ab:53:34:9f:ad:5e:9a:a3:ba:13:55:16:07:
6c:d5:61:79:86:db:bc:bf:e0:3b:78:a9:16:0f:14:
3b:5b:72:10:f7:b7:25:47:97:e5:37:d5:2b:88:69:
65:39:76:ba:95:32:e3:7e:ac:60:0c:4a:7e:8e:a1:
16:27:67:47:bf:d6:aa:e0:e4:30:10:3a:53:97:7e:
f3:67:cb:5f:ad:f7:99:fd:be:ac:0a:df:7d:3f:18:
d8:2a:39:06:d2:7f:88:50:bd:c0:d5:71:56:52:55:
39:bb:44:3b:fa:0e:28:2b:33:f9:86:71:32:12:33:
ad:4c:77:77:07:3a:12:86:61:28:d7:8c:61:20:68:
98:ee:d4:52:64:33:77:01:e2:16:2a:e4:24:83:d3:
3d:2f:0c:31:27:27:e3:79:e2:69:91:63:ca:74:7c:
36:4e:46:85:ce:af:ef:66:f6:33:b2:0d:51:a4:30:
cd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:06:3B:BB:D8:28:28:BB:4D:52:67:40:C8:25:96:F9:79:C9:17:12
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IAY7u9goKLtNUmdAyCWW-XnJFxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:2000::/36
2a01:fb05:9000::/36
Signature Algorithm: sha256WithRSAEncryption
7c:46:85:3e:73:dc:81:25:30:f5:55:5f:26:02:2f:cc:d5:3a:
be:18:1f:d0:84:09:8c:b8:53:2b:43:0f:81:49:7d:09:45:df:
18:c4:a6:38:b5:9b:dc:81:e9:97:8a:71:1c:71:0c:a7:5c:bb:
70:25:48:99:e5:fd:19:dc:84:fd:13:cb:88:d1:a7:b3:0c:f6:
df:8b:41:08:b1:68:96:25:d7:ca:77:4c:00:54:f4:9d:9a:6f:
3d:b2:c5:84:94:fe:12:73:9a:fa:47:1d:79:8d:46:0f:cf:c5:
22:f5:53:1e:82:bb:b8:e2:3b:3e:15:31:40:e7:ea:59:df:8d:
89:4d:7f:24:ca:2a:30:4a:97:5c:0e:71:9a:e0:cd:79:6a:c7:
84:75:ca:16:a6:ac:7f:38:73:d8:ba:67:63:b2:23:a8:9a:24:
7a:86:22:a4:be:00:18:a6:e0:01:2f:38:7b:3c:79:f5:56:4c:
33:ae:58:b1:1e:0d:8a:a9:da:06:47:0b:48:75:bd:a5:cd:db:
46:43:56:9a:d0:44:17:7c:9d:4d:a6:67:d1:77:2f:a4:af:c1:
e8:89:ec:57:06:dd:79:d2:0d:82:7b:b6:3b:3c:9b:71:40:95:
87:8f:93:12:9b:33:02:7e:84:57:4d:e3:27:de:84:96:93:48:
83:f3:71:18
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZocuWOC+oUYBbwzMeb4bc/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI1MTg1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDA2M2JiYmQ4MjgyOGJiNGQ1MjY3NDBjODI1OTZmOTc5YzkxNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNzkieaJ8P5r9T9nGou922aUA/3c
ogVzl2jzGapsOu4fibMXWNFUdXOD4GKU3DFCEjnFloeY72XUvSd0ZczKpafpXkb6
kH25WRZAFatTNJ+tXpqjuhNVFgds1WF5htu8v+A7eKkWDxQ7W3IQ97clR5flN9Ur
iGllOXa6lTLjfqxgDEp+jqEWJ2dHv9aq4OQwEDpTl37zZ8tfrfeZ/b6sCt99PxjY
KjkG0n+IUL3A1XFWUlU5u0Q7+g4oKzP5hnEyEjOtTHd3BzoShmEo14xhIGiY7tRS
ZDN3AeIWKuQkg9M9LwwxJyfjeeJpkWPKdHw2TkaFzq/vZvYzsg1RpDDNkQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFCAGO7vYKCi7TVJnQMgllvl5yRcSMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvSUFZN3U5Z29LTHROVW1kQXlDV1ctWG5KRnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAbc3BMB0E
AgACMBcDBQAqAfsBAwYEKgH7BSADBgQqAfsFkDANBgkqhkiG9w0BAQsFAAOCAQEA
fEaFPnPcgSUw9VVfJgIvzNU6vhgf0IQJjLhTK0MPgUl9CUXfGMSmOLWb3IHpl4px
HHEMp1y7cCVImeX9GdyE/RPLiNGnswz234tBCLFoliXXyndMAFT0nZpvPbLFhJT+
EnOa+kcdeY1GD8/FIvVTHoK7uOI7PhUxQOfqWd+NiU1/JMoqMEqXXA5xmuDNeWrH
hHXKFqasfzhz2LpnY7IjqJokeoYipL4AGKbgAS84ezx59VZMM65YsR4NiqnaBkcL
SHW9pc3bRkNWmtBEF3ydTaZn0XcvpK/B6InsVwbdedINgnu2OzybcUCVh4+TEpsz
An6EV03jJ96ElpNIg/NxGA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:37:27 2025 by rpki-client