Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/M0fKNX9eox7IfYviY6R2x-xMf2c.roa
File: M0fKNX9eox7IfYviY6R2x-xMf2c.roa (raw, json)
Hash identifier: WceX7AoSR01eRzudZZJ4Z0nv86tj0IatfsrgtBXT4v0=
Subject key identifier: 33:47:CA:35:7F:5E:A3:1E:C8:7D:8B:E2:63:A4:76:C7:EC:4C:7F:67
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A1EFA2F797D755A249872D1182A7F42FD
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/M0fKNX9eox7IfYviY6R2x-xMf2c.roa
Signing time: Sun 26 Oct 2025 05:25:03 +0000
ROA not before: Sun 26 Oct 2025 05:25:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 109.205.193.0/24 maxlen: 24
158.94.220.0/24 maxlen: 24
2a01:fb02:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1e:fa:2f:79:7d:75:5a:24:98:72:d1:18:2a:7f:42:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 26 05:25:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3347ca357f5ea31ec87d8be263a476c7ec4c7f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2b:9e:58:c4:79:51:cb:81:9a:d4:25:aa:27:
b0:dc:59:c6:a3:b1:8f:5b:fd:4d:5b:75:30:bc:65:
6c:bf:00:91:5f:ac:f8:55:95:47:87:fe:3e:43:a4:
2e:4b:22:51:05:77:7b:71:81:f9:f8:bd:bf:d6:06:
c6:86:8b:47:36:fb:09:82:51:f4:23:f7:b9:a6:38:
e1:73:d9:91:7c:a6:89:4d:f6:30:3f:fb:78:e3:1f:
ac:6a:d8:14:75:8d:3d:c7:de:69:40:40:71:5f:ff:
cf:cd:e8:f0:b7:c1:b6:6f:e6:86:29:ef:7c:33:9d:
60:bb:c1:89:2a:19:81:55:fd:8d:ea:e3:83:4a:ed:
33:6f:cb:49:2c:fa:29:e6:81:1c:f6:1a:6a:74:09:
f5:c6:61:b6:8c:60:46:1a:6f:48:56:ff:69:ce:fe:
d9:47:2f:7f:4b:c3:9a:fa:ab:dc:44:92:19:38:14:
bf:35:b9:a0:07:5e:80:d2:87:11:5a:1d:62:13:a0:
0d:c1:ef:15:a6:c5:8d:36:fe:f4:bb:2d:dc:36:0f:
79:fd:78:f9:df:f8:9a:11:7b:d5:79:72:03:f2:7f:
c8:a3:53:9d:b0:c1:13:ef:f7:9d:37:59:71:19:28:
b3:7e:0c:23:b4:6d:2e:4a:68:c7:6c:66:a2:36:99:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:47:CA:35:7F:5E:A3:1E:C8:7D:8B:E2:63:A4:76:C7:EC:4C:7F:67
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/M0fKNX9eox7IfYviY6R2x-xMf2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
158.94.220.0/24
IPv6:
2a01:fb02:c000::/34
Signature Algorithm: sha256WithRSAEncryption
6f:f3:0b:e5:db:a0:3a:6d:f3:f2:7f:a3:6d:e6:ea:60:68:8f:
ac:2c:c0:f6:77:6c:c6:3a:c9:45:c2:b4:dc:82:ec:32:02:cb:
f1:cf:c9:14:39:6f:6f:56:18:60:ff:e8:e6:d6:93:2f:4f:8f:
b5:e9:ed:14:7f:94:a0:dc:df:f2:1d:d8:81:bb:3b:5a:c4:30:
e6:d5:0c:37:16:1a:0f:76:1e:71:26:9b:8d:80:71:2f:7a:6d:
b5:b2:53:0f:db:af:5e:f0:13:af:aa:21:7f:ff:8d:30:5c:8c:
96:96:29:f0:8e:ee:c3:d2:74:53:37:e4:ac:8a:a8:11:6b:9a:
be:ba:73:67:0a:86:43:84:cb:bd:a3:ed:f3:b9:a6:79:e8:2f:
0a:46:f6:13:bb:8e:15:52:7e:10:04:ee:17:1a:02:18:f0:35:
1f:f1:90:68:ff:5a:22:01:9e:0b:57:b3:4f:3e:80:72:06:a9:
ba:da:83:c9:93:28:05:ef:9b:8d:20:ea:f5:8b:c8:a8:3c:45:
db:37:86:f9:44:d0:16:4e:3f:39:05:2b:ea:59:b4:28:33:e5:
c8:15:89:80:cf:85:40:76:c6:2f:f4:cc:dd:b4:c7:78:95:3a:
af:be:6d:4e:bb:d7:1b:a2:88:36:08:83:de:da:d9:5a:09:65:
90:11:6b:2d
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZoe+i95fXVaJJhy0Rgqf0L9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI2MDUyNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ3Y2EzNTdmNWVhMzFlYzg3ZDhiZTI2M2E0NzZjN2VjNGM3ZjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySueWMR5UcuBmtQlqiew3FnGo7GP
W/1NW3UwvGVsvwCRX6z4VZVHh/4+Q6QuSyJRBXd7cYH5+L2/1gbGhotHNvsJglH0
I/e5pjjhc9mRfKaJTfYwP/t44x+satgUdY09x95pQEBxX//Pzejwt8G2b+aGKe98
M51gu8GJKhmBVf2N6uODSu0zb8tJLPop5oEc9hpqdAn1xmG2jGBGGm9IVv9pzv7Z
Ry9/S8Oa+qvcRJIZOBS/NbmgB16A0ocRWh1iE6ANwe8VpsWNNv70uy3cNg95/Xj5
3/iaEXvVeXID8n/Io1OdsMET7/edN1lxGSizfgwjtG0uSmjHbGaiNpkjMQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDNHyjV/XqMeyH2L4mOkdsfsTH9nMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvTTBmS05YOWVveDdJZll2aVk2UjJ4LXhNZjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAbc3BAwQA
nl7cMA4EAgACMAgDBgYqAfsCwDANBgkqhkiG9w0BAQsFAAOCAQEAb/ML5dugOm3z
8n+jbebqYGiPrCzA9ndsxjrJRcK03ILsMgLL8c/JFDlvb1YYYP/o5taTL0+Ptent
FH+UoNzf8h3Ygbs7WsQw5tUMNxYaD3YecSabjYBxL3pttbJTD9uvXvATr6ohf/+N
MFyMlpYp8I7uw9J0UzfkrIqoEWuavrpzZwqGQ4TLvaPt87mmeegvCkb2E7uOFVJ+
EATuFxoCGPA1H/GQaP9aIgGeC1ezTz6AcgaputqDyZMoBe+bjSDq9YvIqDxF2zeG
+UTQFk4/OQUr6lm0KDPlyBWJgM+FQHbGL/TM3bTHeJU6r75tTrvXG6KINgiD3trZ
WgllkBFrLQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:22:04 2025 by rpki-client