Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/SFCwzVZGOPxz2U_279Bo_Lpk5p4.roa
File: SFCwzVZGOPxz2U_279Bo_Lpk5p4.roa (raw, json)
Hash identifier: 3lcOcn5PP3C5yhgR2l4546ZVFe6pe/TJ96LCBfVinmA=
Subject key identifier: 48:50:B0:CD:56:46:38:FC:73:D9:4F:F6:EF:D0:68:FC:BA:64:E6:9E
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A224D9D58E1E63FA69133043FB5614535
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/SFCwzVZGOPxz2U_279Bo_Lpk5p4.roa
Signing time: Sun 26 Oct 2025 20:55:03 +0000
ROA not before: Sun 26 Oct 2025 20:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34927
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:4d:9d:58:e1:e6:3f:a6:91:33:04:3f:b5:61:45:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 26 20:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4850b0cd564638fc73d94ff6efd068fcba64e69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c9:68:b9:ed:a9:24:42:3d:ce:23:d5:ef:91:
8f:ab:53:98:4f:a8:1b:5e:2a:5a:60:01:21:d2:c5:
ec:5c:a2:c3:71:7e:20:2a:64:fd:87:cd:35:43:44:
e3:8a:fc:47:a3:0f:3e:c7:e5:a8:db:81:7c:e3:62:
1f:6b:25:59:2a:ab:88:fb:3f:9a:49:32:13:b9:fb:
d5:36:75:ff:7c:ca:cc:4c:90:3b:26:ea:a8:0d:0e:
7b:e7:6e:75:d1:8d:13:9c:09:55:29:b2:c6:b6:24:
03:90:8b:70:e6:c5:29:94:8f:2a:03:83:93:aa:b5:
32:f2:07:7f:e7:76:89:b7:a8:ba:2a:3f:9b:39:b3:
29:b9:34:c8:c3:66:72:cf:fb:4a:0b:ab:1f:cf:98:
50:ce:b8:84:b8:f5:0b:54:8c:74:8e:d2:a1:1e:56:
7f:5b:02:c0:83:7e:e3:0d:61:84:c3:4f:69:d3:73:
79:9c:ba:2f:a8:d3:20:a6:76:6d:00:06:69:c8:65:
a6:f6:bf:d5:1d:b4:7b:27:d8:e6:c8:03:c7:78:55:
b6:29:50:e6:d5:5f:c7:76:56:80:a8:91:aa:fb:94:
15:d7:2e:72:dd:1d:a1:3a:6c:72:0c:e8:42:4d:12:
eb:f5:5c:53:02:ba:da:51:54:d1:b6:89:28:83:c4:
3b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:50:B0:CD:56:46:38:FC:73:D9:4F:F6:EF:D0:68:FC:BA:64:E6:9E
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/SFCwzVZGOPxz2U_279Bo_Lpk5p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:a000::/36
Signature Algorithm: sha256WithRSAEncryption
34:27:dd:23:d4:b1:64:72:59:14:19:98:91:92:71:08:56:58:
0d:ab:0a:8e:20:69:f2:ae:8c:77:39:56:8b:ec:9d:b4:97:12:
22:34:0f:07:26:15:b7:22:e2:d8:2a:f2:14:b4:57:93:46:61:
27:8e:55:8e:75:8b:a6:7a:1f:0a:47:3b:6c:1c:bf:8f:ec:31:
da:15:09:95:27:d4:b9:d0:94:70:bd:d0:5b:35:c9:5e:de:3a:
41:55:f8:58:00:c7:4a:f9:4f:95:c1:ca:a7:bb:e2:01:ab:47:
b0:cb:78:dd:24:39:16:36:9c:ca:24:a1:75:2e:3d:a9:1b:25:
30:74:95:21:bb:91:7c:d0:78:31:79:17:b8:81:ea:bd:a8:30:
11:68:a4:f2:f5:3c:96:6d:e6:cd:fd:8d:63:99:ec:cd:b9:6d:
42:13:f6:9b:e3:59:16:c8:3b:35:af:01:ba:7e:ae:45:76:e2:
3e:e1:12:18:7d:5e:3e:58:7f:55:9d:86:68:8c:ab:f8:5f:f3:
df:63:9f:22:90:b1:89:e6:4b:62:71:70:81:b0:e1:a7:05:d2:
8f:23:03:20:40:ce:7e:50:fd:a1:1e:41:65:a4:d8:b6:51:89:
33:ea:c4:4c:61:c0:57:d2:51:4e:03:8b:22:b3:49:b7:c1:21:
c3:82:f1:ef
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZoiTZ1Y4eY/ppEzBD+1YUU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI2MjA1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODUwYjBjZDU2NDYzOGZjNzNkOTRmZjZlZmQwNjhmY2JhNjRlNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsloue2pJEI9ziPV75GPq1OYT6gb
XipaYAEh0sXsXKLDcX4gKmT9h801Q0TjivxHow8+x+Wo24F842IfayVZKquI+z+a
STITufvVNnX/fMrMTJA7JuqoDQ5752510Y0TnAlVKbLGtiQDkItw5sUplI8qA4OT
qrUy8gd/53aJt6i6Kj+bObMpuTTIw2Zyz/tKC6sfz5hQzriEuPULVIx0jtKhHlZ/
WwLAg37jDWGEw09p03N5nLovqNMgpnZtAAZpyGWm9r/VHbR7J9jmyAPHeFW2KVDm
1V/HdlaAqJGq+5QV1y5y3R2hOmxyDOhCTRLr9VxTArraUVTRtokog8Q74QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEhQsM1WRjj8c9lP9u/QaPy6ZOaeMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvU0ZDd3pWWkdPUHh6MlVfMjc5Qm9fTHBrNXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAbc3BMBUE
AgACMA8DBQAqAfsBAwYEKgH7BaAwDQYJKoZIhvcNAQELBQADggEBADQn3SPUsWRy
WRQZmJGScQhWWA2rCo4gafKujHc5VovsnbSXEiI0DwcmFbci4tgq8hS0V5NGYSeO
VY51i6Z6HwpHO2wcv4/sMdoVCZUn1LnQlHC90Fs1yV7eOkFV+FgAx0r5T5XByqe7
4gGrR7DLeN0kORY2nMokoXUuPakbJTB0lSG7kXzQeDF5F7iB6r2oMBFopPL1PJZt
5s39jWOZ7M25bUIT9pvjWRbIOzWvAbp+rkV24j7hEhh9Xj5Yf1WdhmiMq/hf899j
nyKQsYnmS2JxcIGw4acF0o8jAyBAzn5Q/aEeQWWk2LZRiTPqxExhwFfSUU4DiyKz
SbfBIcOC8e8=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:52:30 2025 by rpki-client