Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Zf7ZuHL7IUxtTYoRWgTNvbVJWFQ.roa
File: Zf7ZuHL7IUxtTYoRWgTNvbVJWFQ.roa (raw, json)
Hash identifier: U/rRWMyGwT0EJp3DsyTo8NtFud95po4EanrDciDb8V8=
Subject key identifier: 65:FE:D9:B8:72:FB:21:4C:6D:4D:8A:11:5A:04:CD:BD:B5:49:58:54
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A2D717BA118CDE5D3C682245E5AB63325
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Zf7ZuHL7IUxtTYoRWgTNvbVJWFQ.roa
Signing time: Wed 29 Oct 2025 00:50:03 +0000
ROA not before: Wed 29 Oct 2025 00:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209735
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:8000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2d:71:7b:a1:18:cd:e5:d3:c6:82:24:5e:5a:b6:33:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 29 00:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65fed9b872fb214c6d4d8a115a04cdbdb5495854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a5:3d:d1:94:de:52:dd:c9:6d:1c:0a:fd:04:
87:f4:6d:8a:0c:4a:30:d4:2a:1e:3c:a7:d7:4b:f5:
65:2b:c4:53:49:f3:39:e1:cc:07:6a:60:9e:a5:c6:
3c:bf:9c:56:73:75:ab:11:f0:31:e2:e0:cd:29:da:
54:8c:5d:1f:e6:f5:59:22:1e:7d:72:1f:0d:fc:69:
d9:d7:f0:38:ca:2a:16:b9:3b:86:37:1d:34:b7:c8:
05:27:ff:d1:dc:a6:ba:26:21:21:87:62:45:f3:84:
2b:b7:0e:b6:bb:b3:71:5b:b9:8e:1f:7e:b8:85:f6:
fa:2f:cb:f2:82:d1:5c:ad:e1:17:87:85:6a:11:46:
2f:83:f3:24:81:59:46:9c:44:39:2c:84:02:7e:35:
bf:0c:55:5e:74:87:a8:08:91:55:1d:4f:0a:19:45:
50:fa:f6:73:12:68:14:f3:38:98:c5:69:97:c7:0b:
00:9a:1e:7d:5b:17:a0:d0:72:88:c7:f4:a0:3f:8b:
e8:fb:96:c0:14:08:92:c5:bf:fa:f7:23:0f:be:49:
8e:67:35:6e:83:d5:8a:c1:73:12:29:08:47:3f:cd:
73:ad:35:45:ce:2d:e2:01:5b:20:be:da:04:ea:ad:
02:81:ea:9a:60:3b:06:d7:79:b3:5e:bb:1a:63:59:
79:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FE:D9:B8:72:FB:21:4C:6D:4D:8A:11:5A:04:CD:BD:B5:49:58:54
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Zf7ZuHL7IUxtTYoRWgTNvbVJWFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:8000::/36
Signature Algorithm: sha256WithRSAEncryption
80:38:ad:e3:56:a2:31:17:45:40:25:e0:47:48:2b:98:81:40:
09:a1:53:d3:e2:ff:f1:ac:a2:51:51:89:e5:4f:fc:0d:ed:28:
ea:b8:86:20:19:95:94:98:c9:3f:35:f3:15:83:00:65:ee:36:
4a:c4:59:0c:1d:d9:f9:7f:ac:e1:6b:97:79:64:80:56:fa:ec:
5e:54:ea:56:bd:a6:5c:96:44:2d:27:ec:f3:8f:4f:0e:0a:bc:
aa:4d:c5:32:cc:0d:14:30:b3:e5:5a:d1:83:c6:27:8c:2d:7e:
2e:0a:32:84:9e:67:f9:25:dd:2c:b8:f0:42:8e:c3:a3:86:a8:
22:9c:23:7d:29:51:f0:c4:2b:ed:8c:76:cc:03:0e:13:2e:56:
c9:03:be:fc:0a:bd:6b:56:b1:33:d7:c5:71:23:06:4b:ad:73:
dc:d7:32:0b:ee:2c:00:4b:0c:8b:7c:b8:4c:b9:63:87:59:09:
ed:2b:4e:72:df:15:26:93:05:74:85:87:de:00:b0:67:14:30:
62:ba:a8:b4:e6:6f:28:ec:d1:d8:fc:c6:60:38:63:78:4c:91:
9d:b8:4e:a3:db:6f:12:90:60:b3:76:ff:cc:ba:01:35:97:e1:
ba:f4:28:87:39:30:f3:c9:92:6f:84:85:e6:ed:f6:74:7d:03:
5f:26:78:a5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZotcXuhGM3l08aCJF5atjMlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI5MDA1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWZlZDliODcyZmIyMTRjNmQ0ZDhhMTE1YTA0Y2RiZGI1NDk1ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6U90ZTeUt3JbRwK/QSH9G2KDEow
1CoePKfXS/VlK8RTSfM54cwHamCepcY8v5xWc3WrEfAx4uDNKdpUjF0f5vVZIh59
ch8N/GnZ1/A4yioWuTuGNx00t8gFJ//R3Ka6JiEhh2JF84Qrtw62u7NxW7mOH364
hfb6L8vygtFcreEXh4VqEUYvg/MkgVlGnEQ5LIQCfjW/DFVedIeoCJFVHU8KGUVQ
+vZzEmgU8ziYxWmXxwsAmh59Wxeg0HKIx/SgP4vo+5bAFAiSxb/69yMPvkmOZzVu
g9WKwXMSKQhHP81zrTVFzi3iAVsgvtoE6q0CgeqaYDsG13mzXrsaY1l5GQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGX+2bhy+yFMbU2KEVoEzb21SVhUMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvWmY3WnVITDdJVXh0VFlvUldnVE52YlZKV0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAbc3BMBUE
AgACMA8DBQAqAfsBAwYEKgH7BYAwDQYJKoZIhvcNAQELBQADggEBAIA4reNWojEX
RUAl4EdIK5iBQAmhU9Pi//GsolFRieVP/A3tKOq4hiAZlZSYyT818xWDAGXuNkrE
WQwd2fl/rOFrl3lkgFb67F5U6la9plyWRC0n7POPTw4KvKpNxTLMDRQws+Va0YPG
J4wtfi4KMoSeZ/kl3Sy48EKOw6OGqCKcI30pUfDEK+2MdswDDhMuVskDvvwKvWtW
sTPXxXEjBkutc9zXMgvuLABLDIt8uEy5Y4dZCe0rTnLfFSaTBXSFh94AsGcUMGK6
qLTmbyjs0dj8xmA4Y3hMkZ24TqPbbxKQYLN2/8y6ATWX4br0KIc5MPPJkm+Ehebt
9nR9A18meKU=
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:05:05 2025 by rpki-client