Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_w-VZ8tJf-IJZUAFtjZixIGeh5w.roa
File: _w-VZ8tJf-IJZUAFtjZixIGeh5w.roa (raw, json)
Hash identifier: gcMpibnYTXN6TauNcnE1KrGZDPQoj6jVbMfXyvOP7XQ=
Subject key identifier: FF:0F:95:67:CB:49:7F:E2:09:65:40:05:B6:36:62:C4:81:9E:87:9C
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019BFEDF60772DFBABAD5198D0DB44D2A693
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_w-VZ8tJf-IJZUAFtjZixIGeh5w.roa
Signing time: Tue 27 Jan 2026 09:53:30 +0000
ROA not before: Tue 27 Jan 2026 09:53:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216096
IP address blocks: 109.175.210.0/24 maxlen: 24
109.205.193.0/24 maxlen: 24
158.94.220.0/23 maxlen: 24
158.94.220.0/24 maxlen: 24
158.94.221.0/24 maxlen: 24
2a01:fb00::/32 maxlen: 34
2a01:fb00::/33 maxlen: 34
2a01:fb00::/34 maxlen: 34
2a01:fb01::/32 maxlen: 32
2a01:fb02::/32 maxlen: 34
2a01:fb02::/34 maxlen: 34
2a01:fb02:4000::/34 maxlen: 34
2a01:fb02:8000::/34 maxlen: 34
2a01:fb02:c000::/34 maxlen: 34
2a01:fb03::/32 maxlen: 32
2a01:fb04::/32 maxlen: 32
2a01:fb05::/36 maxlen: 36
2a01:fb05:1000::/36 maxlen: 36
2a01:fb05:2000::/36 maxlen: 36
2a01:fb05:3000::/36 maxlen: 36
2a01:fb05:4000::/36 maxlen: 36
2a01:fb05:5000::/36 maxlen: 36
2a01:fb05:6000::/36 maxlen: 36
2a01:fb05:7000::/36 maxlen: 36
2a01:fb05:8000::/36 maxlen: 36
2a01:fb05:9000::/36 maxlen: 36
2a01:fb05:a000::/36 maxlen: 36
2a01:fb05:b000::/36 maxlen: 36
2a01:fb05:c000::/36 maxlen: 36
2a01:fb05:d000::/36 maxlen: 36
2a01:fb06::/32 maxlen: 32
2a01:fb07::/32 maxlen: 34
2a01:fb07::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:fe:df:60:77:2d:fb:ab:ad:51:98:d0:db:44:d2:a6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Jan 27 09:53:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff0f9567cb497fe209654005b63662c4819e879c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7a:fe:e8:55:ba:29:d1:38:72:d3:c4:51:9d:
d9:ac:d4:e6:ac:31:17:20:ac:03:8f:00:4c:00:21:
21:48:91:5d:c2:51:d7:b0:ac:ae:7c:45:f9:1a:0b:
b5:90:3b:ac:72:ab:ce:16:85:8d:82:9e:a5:14:97:
80:14:45:de:94:2d:0a:e6:dc:84:cd:1a:18:67:54:
84:ab:6d:57:f0:1e:8c:0a:60:f4:97:35:12:53:d6:
d5:c7:33:e0:42:1e:e5:c5:21:74:21:13:c5:3a:66:
bf:9a:43:ff:e5:3c:df:81:77:30:8b:c3:14:dc:50:
e6:7f:e2:c8:8d:e7:bb:0a:a0:ca:e6:70:be:73:6f:
b7:6e:df:fa:cc:88:28:af:d0:49:f1:15:e4:20:e5:
25:0c:8f:4c:e0:ce:01:b4:ce:be:58:ad:68:c6:3b:
e1:1a:41:c8:b3:47:3c:ea:d6:cd:87:f0:a2:44:b9:
45:03:06:91:41:57:68:b0:a1:6e:1f:8a:e6:8d:5a:
20:8b:32:d2:e8:d5:57:b8:58:5d:0d:8a:9f:b5:d6:
bf:2c:1a:c6:d7:b3:dd:b7:e6:d7:cf:2d:f1:fe:ca:
0a:a8:0c:16:29:11:da:5c:c2:f4:11:59:a2:7e:64:
f0:e0:52:c6:29:d6:89:48:47:41:86:73:bc:08:85:
09:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0F:95:67:CB:49:7F:E2:09:65:40:05:B6:36:62:C4:81:9E:87:9C
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/_w-VZ8tJf-IJZUAFtjZixIGeh5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
109.205.193.0/24
158.94.220.0/23
IPv6:
2a01:fb00::-2a01:fb05:dfff:ffff:ffff:ffff:ffff:ffff
2a01:fb06::/31
Signature Algorithm: sha256WithRSAEncryption
6f:5b:7b:c5:e4:78:16:7d:c7:69:13:3d:e6:56:2f:89:06:2c:
f8:6c:d3:4e:f7:68:45:ed:be:1f:d0:c3:da:55:47:fb:64:60:
f8:29:12:5f:9d:c3:54:a5:98:87:15:a1:00:78:f9:47:38:8b:
a2:b5:1a:2c:ee:ca:0e:d4:e2:b9:01:bd:ea:e0:7f:01:71:ce:
a8:07:c5:58:65:da:b5:42:51:aa:4e:ef:a0:b7:c8:65:04:09:
ed:4c:ee:29:7e:4a:1f:bf:aa:c2:35:07:56:99:c7:52:7c:39:
6e:d6:1c:23:c7:27:d9:d4:1d:20:11:a3:9f:ec:9d:67:d6:04:
79:8c:b0:b4:bc:f8:6e:18:60:36:ca:c8:09:82:e7:81:54:5e:
d0:84:62:a2:ce:a5:49:6e:38:df:49:66:e6:91:3e:34:7a:58:
8d:e0:55:16:d7:4a:6b:98:ba:7e:ad:16:6f:6d:b1:e1:cb:ef:
69:85:67:aa:54:ed:10:ed:56:f8:1a:51:b0:fc:43:2c:ba:fc:
06:99:20:8a:7e:da:3b:49:d3:e4:84:ce:31:95:6a:d0:8a:94:
f9:a5:af:a1:65:fe:fa:39:81:c2:88:aa:b1:b3:db:cd:b7:b4:
69:e5:7f:fc:a1:d1:22:69:fa:84:51:e4:b4:9a:f2:f1:e4:e1:
97:82:40:84
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZv+32B3LfurrVGY0NtE0qaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjYwMTI3MDk1MzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjBmOTU2N2NiNDk3ZmUyMDk2NTQwMDViNjM2NjJjNDgxOWU4NzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXr+6FW6KdE4ctPEUZ3ZrNTmrDEX
IKwDjwBMACEhSJFdwlHXsKyufEX5Ggu1kDuscqvOFoWNgp6lFJeAFEXelC0K5tyE
zRoYZ1SEq21X8B6MCmD0lzUSU9bVxzPgQh7lxSF0IRPFOma/mkP/5TzfgXcwi8MU
3FDmf+LIjee7CqDK5nC+c2+3bt/6zIgor9BJ8RXkIOUlDI9M4M4BtM6+WK1oxjvh
GkHIs0c86tbNh/CiRLlFAwaRQVdosKFuH4rmjVogizLS6NVXuFhdDYqftda/LBrG
17Pdt+bXzy3x/soKqAwWKRHaXML0EVmifmTw4FLGKdaJSEdBhnO8CIUJ6wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFP8PlWfLSX/iCWVABbY2YsSBnoecMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvX3ctVlo4dEpmLUlKWlVBRnRqWml4SUdlaDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQAba/SAwQA
bc3BAwQBnl7cMB0EAgACMBcwDgMEACoB+wMGBSoB+wXAAwUBKgH7BjANBgkqhkiG
9w0BAQsFAAOCAQEAb1t7xeR4Fn3HaRM95lYviQYs+GzTTvdoRe2+H9DD2lVH+2Rg
+CkSX53DVKWYhxWhAHj5RziLorUaLO7KDtTiuQG96uB/AXHOqAfFWGXatUJRqk7v
oLfIZQQJ7UzuKX5KH7+qwjUHVpnHUnw5btYcI8cn2dQdIBGjn+ydZ9YEeYywtLz4
bhhgNsrICYLngVRe0IRios6lSW4430lm5pE+NHpYjeBVFtdKa5i6fq0Wb22x4cvv
aYVnqlTtEO1W+BpRsPxDLLr8Bpkgin7aO0nT5ITOMZVq0IqU+aWvoWX++jmBwoiq
sbPbzbe0aeV//KHRImn6hFHktJry8eThl4JAhA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:32:41 2026 by rpki-client