Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/eY_JP296K7EzeQzz7pAK-QdGDlQ.roa
File: eY_JP296K7EzeQzz7pAK-QdGDlQ.roa (raw, json)
Hash identifier: 1hHTZx8/SNOi0qtGbD1Ot8RFhJXoszWaqomhkHPhsC4=
Subject key identifier: 79:8F:C9:3F:6F:7A:2B:B1:33:79:0C:F3:EE:90:0A:F9:07:46:0E:54
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A2C6F4CF493F0F1062E286CA5DB7B8645
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/eY_JP296K7EzeQzz7pAK-QdGDlQ.roa
Signing time: Tue 28 Oct 2025 20:08:03 +0000
ROA not before: Tue 28 Oct 2025 20:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47498
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:6f:4c:f4:93:f0:f1:06:2e:28:6c:a5:db:7b:86:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 28 20:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=798fc93f6f7a2bb133790cf3ee900af907460e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a4:4c:7b:9e:6b:1c:bc:36:26:e1:e6:19:50:
b4:c6:c2:73:d4:58:69:16:14:4e:ad:f5:c3:d7:b3:
c9:9a:19:b7:64:0d:4d:33:d7:28:03:e5:5b:6b:dd:
7a:5e:b4:e8:8f:fa:7b:2c:f9:51:2b:8e:ec:57:6f:
46:5f:52:7b:c7:75:8a:f4:d8:a3:9a:7b:2a:6f:83:
bd:a6:4a:ba:b0:9b:0d:85:93:e0:b5:fd:20:d9:21:
24:16:31:ef:af:8e:95:4c:e7:26:cd:d6:32:d2:fa:
f5:2e:8b:c5:43:05:60:76:fe:b6:19:c5:bb:75:7e:
05:38:50:fd:7e:bf:01:c9:55:fd:52:27:83:38:99:
29:b3:fa:ff:36:61:db:9d:ff:52:79:2a:36:51:43:
1c:2b:62:f7:e1:d0:36:80:4f:d6:b1:09:f1:fb:73:
a5:c6:30:98:a0:ab:69:c4:ad:1a:45:ff:d6:bc:3c:
78:ef:24:2b:6a:64:83:72:b5:34:af:20:08:11:31:
00:2c:78:b2:74:86:3e:96:c0:03:56:9a:8c:c4:bf:
45:06:8b:26:31:95:39:e4:3b:f0:86:ab:f2:5c:fb:
46:e6:d0:e1:32:80:e4:08:70:af:7f:4b:c9:37:d7:
ca:90:da:f4:00:3e:b8:74:46:15:f9:72:01:41:4d:
e2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:8F:C9:3F:6F:7A:2B:B1:33:79:0C:F3:EE:90:0A:F9:07:46:0E:54
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/eY_JP296K7EzeQzz7pAK-QdGDlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:a000::/36
Signature Algorithm: sha256WithRSAEncryption
36:a3:85:9e:ff:2f:09:61:65:86:9d:6d:e4:3c:db:51:46:70:
f8:53:8f:70:1e:fc:f1:cb:cf:44:68:b1:75:36:a3:56:0a:78:
63:e3:88:d2:23:f3:64:d5:1e:2c:50:70:28:10:28:a8:9a:4c:
79:3b:22:8f:a0:9f:7a:7c:ac:1c:7a:36:66:92:16:16:7e:ea:
cd:a4:6c:b7:6b:00:41:43:a4:b2:a7:9e:2a:f9:36:d1:ab:cd:
df:c1:f8:b5:d2:f0:49:3c:e5:e6:e2:aa:4d:e3:2e:af:7f:bf:
a7:a2:4f:6e:80:03:15:cd:47:91:36:df:19:e6:f5:f2:ea:9c:
6c:8d:0b:08:25:f7:49:e0:28:20:65:0e:8c:e9:91:94:bc:ec:
00:c2:cc:46:7b:5f:53:e2:94:88:7d:18:23:f5:ce:a8:fa:6e:
78:93:9f:28:b3:2b:e5:64:7e:64:2b:1c:a7:55:fd:24:c3:a1:
cd:7f:1f:2a:1b:86:d6:0d:7b:b8:23:72:fa:b1:ef:5b:9b:ad:
c7:b5:1f:cb:ba:97:31:39:b0:59:53:20:98:39:4b:e2:83:cc:
b1:8b:d6:5e:38:11:d1:7d:63:3a:5c:67:b4:c6:60:43:fd:e1:
9c:57:bb:fa:65:86:32:d7:0c:1b:f2:54:b3:37:e3:a9:a3:8c:
8a:58:87:d2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZosb0z0k/DxBi4obKXbe4ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI4MjAwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OThmYzkzZjZmN2EyYmIxMzM3OTBjZjNlZTkwMGFmOTA3NDYwZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6RMe55rHLw2JuHmGVC0xsJz1Fhp
FhROrfXD17PJmhm3ZA1NM9coA+Vba916XrToj/p7LPlRK47sV29GX1J7x3WK9Nij
mnsqb4O9pkq6sJsNhZPgtf0g2SEkFjHvr46VTOcmzdYy0vr1LovFQwVgdv62GcW7
dX4FOFD9fr8ByVX9UieDOJkps/r/NmHbnf9SeSo2UUMcK2L34dA2gE/WsQnx+3Ol
xjCYoKtpxK0aRf/WvDx47yQramSDcrU0ryAIETEALHiydIY+lsADVpqMxL9FBosm
MZU55DvwhqvyXPtG5tDhMoDkCHCvf0vJN9fKkNr0AD64dEYV+XIBQU3inQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHmPyT9veiuxM3kM8+6QCvkHRg5UMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvZVlfSlAyOTZLN0V6ZVF6ejdwQUstUWRHRGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAbc3BMBUE
AgACMA8DBQAqAfsBAwYEKgH7BaAwDQYJKoZIhvcNAQELBQADggEBADajhZ7/Lwlh
ZYadbeQ821FGcPhTj3Ae/PHLz0RosXU2o1YKeGPjiNIj82TVHixQcCgQKKiaTHk7
Io+gn3p8rBx6NmaSFhZ+6s2kbLdrAEFDpLKnnir5NtGrzd/B+LXS8Ek85ebiqk3j
Lq9/v6eiT26AAxXNR5E23xnm9fLqnGyNCwgl90ngKCBlDozpkZS87ADCzEZ7X1Pi
lIh9GCP1zqj6bniTnyizK+VkfmQrHKdV/STDoc1/HyobhtYNe7gjcvqx71ubrce1
H8u6lzE5sFlTIJg5S+KDzLGL1l44EdF9YzpcZ7TGYEP94ZxXu/plhjLXDBvyVLM3
46mjjIpYh9I=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:03:11 2025 by rpki-client