Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/fLYW2onmm7pntVdn_NFikuJQ6oI.roa
File: fLYW2onmm7pntVdn_NFikuJQ6oI.roa (raw, json)
Hash identifier: shKypXLxXWkzsX4KOVg1zCCoxO0UCMhAjdFLloK4LEk=
Subject key identifier: 7C:B6:16:DA:89:E6:9B:BA:67:B5:57:67:FC:D1:62:92:E2:50:EA:82
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A2C5C134E209408921D3CC2B94C790318
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/fLYW2onmm7pntVdn_NFikuJQ6oI.roa
Signing time: Tue 28 Oct 2025 19:47:03 +0000
ROA not before: Tue 28 Oct 2025 19:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212100
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:a000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:5c:13:4e:20:94:08:92:1d:3c:c2:b9:4c:79:03:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 28 19:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cb616da89e69bba67b55767fcd16292e250ea82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:82:c9:66:86:7c:f8:b7:60:ef:0b:8c:b8:
0f:80:2b:0c:ae:68:96:2e:20:a8:bf:3c:92:78:48:
37:f3:e6:19:66:f4:81:5e:99:1d:eb:49:d8:6e:6a:
41:6e:78:6f:b6:fe:fe:93:a0:55:c5:12:35:7a:a9:
a3:6c:ce:99:34:9d:3c:ed:2c:04:8d:72:c0:aa:a0:
74:ae:2d:64:4b:7f:e8:7a:86:66:ad:e9:b4:6c:88:
33:f0:87:1c:cb:23:c2:66:12:86:f6:bc:63:c6:18:
8e:ff:72:43:4f:e7:8e:0f:eb:35:17:bd:3d:82:ce:
c9:dd:5a:b7:a5:98:94:70:91:7d:1b:ed:39:0e:cf:
b6:8b:79:fa:5d:68:d5:52:b6:16:68:eb:a3:81:1f:
c1:4d:fe:b4:63:ae:e6:62:67:2d:59:5a:93:83:7c:
12:71:8c:b1:24:31:e9:9d:86:33:fd:9f:d1:3d:eb:
a0:33:d3:99:37:41:4d:c1:ef:17:fb:b3:d4:4b:fb:
59:82:77:d5:49:ff:1c:a8:b8:f5:5d:07:f9:2a:6b:
30:e8:4c:cd:69:53:0b:a2:1f:1a:80:79:9a:09:8f:
2e:36:ef:c2:15:71:de:ed:6e:fc:f3:3b:47:bf:23:
ab:a8:78:03:2c:de:1c:2f:b4:a5:11:4a:f3:2a:8b:
41:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B6:16:DA:89:E6:9B:BA:67:B5:57:67:FC:D1:62:92:E2:50:EA:82
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/fLYW2onmm7pntVdn_NFikuJQ6oI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:a000::/36
Signature Algorithm: sha256WithRSAEncryption
06:13:3e:87:d9:3a:df:03:76:00:0c:43:95:b6:39:8a:76:56:
00:b8:12:8a:a2:2d:af:bd:05:c2:bd:5e:1a:27:d9:c5:d4:9b:
c3:d9:f5:1b:88:bd:70:47:cb:8c:7f:5e:41:67:a8:5e:bb:43:
85:97:8a:f1:dc:9b:c7:1b:cb:a4:1b:1e:fd:66:0f:01:3f:05:
dc:4e:8b:17:59:76:37:bd:98:d6:77:ef:5e:6d:9f:23:76:42:
97:fa:73:c1:df:fa:b3:56:10:3f:03:c2:b8:61:f9:8d:b7:da:
c5:42:55:88:5c:22:d5:94:24:f0:f2:5f:55:b3:58:8d:c4:18:
5b:b4:d4:51:29:77:6d:e0:9e:1b:69:83:af:b5:c8:d9:4c:b7:
07:5a:bc:53:22:37:e0:49:d7:af:de:c2:7b:a7:38:c4:f7:ad:
2b:dd:65:36:bd:f1:8e:bb:24:7a:88:ea:09:fb:55:54:58:55:
84:94:16:d0:e9:5a:63:d7:8d:49:af:73:23:5e:00:dd:5d:27:
a6:ea:b8:88:72:8e:c4:a0:85:8e:81:30:84:68:f0:29:73:dc:
73:53:3f:84:a1:0c:d1:dd:67:93:e4:4d:0f:2c:a5:ec:7a:92:
5c:fe:7c:af:09:85:53:fb:64:8c:80:04:11:11:35:04:58:c8:
fc:08:4b:86
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZosXBNOIJQIkh08wrlMeQMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI4MTk0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I2MTZkYTg5ZTY5YmJhNjdiNTU3NjdmY2QxNjI5MmUyNTBlYTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCCCyWaGfPi3YO8LjLgPgCsMrmiW
LiCovzySeEg38+YZZvSBXpkd60nYbmpBbnhvtv7+k6BVxRI1eqmjbM6ZNJ087SwE
jXLAqqB0ri1kS3/oeoZmrem0bIgz8IccyyPCZhKG9rxjxhiO/3JDT+eOD+s1F709
gs7J3Vq3pZiUcJF9G+05Ds+2i3n6XWjVUrYWaOujgR/BTf60Y67mYmctWVqTg3wS
cYyxJDHpnYYz/Z/RPeugM9OZN0FNwe8X+7PUS/tZgnfVSf8cqLj1XQf5Kmsw6EzN
aVMLoh8agHmaCY8uNu/CFXHe7W788ztHvyOrqHgDLN4cL7SlEUrzKotBsQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHy2FtqJ5pu6Z7VXZ/zRYpLiUOqCMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvZkxZVzJvbm1tN3BudFZkbl9ORmlrdUpRNm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAbc3BMBUE
AgACMA8DBQAqAfsBAwYEKgH7BaAwDQYJKoZIhvcNAQELBQADggEBAAYTPofZOt8D
dgAMQ5W2OYp2VgC4EoqiLa+9BcK9Xhon2cXUm8PZ9RuIvXBHy4x/XkFnqF67Q4WX
ivHcm8cby6QbHv1mDwE/BdxOixdZdje9mNZ3715tnyN2Qpf6c8Hf+rNWED8Dwrhh
+Y232sVCVYhcItWUJPDyX1WzWI3EGFu01FEpd23gnhtpg6+1yNlMtwdavFMiN+BJ
16/ewnunOMT3rSvdZTa98Y67JHqI6gn7VVRYVYSUFtDpWmPXjUmvcyNeAN1dJ6bq
uIhyjsSghY6BMIRo8Clz3HNTP4ShDNHdZ5PkTQ8spex6klz+fK8JhVP7ZIyABBER
NQRYyPwIS4Y=
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:08:11 2025 by rpki-client