Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hPZxGFc1xm45Vo_XxqAKOO-y75c.roa
File: hPZxGFc1xm45Vo_XxqAKOO-y75c.roa (raw, json)
Hash identifier: Ev2HijbUikwUGB1B2EK4vLP8NTKjS7NkaOdrWlvH6WE=
Subject key identifier: 84:F6:71:18:57:35:C6:6E:39:56:8F:D7:C6:A0:0A:38:EF:B2:EF:97
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A2D15033A49DA234A71004AAF4F7133E9
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hPZxGFc1xm45Vo_XxqAKOO-y75c.roa
Signing time: Tue 28 Oct 2025 23:09:03 +0000
ROA not before: Tue 28 Oct 2025 23:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216096
IP address blocks: 109.175.210.0/24 maxlen: 24
109.205.193.0/24 maxlen: 24
158.94.220.0/23 maxlen: 24
158.94.220.0/24 maxlen: 24
158.94.221.0/24 maxlen: 24
2a01:fb00::/32 maxlen: 34
2a01:fb00::/33 maxlen: 34
2a01:fb00::/34 maxlen: 34
2a01:fb01::/32 maxlen: 32
2a01:fb02::/32 maxlen: 34
2a01:fb02::/34 maxlen: 34
2a01:fb02:4000::/34 maxlen: 34
2a01:fb02:8000::/34 maxlen: 34
2a01:fb02:c000::/34 maxlen: 34
2a01:fb03::/32 maxlen: 32
2a01:fb04::/32 maxlen: 32
2a01:fb05::/36 maxlen: 36
2a01:fb05:1000::/36 maxlen: 36
2a01:fb05:2000::/36 maxlen: 36
2a01:fb05:3000::/36 maxlen: 36
2a01:fb05:4000::/36 maxlen: 36
2a01:fb05:5000::/36 maxlen: 36
2a01:fb05:6000::/36 maxlen: 36
2a01:fb05:7000::/36 maxlen: 36
2a01:fb05:8000::/36 maxlen: 36
2a01:fb05:9000::/36 maxlen: 36
2a01:fb05:a000::/36 maxlen: 36
2a01:fb06::/32 maxlen: 32
2a01:fb07::/32 maxlen: 34
2a01:fb07::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2d:15:03:3a:49:da:23:4a:71:00:4a:af:4f:71:33:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 28 23:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84f671185735c66e39568fd7c6a00a38efb2ef97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0c:16:9a:71:8b:f5:dc:23:d9:08:47:9c:d8:
44:f0:13:26:a2:8b:83:1b:75:11:e5:34:22:77:c6:
38:ce:56:32:94:29:e2:50:e0:17:e6:90:14:16:b5:
87:e0:d8:27:88:50:5c:d9:51:cb:d0:27:8c:0d:65:
6a:d2:3c:00:97:43:dc:4a:20:49:e6:bc:79:d2:95:
60:20:75:ed:80:37:e5:e2:5b:6b:f4:14:f4:f1:6f:
8c:fb:b3:be:27:85:48:7e:79:67:8f:d8:1f:b5:5d:
67:f3:d5:f3:f8:49:45:6d:f4:95:b8:07:c1:67:e6:
3a:89:2d:b7:b3:75:99:c0:87:a6:6f:83:a2:c4:ba:
3c:3f:d1:dc:4a:74:8e:79:f1:31:e2:36:56:d5:68:
43:39:ff:cf:b0:ec:99:4f:95:27:aa:ff:90:c2:7b:
16:77:5f:99:f4:28:fb:cd:d1:70:1b:b9:38:cb:73:
9d:4d:1f:fb:eb:9d:5f:3a:80:38:75:67:0c:7c:38:
29:b1:50:1f:c4:c9:76:ee:06:9e:15:c2:69:4a:09:
30:9d:c7:44:aa:36:59:e1:c5:29:27:a2:de:ac:b5:
a2:9b:ed:7e:2a:ad:0f:71:40:e4:8a:cc:cc:f5:79:
5f:58:f2:fe:0f:6f:7c:80:91:01:6a:a9:48:fd:f0:
b7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F6:71:18:57:35:C6:6E:39:56:8F:D7:C6:A0:0A:38:EF:B2:EF:97
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hPZxGFc1xm45Vo_XxqAKOO-y75c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
109.205.193.0/24
158.94.220.0/23
IPv6:
2a01:fb00::-2a01:fb05:afff:ffff:ffff:ffff:ffff:ffff
2a01:fb06::/31
Signature Algorithm: sha256WithRSAEncryption
4a:87:84:94:c1:7a:92:36:c4:11:46:08:10:75:f5:74:c4:62:
e2:d4:39:f9:9b:d3:e3:8a:37:e7:bc:22:d2:f3:1a:99:b9:65:
59:07:bf:de:47:ed:a8:b9:08:b1:e3:db:c8:d6:0e:b7:b0:69:
df:89:77:de:3e:e0:8b:31:0e:53:af:30:2e:b7:e7:a1:55:9d:
14:c8:4c:1a:70:d2:90:9b:ce:16:15:5e:31:5c:55:3a:81:fc:
bb:08:07:87:38:16:64:87:02:12:46:9f:91:d0:99:4e:53:15:
fe:8f:e4:83:1f:2f:72:d9:66:4c:22:54:49:20:cf:98:92:f5:
13:d5:49:92:19:10:9c:7e:33:04:7c:78:66:65:68:04:a8:e1:
8e:2e:58:60:d3:23:58:29:0f:d1:b6:c7:25:e1:2f:3f:85:df:
77:58:10:79:a4:5c:6e:11:c9:fe:c4:49:c3:26:46:c7:47:a6:
c5:44:27:a5:6d:2c:26:df:8d:75:28:4f:5f:b6:e8:cf:92:a1:
a9:09:e2:a8:2f:b4:67:0a:d9:65:b5:06:64:af:29:3f:92:43:
90:d2:c2:60:09:7a:fa:02:12:02:0c:97:90:d5:ec:1e:2a:cb:
49:1e:b5:b9:ef:a2:8d:67:dc:6d:f4:b9:33:e5:19:75:40:8f:
8f:64:fe:25
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZotFQM6SdojSnEASq9PcTPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI4MjMwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY2NzExODU3MzVjNjZlMzk1NjhmZDdjNmEwMGEzOGVmYjJlZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgwWmnGL9dwj2QhHnNhE8BMmoouD
G3UR5TQid8Y4zlYylCniUOAX5pAUFrWH4NgniFBc2VHL0CeMDWVq0jwAl0PcSiBJ
5rx50pVgIHXtgDfl4ltr9BT08W+M+7O+J4VIfnlnj9gftV1n89Xz+ElFbfSVuAfB
Z+Y6iS23s3WZwIemb4OixLo8P9HcSnSOefEx4jZW1WhDOf/PsOyZT5Unqv+QwnsW
d1+Z9Cj7zdFwG7k4y3OdTR/7651fOoA4dWcMfDgpsVAfxMl27gaeFcJpSgkwncdE
qjZZ4cUpJ6LerLWim+1+Kq0PcUDkiszM9XlfWPL+D298gJEBaqlI/fC3pQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIT2cRhXNcZuOVaP18agCjjvsu+XMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvaFBaeEdGYzF4bTQ1Vm9fWHhxQUtPTy15NzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAYBAIAATASAwQAba/SAwQA
bc3BAwQBnl7cMB0EAgACMBcwDgMEACoB+wMGBCoB+wWgAwUBKgH7BjANBgkqhkiG
9w0BAQsFAAOCAQEASoeElMF6kjbEEUYIEHX1dMRi4tQ5+ZvT44o357wi0vMambll
WQe/3kftqLkIsePbyNYOt7Bp34l33j7gizEOU68wLrfnoVWdFMhMGnDSkJvOFhVe
MVxVOoH8uwgHhzgWZIcCEkafkdCZTlMV/o/kgx8vctlmTCJUSSDPmJL1E9VJkhkQ
nH4zBHx4ZmVoBKjhji5YYNMjWCkP0bbHJeEvP4Xfd1gQeaRcbhHJ/sRJwyZGx0em
xUQnpW0sJt+NdShPX7boz5KhqQniqC+0ZwrZZbUGZK8pP5JDkNLCYAl6+gISAgyX
kNXsHirLSR61ue+ijWfcbfS5M+UZdUCPj2T+JQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:07:55 2025 by rpki-client