Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hdJD_veqQscEuHyTzVliTTRZYIk.roa
File: hdJD_veqQscEuHyTzVliTTRZYIk.roa (raw, json)
Hash identifier: qTP+6g/kCLToicqGR+3e68hnl0VGJCBVExBeIA/bFOs=
Subject key identifier: 85:D2:43:FE:F7:AA:42:C7:04:B8:7C:93:CD:59:62:4D:34:59:60:89
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A19BA2EB47D5350A82B0042BBE164EA64
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hdJD_veqQscEuHyTzVliTTRZYIk.roa
Signing time: Sat 25 Oct 2025 04:57:03 +0000
ROA not before: Sat 25 Oct 2025 04:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47152
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb02::/34 maxlen: 34
2a01:fb02:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:19:ba:2e:b4:7d:53:50:a8:2b:00:42:bb:e1:64:ea:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 25 04:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85d243fef7aa42c704b87c93cd59624d34596089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:38:82:df:23:cf:5b:ea:7f:f4:9b:73:13:29:
2f:21:81:f5:28:59:f3:e5:36:60:ce:73:83:28:12:
c4:80:05:5b:50:ce:ae:9a:52:0f:be:5d:5f:57:57:
2f:fb:92:10:99:14:dd:90:bf:f9:70:70:52:3a:b9:
2f:b0:02:c5:4b:8d:5a:6a:8c:62:86:8a:d0:d1:05:
46:33:90:ef:09:35:45:50:7d:ca:49:73:02:4c:86:
7d:c3:75:dc:68:73:14:90:a1:a6:63:5a:f9:51:03:
1b:ba:84:dc:1f:16:c5:08:3a:51:73:1a:12:55:cf:
9a:97:8d:49:b7:9c:86:d1:31:ae:eb:8d:c0:f2:71:
2c:65:c1:80:87:59:bc:0d:a2:ba:9b:46:b4:cc:19:
8e:6e:9a:eb:88:79:b1:28:50:14:3e:f1:82:0c:34:
c5:3c:4b:c9:99:4f:75:05:f6:9a:24:7d:a6:db:7b:
c6:90:ee:bf:47:8e:83:0d:79:9b:c9:22:29:b8:d5:
8d:88:56:d4:79:48:c8:ea:40:c5:8f:5f:8a:2b:78:
e0:f1:7d:af:3e:0d:a8:95:c5:af:e2:a3:af:65:a8:
05:45:3e:f1:7e:01:cd:9e:d7:bb:02:b8:06:4e:80:
95:89:13:4e:12:5a:2d:ee:c1:e1:aa:53:c5:f1:f5:
2a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D2:43:FE:F7:AA:42:C7:04:B8:7C:93:CD:59:62:4D:34:59:60:89
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hdJD_veqQscEuHyTzVliTTRZYIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb02::/34
2a01:fb02:8000::/34
Signature Algorithm: sha256WithRSAEncryption
67:f6:f0:0e:9d:03:07:a8:b2:e5:df:eb:95:e5:6b:5f:f8:08:
a4:72:0c:c2:75:73:11:6a:ad:eb:95:62:33:e7:b0:3a:53:89:
37:03:a9:25:1c:91:5d:00:aa:d4:5a:50:8a:8f:ad:31:0a:b9:
f8:89:ec:3f:35:af:d5:3d:8b:74:4b:c6:e9:3f:e5:47:12:84:
77:27:10:4e:09:b9:2a:18:33:43:30:21:ce:d9:56:d1:39:02:
25:65:a8:c6:e9:02:e0:31:fe:00:03:dc:9b:6f:6f:e3:66:8a:
bf:0b:f7:53:bc:65:6c:9b:fd:ee:27:07:6c:5a:e2:95:f4:3f:
43:e3:86:03:04:02:f6:a6:5d:fc:b5:ba:03:3f:8a:12:30:19:
de:93:b7:c3:6f:99:5d:1b:d2:06:c3:58:2a:35:58:c2:9b:1e:
1a:03:89:41:3c:40:4d:a0:e5:49:00:27:8d:fc:bd:f9:74:85:
ce:dd:e8:ec:39:04:5c:7a:20:32:2f:ca:c4:34:0e:c5:32:fb:
56:25:05:41:d0:14:ce:75:18:ee:ae:f3:e8:fa:a1:ad:68:96:
c3:a4:14:b7:7e:a3:d3:5e:0f:5a:6d:08:06:f8:68:aa:d1:7d:
af:50:96:25:c7:89:b8:22:80:ae:37:72:64:69:de:92:3d:d0:
d3:fa:3f:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZoZui60fVNQqCsAQrvhZOpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDI1MDQ1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWQyNDNmZWY3YWE0MmM3MDRiODdjOTNjZDU5NjI0ZDM0NTk2MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojiC3yPPW+p/9JtzEykvIYH1KFnz
5TZgznODKBLEgAVbUM6umlIPvl1fV1cv+5IQmRTdkL/5cHBSOrkvsALFS41aaoxi
horQ0QVGM5DvCTVFUH3KSXMCTIZ9w3XcaHMUkKGmY1r5UQMbuoTcHxbFCDpRcxoS
Vc+al41Jt5yG0TGu643A8nEsZcGAh1m8DaK6m0a0zBmObprriHmxKFAUPvGCDDTF
PEvJmU91BfaaJH2m23vGkO6/R46DDXmbySIpuNWNiFbUeUjI6kDFj1+KK3jg8X2v
Pg2olcWv4qOvZagFRT7xfgHNnte7ArgGToCViRNOElot7sHhqlPF8fUqqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIXSQ/73qkLHBLh8k81ZYk00WWCJMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvaGRKRF92ZXFRc2NFdUh5VHpWbGlUVFJaWUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAbc3BMBYE
AgACMBADBgYqAfsCAAMGBioB+wKAMA0GCSqGSIb3DQEBCwUAA4IBAQBn9vAOnQMH
qLLl3+uV5Wtf+AikcgzCdXMRaq3rlWIz57A6U4k3A6klHJFdAKrUWlCKj60xCrn4
iew/Na/VPYt0S8bpP+VHEoR3JxBOCbkqGDNDMCHO2VbROQIlZajG6QLgMf4AA9yb
b2/jZoq/C/dTvGVsm/3uJwdsWuKV9D9D44YDBAL2pl38tboDP4oSMBnek7fDb5ld
G9IGw1gqNVjCmx4aA4lBPEBNoOVJACeN/L35dIXO3ejsOQRceiAyL8rENA7FMvtW
JQVB0BTOdRjurvPo+qGtaJbDpBS3fqPTXg9abQgG+Giq0X2vUJYlx4m4IoCuN3Jk
ad6SPdDT+j9i
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:09:27 2025 by rpki-client