Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/b389IyPC0-SPlx7yNiYWkOMr9O4.roa
File: b389IyPC0-SPlx7yNiYWkOMr9O4.roa (raw, json)
Hash identifier: O1shkA69HJKJnoBIHpsLbZmyQiZijNKjduQYPka6/aA=
Subject key identifier: 6F:7F:3D:23:23:C2:D3:E4:8F:97:1E:F2:36:26:16:90:E3:2B:F4:EE
Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Certificate serial: 0198D5B5963A1BC9540EC3C5E84DCF6F3230
Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/b389IyPC0-SPlx7yNiYWkOMr9O4.roa
Signing time: Sat 23 Aug 2025 06:55:04 +0000
ROA not before: Sat 23 Aug 2025 06:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.24.0/24 maxlen: 24
109.122.27.0/24 maxlen: 24
109.122.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:55:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:b5:96:3a:1b:c9:54:0e:c3:c5:e8:4d:cf:6f:32:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Validity
Not Before: Aug 23 06:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f7f3d2323c2d3e48f971ef236261690e32bf4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:db:72:79:a6:89:ec:0b:94:9a:3f:2a:65:
76:6d:1b:2e:9f:e8:ca:ef:e8:e8:3d:7f:69:f9:ca:
12:69:61:ab:ee:d0:e4:37:87:44:cc:25:68:e7:ec:
27:28:a6:0b:3c:a6:b6:56:e5:90:2f:03:60:98:42:
1f:b8:66:cf:ba:91:9f:de:32:93:10:f5:9f:66:81:
66:10:7e:c2:c6:1d:38:0f:d0:70:ac:36:14:79:ca:
5d:24:fb:d2:26:5c:b3:8a:4d:d3:7c:13:b3:59:84:
e1:40:fc:a6:fb:7a:bb:cf:a6:ec:82:57:de:22:e6:
96:d9:61:ea:a9:3d:95:91:ff:48:bf:8a:18:12:d2:
de:cd:18:b4:33:c8:49:da:63:27:a2:9b:62:84:66:
75:f4:5f:07:eb:d9:d8:2b:1b:22:3d:61:ab:00:30:
87:73:ec:75:a9:b0:57:a7:b4:be:0a:35:8b:2a:7e:
72:33:91:53:08:f4:6a:80:a9:cb:8b:6f:59:e5:03:
fc:98:88:c6:ff:0a:ac:17:2c:a2:46:ff:e5:f2:65:
ef:43:4a:6e:4c:a6:c1:96:01:3b:8d:2e:37:61:eb:
9c:5b:e7:0a:7d:cf:01:a0:fb:29:0f:80:6e:17:43:
06:e7:4b:a2:06:a5:94:2d:e4:de:8a:b7:79:71:6a:
6a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7F:3D:23:23:C2:D3:E4:8F:97:1E:F2:36:26:16:90:E3:2B:F4:EE
X509v3 Authority Key Identifier:
keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/b389IyPC0-SPlx7yNiYWkOMr9O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.24.0/24
109.122.27.0/24
109.122.29.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:f7:4a:a4:f0:52:54:7c:e9:f8:d0:a9:4f:0d:4e:82:44:f2:
09:fa:ce:c2:ba:b4:c0:f6:2d:0b:f7:21:15:db:6d:41:ab:e4:
ba:07:5c:ae:56:aa:8b:bf:e2:49:a5:dc:47:99:9b:57:5c:6c:
f8:55:8c:a5:e1:60:7c:d0:9b:63:49:76:a0:04:ba:15:a5:21:
8a:f0:25:fb:a2:79:2c:93:45:66:88:58:39:3f:37:88:02:1e:
ab:5b:c6:3f:2b:29:86:f7:a0:cc:ac:dc:7a:2a:06:25:c9:4c:
02:63:2a:4e:e8:d2:f7:2c:b4:65:d4:2b:a0:6a:4c:34:ba:b4:
3b:7b:4e:ba:f3:2f:e0:70:be:11:15:de:2c:fd:f4:0f:30:db:
f5:53:e8:c9:5f:9e:0d:48:1b:37:b0:1b:bf:57:c4:a7:2f:d6:
77:9f:32:35:30:e0:f6:05:b1:84:52:06:59:1a:54:19:16:f5:
56:22:85:b2:d0:ab:ee:46:fd:de:e7:2f:95:88:65:40:8c:c5:
c4:00:3d:23:f9:aa:e1:d8:0f:3c:c1:88:75:9b:42:ca:cc:eb:
8f:a4:c9:da:1f:77:02:c9:c8:31:d9:31:da:d2:ad:2e:45:fd:
58:e2:02:27:bd:dd:ff:9c:63:e4:7a:36:90:f3:56:d6:5b:09:
94:82:b8:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjVtZY6G8lUDsPF6E3PbzIwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3
OGE1NzkwHhcNMjUwODIzMDY1NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjdmM2QyMzIzYzJkM2U0OGY5NzFlZjIzNjI2MTY5MGUzMmJmNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7TbcnmmiewLlJo/KmV2bRsun+jK
7+joPX9p+coSaWGr7tDkN4dEzCVo5+wnKKYLPKa2VuWQLwNgmEIfuGbPupGf3jKT
EPWfZoFmEH7Cxh04D9BwrDYUecpdJPvSJlyzik3TfBOzWYThQPym+3q7z6bsglfe
IuaW2WHqqT2Vkf9Iv4oYEtLezRi0M8hJ2mMnoptihGZ19F8H69nYKxsiPWGrADCH
c+x1qbBXp7S+CjWLKn5yM5FTCPRqgKnLi29Z5QP8mIjG/wqsFyyiRv/l8mXvQ0pu
TKbBlgE7jS43YeucW+cKfc8BoPspD4BuF0MG50uiBqWULeTeird5cWpqKQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG9/PSMjwtPkj5ce8jYmFpDjK/TuMB8GA1UdIwQY
MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt
YTM5YWMyNTM5ZmM1LzEvYjM4OUl5UEMwLVNQbHg3eU5pWVdrT01yOU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1
LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXoYAwQA
bXobAwQAbXodMA0GCSqGSIb3DQEBCwUAA4IBAQB+90qk8FJUfOn40KlPDU6CRPIJ
+s7CurTA9i0L9yEV221Bq+S6B1yuVqqLv+JJpdxHmZtXXGz4VYyl4WB80JtjSXag
BLoVpSGK8CX7onksk0VmiFg5PzeIAh6rW8Y/KymG96DMrNx6KgYlyUwCYypO6NL3
LLRl1Cugakw0urQ7e0668y/gcL4RFd4s/fQPMNv1U+jJX54NSBs3sBu/V8SnL9Z3
nzI1MOD2BbGEUgZZGlQZFvVWIoWy0KvuRv3e5y+ViGVAjMXEAD0j+arh2A88wYh1
m0LKzOuPpMnaH3cCycgx2THa0q0uRf1Y4gInvd3/nGPkejaQ81bWWwmUgrjV
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:56:39 2025 by rpki-client