Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/OuthJUym19FjT8ci0BD8M70ff0w.roa
File: OuthJUym19FjT8ci0BD8M70ff0w.roa (raw, json)
Hash identifier: OdA/QajBBq0uQv/tL0mF6x6XX7aLbHqwxy8dOWgiW0w=
Subject key identifier: 3A:EB:61:25:4C:A6:D7:D1:63:4F:C7:22:D0:10:FC:33:BD:1F:7F:4C
Certificate issuer: /CN=f7b9d97b97fd4cbaceda81c4406e74ad6d539326
Certificate serial: 0198B7B3658C78CFB2C0F9778D68D8FEFE32
Authority key identifier: F7:B9:D9:7B:97:FD:4C:BA:CE:DA:81:C4:40:6E:74:AD:6D:53:93:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/97nZe5f9TLrO2oHEQG50rW1TkyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/OuthJUym19FjT8ci0BD8M70ff0w.roa
Signing time: Sun 17 Aug 2025 11:04:04 +0000
ROA not before: Sun 17 Aug 2025 11:04:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214707
IP address blocks: 109.224.208.0/21 maxlen: 21
109.224.208.0/24 maxlen: 24
109.224.209.0/24 maxlen: 24
109.224.210.0/24 maxlen: 24
109.224.211.0/24 maxlen: 24
109.224.212.0/24 maxlen: 24
109.224.213.0/24 maxlen: 24
109.224.214.0/24 maxlen: 24
109.224.215.0/24 maxlen: 24
205.209.64.0/19 maxlen: 24
2a14:6540::/29 maxlen: 29
2a14:6540::/31 maxlen: 31
2a14:6542::/31 maxlen: 31
2a14:6544::/31 maxlen: 31
2a14:6546::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/97nZe5f9TLrO2oHEQG50rW1TkyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/97nZe5f9TLrO2oHEQG50rW1TkyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/97nZe5f9TLrO2oHEQG50rW1TkyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b7:b3:65:8c:78:cf:b2:c0:f9:77:8d:68:d8:fe:fe:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7b9d97b97fd4cbaceda81c4406e74ad6d539326
Validity
Not Before: Aug 17 11:04:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aeb61254ca6d7d1634fc722d010fc33bd1f7f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:83:08:ba:fe:8d:94:0c:d0:73:f7:98:15:df:
67:91:57:24:83:35:b4:55:d8:0e:b7:1b:dc:33:6f:
ce:79:90:56:49:89:41:99:51:93:0e:4f:92:45:09:
e7:bd:8a:83:86:ff:8d:6c:81:39:b7:ed:f1:01:f5:
7f:5b:ae:9d:a2:9a:8d:b4:91:b9:54:9c:04:a7:b9:
5a:d6:59:58:8d:9a:43:b2:62:89:c7:7c:13:55:8a:
67:04:ee:1a:fd:39:a5:9d:cc:e4:a2:9f:bd:c1:e5:
fb:9d:2b:62:6a:6d:f8:f3:2b:b1:51:c9:bc:d7:04:
53:73:32:e7:1d:92:4b:80:02:fc:ee:28:e6:af:b1:
ba:a9:07:1c:c4:a7:85:c6:aa:7f:52:86:07:44:6f:
50:b5:bf:27:e8:c7:2e:a1:48:aa:28:10:1d:4e:30:
f0:61:1a:29:09:e8:79:a7:71:cf:ba:1c:fa:4a:3e:
04:24:f7:5a:d3:90:66:7a:94:2c:e5:de:a8:fc:9a:
02:a3:09:bb:99:a2:56:ef:9f:a4:a1:b4:1d:14:8d:
c6:a6:97:c3:f4:91:ed:4e:c5:2d:e6:19:26:07:a1:
b9:59:b7:8a:70:c6:08:ec:a5:70:b5:a1:66:01:35:
e1:18:47:de:ad:38:73:af:5e:b1:04:78:0d:7f:ac:
87:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:EB:61:25:4C:A6:D7:D1:63:4F:C7:22:D0:10:FC:33:BD:1F:7F:4C
X509v3 Authority Key Identifier:
keyid:F7:B9:D9:7B:97:FD:4C:BA:CE:DA:81:C4:40:6E:74:AD:6D:53:93:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/97nZe5f9TLrO2oHEQG50rW1TkyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/OuthJUym19FjT8ci0BD8M70ff0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/469d47-01e2-4fcb-a68c-a30d82bd6219/1/97nZe5f9TLrO2oHEQG50rW1TkyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.208.0/21
205.209.64.0/19
IPv6:
2a14:6540::/29
Signature Algorithm: sha256WithRSAEncryption
bf:a7:44:72:c3:b8:70:92:82:c7:c2:aa:92:a0:89:8c:fd:8e:
5e:18:4b:9e:7b:5f:d5:4a:59:a4:2a:7d:84:77:8a:fe:84:9a:
93:d2:a4:80:64:e5:92:2a:9b:e1:22:01:57:c5:4f:25:59:9e:
e5:ca:3d:7d:23:69:eb:09:f3:e1:91:03:05:b2:bf:ef:08:8d:
14:cd:32:c4:38:40:dd:69:69:92:e7:b9:b2:81:d8:57:01:28:
4b:fa:ae:88:da:a0:5a:2f:9e:04:68:56:8a:a3:8d:e6:41:b6:
db:84:c5:8f:d5:15:a2:65:49:f9:0e:de:f6:c1:28:b8:c8:53:
fd:1d:b8:c4:ea:60:f0:4d:6b:fd:98:b5:2f:82:a4:45:32:2c:
64:c9:f2:ce:db:19:17:59:17:c5:ce:03:3c:35:43:3f:5e:66:
29:a5:2a:f1:a0:72:4c:b2:34:6a:ff:d1:e6:38:8d:20:a9:a1:
cd:23:d2:ce:e0:64:90:24:1a:cf:b0:08:d4:dc:54:9c:13:9f:
a8:4d:e8:04:2d:71:1a:46:d4:b2:0f:bd:c3:f1:2f:b2:f2:22:
e0:d3:78:38:0e:ea:93:53:d5:45:7c:48:f1:7c:df:42:da:ad:
6c:5a:02:6e:34:3a:d6:4e:12:5e:0c:b7:3e:29:82:bf:e3:d1:
7b:e3:cb:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZi3s2WMeM+ywPl3jWjY/v4yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YjlkOTdiOTdmZDRjYmFjZWRhODFjNDQwNmU3NGFkNmQ1
MzkzMjYwHhcNMjUwODE3MTEwNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWViNjEyNTRjYTZkN2QxNjM0ZmM3MjJkMDEwZmMzM2JkMWY3ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYMIuv6NlAzQc/eYFd9nkVckgzW0
VdgOtxvcM2/OeZBWSYlBmVGTDk+SRQnnvYqDhv+NbIE5t+3xAfV/W66dopqNtJG5
VJwEp7la1llYjZpDsmKJx3wTVYpnBO4a/Tmlnczkop+9weX7nStiam348yuxUcm8
1wRTczLnHZJLgAL87ijmr7G6qQccxKeFxqp/UoYHRG9Qtb8n6McuoUiqKBAdTjDw
YRopCeh5p3HPuhz6Sj4EJPda05BmepQs5d6o/JoCowm7maJW75+kobQdFI3GppfD
9JHtTsUt5hkmB6G5WbeKcMYI7KVwtaFmATXhGEferThzr16xBHgNf6yHmwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDrrYSVMptfRY0/HItAQ/DO9H39MMB8GA1UdIwQY
MBaAFPe52XuX/Uy6ztqBxEBudK1tU5MmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTduWmU1ZjlUTHJPMm9IRVFHNTByVzFUa3lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80NjlkNDctMDFlMi00ZmNiLWE2OGMt
YTMwZDgyYmQ2MjE5LzEvT3V0aEpVeW0xOUZqVDhjaTBCRDhNNzBmZjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80NjlkNDctMDFlMi00ZmNiLWE2OGMtYTMwZDgyYmQ2MjE5
LzEvOTduWmU1ZjlUTHJPMm9IRVFHNTByVzFUa3lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbeDQAwQF
zdFAMA0EAgACMAcDBQMqFGVAMA0GCSqGSIb3DQEBCwUAA4IBAQC/p0Ryw7hwkoLH
wqqSoImM/Y5eGEuee1/VSlmkKn2Ed4r+hJqT0qSAZOWSKpvhIgFXxU8lWZ7lyj19
I2nrCfPhkQMFsr/vCI0UzTLEOEDdaWmS57mygdhXAShL+q6I2qBaL54EaFaKo43m
QbbbhMWP1RWiZUn5Dt72wSi4yFP9HbjE6mDwTWv9mLUvgqRFMixkyfLO2xkXWRfF
zgM8NUM/XmYppSrxoHJMsjRq/9HmOI0gqaHNI9LO4GSQJBrPsAjU3FScE5+oTegE
LXEaRtSyD73D8S+y8iLg03g4DuqTU9VFfEjxfN9C2q1sWgJuNDrWThJeDLc+KYK/
49F748vK
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:48:54 2025 by rpki-client