
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/KntY924djWUw2E5_6Dutq_ZZ4Zc.roa
File: KntY924djWUw2E5_6Dutq_ZZ4Zc.roa (raw, json)
Hash identifier: KalXmSDxooKoko/REjizBaBBm53fPU+cB759UZj4dk0=
Subject key identifier: 2A:7B:58:F7:6E:1D:8D:65:30:D8:4E:7F:E8:3B:AD:AB:F6:59:E1:97
Certificate issuer: /CN=86df1259b3aa1de34d13d1d863178864d9d185cb
Certificate serial: 0199738646AD15EFE8C5E6F6A6DC1CCF7C32
Authority key identifier: 86:DF:12:59:B3:AA:1D:E3:4D:13:D1:D8:63:17:88:64:D9:D1:85:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ht8SWbOqHeNNE9HYYxeIZNnRhcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/KntY924djWUw2E5_6Dutq_ZZ4Zc.roa
Signing time: Mon 22 Sep 2025 22:23:23 +0000
ROA not before: Mon 22 Sep 2025 22:23:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 109.235.97.0/24 maxlen: 24
109.235.98.0/24 maxlen: 24
109.235.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/ht8SWbOqHeNNE9HYYxeIZNnRhcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/ht8SWbOqHeNNE9HYYxeIZNnRhcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ht8SWbOqHeNNE9HYYxeIZNnRhcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:73:86:46:ad:15:ef:e8:c5:e6:f6:a6:dc:1c:cf:7c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86df1259b3aa1de34d13d1d863178864d9d185cb
Validity
Not Before: Sep 22 22:23:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a7b58f76e1d8d6530d84e7fe83badabf659e197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:8a:c0:d9:69:ec:43:28:5f:93:a5:83:b0:
4e:07:01:87:1a:52:e7:b2:f8:05:73:cf:77:f6:66:
a2:68:dc:f3:c2:38:a3:cd:fe:77:4d:09:d0:4a:16:
d3:b3:07:a1:f4:2e:f7:1f:90:aa:dd:0c:0b:b0:5c:
1d:34:ef:c3:92:2b:88:96:bf:47:da:cf:ce:6a:af:
56:26:0c:fb:8b:d6:a7:64:15:49:47:94:5b:37:2c:
14:af:04:d2:41:1f:7e:6c:80:95:e2:00:d2:22:6c:
81:55:ca:cc:99:bf:c5:1b:d6:24:75:32:66:72:93:
19:b6:4d:d6:c3:8c:99:db:0b:f9:18:09:1f:cb:65:
f0:09:f4:06:30:eb:8b:84:c3:f0:37:14:ad:ef:13:
66:2a:eb:6a:fa:1d:00:cd:92:f3:bb:a3:5a:d2:ce:
7e:86:b0:2e:59:d2:e1:dc:18:21:24:2c:69:29:86:
2e:1a:69:ac:56:38:80:85:e8:24:1d:46:ec:8c:28:
15:91:17:7f:55:91:a7:33:b3:73:39:f3:22:72:65:
d3:c2:8c:23:95:3a:02:77:71:c2:65:1d:cf:76:47:
46:3b:63:7a:fd:ca:d2:c4:84:37:5f:6f:1e:03:c6:
fd:6b:dd:25:30:f2:88:0f:6c:52:d9:fb:7c:e0:dc:
29:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:7B:58:F7:6E:1D:8D:65:30:D8:4E:7F:E8:3B:AD:AB:F6:59:E1:97
X509v3 Authority Key Identifier:
keyid:86:DF:12:59:B3:AA:1D:E3:4D:13:D1:D8:63:17:88:64:D9:D1:85:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ht8SWbOqHeNNE9HYYxeIZNnRhcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/KntY924djWUw2E5_6Dutq_ZZ4Zc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d01a91-a3ab-4e08-9564-a51aa23a8fdd/1/ht8SWbOqHeNNE9HYYxeIZNnRhcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.97.0-109.235.99.255
Signature Algorithm: sha256WithRSAEncryption
03:3c:b6:d4:84:54:41:ee:eb:05:34:36:4e:70:4e:f4:18:6c:
5a:f7:f6:36:fc:5e:9f:f6:17:e9:0b:c6:4e:fa:3f:af:fa:7d:
9e:1c:0d:5d:79:99:12:20:e2:09:9d:cc:eb:54:c5:b3:cd:18:
1d:b9:07:4e:7b:ed:70:b9:83:85:14:67:52:67:88:32:b3:ce:
a1:fe:23:13:89:6e:26:91:65:51:85:b3:bf:1e:94:1d:35:dd:
f2:8a:ca:24:c6:e8:65:76:72:62:ce:7e:e2:e4:d2:c6:b0:fb:
c6:10:b8:7d:2a:27:6f:c0:79:d0:75:4f:7f:42:77:78:ce:f3:
3a:eb:e8:66:8f:ca:fe:39:53:05:f7:e3:e9:91:21:9f:86:81:
df:75:72:1d:6c:64:54:fe:69:19:4c:d1:4b:b0:fa:84:5e:84:
a0:fd:b4:f8:07:5f:75:bc:54:53:f8:12:11:5c:46:36:01:41:
88:fc:55:6d:05:0a:a5:8b:76:ba:73:5a:ec:98:0a:97:45:8e:
b0:79:6e:bc:3a:c8:da:7a:eb:1a:ff:67:30:46:69:cd:6d:cc:
df:8f:88:b0:f0:ba:40:c3:ed:98:cd:55:92:06:1b:c2:17:c0:
d1:50:5b:80:4b:6a:ea:e8:e0:45:f2:0e:0b:ff:7c:69:5a:05:
29:52:3b:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZlzhkatFe/oxeb2ptwcz3wyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZGYxMjU5YjNhYTFkZTM0ZDEzZDFkODYzMTc4ODY0ZDlk
MTg1Y2IwHhcNMjUwOTIyMjIyMzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTdiNThmNzZlMWQ4ZDY1MzBkODRlN2ZlODNiYWRhYmY2NTllMTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWOKwNlp7EMoX5Olg7BOBwGHGlLn
svgFc8939maiaNzzwjijzf53TQnQShbTsweh9C73H5Cq3QwLsFwdNO/DkiuIlr9H
2s/Oaq9WJgz7i9anZBVJR5RbNywUrwTSQR9+bICV4gDSImyBVcrMmb/FG9YkdTJm
cpMZtk3Ww4yZ2wv5GAkfy2XwCfQGMOuLhMPwNxSt7xNmKutq+h0AzZLzu6Na0s5+
hrAuWdLh3BghJCxpKYYuGmmsVjiAhegkHUbsjCgVkRd/VZGnM7NzOfMicmXTwowj
lToCd3HCZR3PdkdGO2N6/crSxIQ3X28eA8b9a90lMPKID2xS2ft84Nwp/wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCp7WPduHY1lMNhOf+g7rav2WeGXMB8GA1UdIwQY
MBaAFIbfElmzqh3jTRPR2GMXiGTZ0YXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHQ4U1diT3FIZU5ORTlIWVl4ZUlaTm5SaGNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kMDFhOTEtYTNhYi00ZTA4LTk1NjQt
YTUxYWEyM2E4ZmRkLzEvS250WTkyNGRqV1V3MkU1XzZEdXRxX1paNFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kMDFhOTEtYTNhYi00ZTA4LTk1NjQtYTUxYWEyM2E4ZmRk
LzEvaHQ4U1diT3FIZU5ORTlIWVl4ZUlaTm5SaGNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABt62ED
BAJt62AwDQYJKoZIhvcNAQELBQADggEBAAM8ttSEVEHu6wU0Nk5wTvQYbFr39jb8
Xp/2F+kLxk76P6/6fZ4cDV15mRIg4gmdzOtUxbPNGB25B0577XC5g4UUZ1JniDKz
zqH+IxOJbiaRZVGFs78elB013fKKyiTG6GV2cmLOfuLk0saw+8YQuH0qJ2/AedB1
T39Cd3jO8zrr6GaPyv45UwX34+mRIZ+Ggd91ch1sZFT+aRlM0Uuw+oRehKD9tPgH
X3W8VFP4EhFcRjYBQYj8VW0FCqWLdrpzWuyYCpdFjrB5brw6yNp66xr/ZzBGac1t
zN+PiLDwukDD7ZjNVZIGG8IXwNFQW4BLauro4EXyDgv/fGlaBSlSO+0=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:29 2025 by rpki-client