Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/TMV5PmtdF5l5jatCNFDaS9eThjI.roa
File: TMV5PmtdF5l5jatCNFDaS9eThjI.roa (raw, json)
Hash identifier: HIP7dgnaDkAx7w0vdo6ttHih6JO7o16Fnu3jUjRxZ2c=
Subject key identifier: 4C:C5:79:3E:6B:5D:17:99:79:8D:AB:42:34:50:DA:4B:D7:93:86:32
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0199F91EBF7D85A56D68C0AF965CBEDB6C31
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/TMV5PmtdF5l5jatCNFDaS9eThjI.roa
Signing time: Sat 18 Oct 2025 20:59:25 +0000
ROA not before: Sat 18 Oct 2025 20:59:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb02::/34 maxlen: 34
2a01:fb05:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f9:1e:bf:7d:85:a5:6d:68:c0:af:96:5c:be:db:6c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 18 20:59:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cc5793e6b5d1799798dab423450da4bd7938632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6a:f3:11:1e:02:12:da:f0:e8:1d:d2:37:2d:
e2:50:22:ac:e4:fd:29:72:fb:c4:0f:b9:b2:37:08:
ba:7c:f6:4f:11:72:89:d2:bc:9a:79:03:4f:1f:b6:
c8:fb:f9:80:5c:70:e0:f3:bf:38:5d:96:03:34:c1:
01:d9:85:b8:69:88:c0:eb:de:26:b4:5e:66:a2:b5:
0a:2a:d2:4d:64:4c:e6:65:3f:62:5a:c7:1f:e2:49:
e4:2d:0a:1a:a9:75:66:a8:63:fc:9d:8a:4f:0e:2b:
68:73:36:8a:58:ea:cf:67:d4:20:74:d5:7b:f7:e6:
57:aa:a9:29:42:84:82:57:f9:5c:dd:13:f3:cb:f9:
60:41:0e:20:18:78:1c:aa:b1:61:0c:ff:0f:87:fd:
0e:57:18:6a:11:d7:6c:f3:95:63:1c:f4:ab:0c:00:
e0:12:b5:c9:f7:a6:da:6b:b5:91:0c:e2:4a:cc:be:
aa:7c:84:b7:ac:74:74:79:2b:4d:98:3f:17:90:17:
e2:24:02:56:54:bd:2e:91:95:d3:a9:2e:6b:2f:aa:
ab:8b:96:d6:3b:48:22:79:5e:5e:f5:a0:3a:73:8b:
8e:18:40:c5:db:3e:28:b9:7b:ad:d0:74:f4:3f:b4:
84:08:34:4d:f9:b5:be:55:cb:87:5d:71:be:3f:73:
0a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C5:79:3E:6B:5D:17:99:79:8D:AB:42:34:50:DA:4B:D7:93:86:32
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/TMV5PmtdF5l5jatCNFDaS9eThjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb02::/34
2a01:fb05:1000::/36
Signature Algorithm: sha256WithRSAEncryption
4a:38:84:91:2c:29:00:ae:70:e6:fd:96:d3:50:57:2b:8b:a1:
7a:49:63:9a:25:20:57:25:ac:a2:85:ff:cb:bc:8b:af:83:7a:
e0:5b:03:92:5a:62:72:75:11:3c:3d:3f:d3:fe:bc:09:04:b6:
5f:98:01:63:9c:68:c6:3a:f6:f8:4b:0f:9c:ea:b0:e8:19:c5:
df:ba:bf:45:d5:54:0e:bf:0b:06:46:ac:a3:bb:36:ba:ea:b0:
2d:0b:69:32:fe:83:8c:1e:91:16:9c:50:55:30:26:d9:c3:0f:
c0:c4:81:6c:18:0e:e3:f5:ab:34:1d:03:c8:53:f7:51:30:70:
a9:42:38:fc:74:89:08:52:dd:d6:3e:29:dc:e9:1b:d2:1b:d8:
24:76:47:cd:51:1e:c0:b7:d4:45:88:4a:6b:c1:68:4f:c8:3d:
c0:d0:3f:27:78:02:3f:31:78:18:56:e5:4b:35:b7:f3:24:03:
6a:02:a1:fb:5e:bb:4f:2d:c5:63:65:18:31:de:12:bf:6c:0d:
6a:36:d1:f8:5c:09:09:25:fb:bf:c5:7b:0d:93:d3:d7:84:c8:
36:36:10:8a:80:3d:2e:be:b8:f2:6f:b3:45:66:1f:e8:fe:76:
12:83:2b:58:e4:cc:4a:8d:61:20:23:9a:b6:bf:05:dc:aa:0c:
c8:22:b8:52
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZn5Hr99haVtaMCvlly+22wxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDE4MjA1OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M1NzkzZTZiNWQxNzk5Nzk4ZGFiNDIzNDUwZGE0YmQ3OTM4NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12rzER4CEtrw6B3SNy3iUCKs5P0p
cvvED7myNwi6fPZPEXKJ0ryaeQNPH7bI+/mAXHDg8784XZYDNMEB2YW4aYjA694m
tF5morUKKtJNZEzmZT9iWscf4knkLQoaqXVmqGP8nYpPDitoczaKWOrPZ9QgdNV7
9+ZXqqkpQoSCV/lc3RPzy/lgQQ4gGHgcqrFhDP8Ph/0OVxhqEdds85VjHPSrDADg
ErXJ96baa7WRDOJKzL6qfIS3rHR0eStNmD8XkBfiJAJWVL0ukZXTqS5rL6qri5bW
O0gieV5e9aA6c4uOGEDF2z4ouXut0HT0P7SECDRN+bW+VcuHXXG+P3MKvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEzFeT5rXReZeY2rQjRQ2kvXk4YyMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvVE1WNVBtdGRGNWw1amF0Q05GRGFTOWVUaGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAbc3BMBYE
AgACMBADBgYqAfsCAAMGBCoB+wUQMA0GCSqGSIb3DQEBCwUAA4IBAQBKOISRLCkA
rnDm/ZbTUFcri6F6SWOaJSBXJayihf/LvIuvg3rgWwOSWmJydRE8PT/T/rwJBLZf
mAFjnGjGOvb4Sw+c6rDoGcXfur9F1VQOvwsGRqyjuza66rAtC2ky/oOMHpEWnFBV
MCbZww/AxIFsGA7j9as0HQPIU/dRMHCpQjj8dIkIUt3WPinc6RvSG9gkdkfNUR7A
t9RFiEprwWhPyD3A0D8neAI/MXgYVuVLNbfzJANqAqH7XrtPLcVjZRgx3hK/bA1q
NtH4XAkJJfu/xXsNk9PXhMg2NhCKgD0uvrjyb7NFZh/o/nYSgytY5MxKjWEgI5q2
vwXcqgzIIrhS
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:08:46 2025 by rpki-client