Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/gVvA0OWh1IBLntBHMjTP1bYGg30.roa
File: gVvA0OWh1IBLntBHMjTP1bYGg30.roa (raw, json)
Hash identifier: pBPR2W1OlVpvUfjlWZD1hII2sbxHvPmzVnORFzfXJj4=
Subject key identifier: 81:5B:C0:D0:E5:A1:D4:80:4B:9E:D0:47:32:34:CF:D5:B6:06:83:7D
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0199CBBA269F3059F687C56366A92C07388F
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/gVvA0OWh1IBLntBHMjTP1bYGg30.roa
Signing time: Fri 10 Oct 2025 01:26:38 +0000
ROA not before: Fri 10 Oct 2025 01:26:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41108
IP address blocks: 109.175.210.0/24 maxlen: 24
2a01:fb05::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cb:ba:26:9f:30:59:f6:87:c5:63:66:a9:2c:07:38:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 10 01:26:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=815bc0d0e5a1d4804b9ed0473234cfd5b606837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ce:e7:71:ed:bd:b2:0d:e1:e7:22:78:64:3d:
21:a3:dc:9e:1d:c9:29:40:0e:29:8d:b9:98:84:f7:
6a:cb:2f:88:b2:a8:cc:75:7f:89:47:fb:45:89:50:
3a:43:8d:2e:d3:ee:e0:30:95:b6:89:66:ca:c2:83:
14:f3:b7:3b:7b:c2:66:fe:8e:a5:a3:a0:4d:b7:f2:
3d:b5:d5:40:03:37:dd:5d:37:f9:8e:91:d2:d9:aa:
46:2c:4b:0e:1b:50:21:76:fe:f9:ed:8e:d2:10:7a:
26:12:d1:f3:e3:59:df:64:2d:ae:07:f0:19:73:0e:
e3:36:7f:98:a7:29:9f:57:44:1f:fb:fd:50:05:20:
4e:c6:9a:8f:c5:86:26:d6:79:44:06:02:d2:f9:36:
cb:ed:f9:ae:b9:3c:62:a3:27:46:e9:90:8b:4f:b7:
f6:7d:59:49:46:2e:65:ff:12:70:5c:e3:7e:90:d1:
ce:15:32:c3:bc:a4:b5:02:d7:71:ad:2e:67:e4:fb:
16:88:68:90:bd:fa:8a:77:54:1b:5b:3f:fb:cc:4c:
a7:48:2c:3f:69:10:6a:dd:c5:10:aa:56:0c:e3:4f:
50:26:84:06:99:b4:29:3a:a2:2a:ed:fa:2d:65:47:
1b:10:12:9b:fc:8c:ed:d7:47:9c:d9:1b:7b:da:58:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5B:C0:D0:E5:A1:D4:80:4B:9E:D0:47:32:34:CF:D5:B6:06:83:7D
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/gVvA0OWh1IBLntBHMjTP1bYGg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
IPv6:
2a01:fb05::/36
Signature Algorithm: sha256WithRSAEncryption
24:da:d4:8a:52:a7:87:c1:82:71:30:3c:a9:fe:af:01:af:2a:
db:9b:8f:35:eb:2f:c8:e4:fb:f7:06:cb:b3:c3:b8:6f:c1:ea:
15:dd:77:be:e6:f8:d6:71:82:ab:36:27:6d:83:86:e1:15:d3:
3d:bd:fd:f6:87:a9:22:9e:a4:44:3f:0d:94:36:64:0a:7a:c0:
c7:3a:4c:21:8e:45:76:9b:24:7a:e1:76:35:08:57:f8:bb:14:
85:5e:de:34:89:64:51:46:c6:7f:27:86:15:27:27:72:38:f4:
9c:90:53:ef:b1:c3:38:a7:16:d1:b7:5a:91:a0:59:ee:01:9a:
93:70:b2:83:c2:24:f8:fb:5c:64:32:09:16:56:e4:ff:46:00:
af:70:02:7d:2a:a7:63:ab:b5:de:45:5a:98:ed:e5:50:93:14:
71:a0:70:f2:bf:5a:e6:bc:7f:56:65:81:bd:c9:b6:dc:bb:83:
63:01:aa:a8:a9:ef:83:48:02:b8:b1:ea:23:37:a0:7a:2d:66:
08:2a:28:7d:59:4a:56:29:68:a9:8f:73:6d:6c:04:cd:0e:16:
dc:c3:10:0b:b5:73:c0:4c:2a:cc:ee:68:25:b2:e1:15:0b:45:
40:0d:b8:cf:8d:a9:00:1d:75:a7:a4:1f:e0:09:96:81:f6:c9:
34:f7:b4:f5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZnLuiafMFn2h8VjZqksBziPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDEwMDEyNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTViYzBkMGU1YTFkNDgwNGI5ZWQwNDczMjM0Y2ZkNWI2MDY4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzs7nce29sg3h5yJ4ZD0ho9yeHckp
QA4pjbmYhPdqyy+IsqjMdX+JR/tFiVA6Q40u0+7gMJW2iWbKwoMU87c7e8Jm/o6l
o6BNt/I9tdVAAzfdXTf5jpHS2apGLEsOG1Ahdv757Y7SEHomEtHz41nfZC2uB/AZ
cw7jNn+YpymfV0Qf+/1QBSBOxpqPxYYm1nlEBgLS+TbL7fmuuTxioydG6ZCLT7f2
fVlJRi5l/xJwXON+kNHOFTLDvKS1AtdxrS5n5PsWiGiQvfqKd1QbWz/7zEynSCw/
aRBq3cUQqlYM409QJoQGmbQpOqIq7fotZUcbEBKb/Izt10ec2Rt72lhvDwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIFbwNDlodSAS57QRzI0z9W2BoN9MB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvZ1Z2QTBPV2gxSUJMbnRCSE1qVFAxYllHZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAba/SMA4E
AgACMAgDBgQqAfsFADANBgkqhkiG9w0BAQsFAAOCAQEAJNrUilKnh8GCcTA8qf6v
Aa8q25uPNesvyOT79wbLs8O4b8HqFd13vub41nGCqzYnbYOG4RXTPb399oepIp6k
RD8NlDZkCnrAxzpMIY5FdpskeuF2NQhX+LsUhV7eNIlkUUbGfyeGFScncjj0nJBT
77HDOKcW0bdakaBZ7gGak3Cyg8Ik+PtcZDIJFlbk/0YAr3ACfSqnY6u13kVamO3l
UJMUcaBw8r9a5rx/VmWBvcm23LuDYwGqqKnvg0gCuLHqIzegei1mCCoofVlKVilo
qY9zbWwEzQ4W3MMQC7VzwEwqzO5oJbLhFQtFQA24z42pAB11p6Qf4AmWgfbJNPe0
9Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:55:56 2025 by rpki-client