Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hM2DQyGvMA6K4boc_QhRKIOi0hw.roa
File: hM2DQyGvMA6K4boc_QhRKIOi0hw.roa (raw, json)
Hash identifier: vWWHSpzelpfBl3PU+PZsIY63QGWJmL7fksNqS1DGAac=
Subject key identifier: 84:CD:83:43:21:AF:30:0E:8A:E1:BA:1C:FD:08:51:28:83:A2:D2:1C
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0199E882A0C11901CA4D9F120AA78DFB7C70
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hM2DQyGvMA6K4boc_QhRKIOi0hw.roa
Signing time: Wed 15 Oct 2025 15:34:58 +0000
ROA not before: Wed 15 Oct 2025 15:34:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212271
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb05:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:82:a0:c1:19:01:ca:4d:9f:12:0a:a7:8d:fb:7c:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 15 15:34:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84cd834321af300e8ae1ba1cfd08512883a2d21c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:f0:df:a2:bb:71:82:d1:99:cf:71:14:eb:
01:fc:81:ca:32:6e:66:99:68:b0:65:75:fe:a6:a7:
fb:17:cf:1a:2c:6d:bd:a7:1d:e8:10:d4:b2:37:54:
d0:d7:0d:a2:5a:9f:e3:dd:fc:72:23:78:96:46:95:
a6:e4:b5:d8:9c:0d:e2:4f:70:70:7e:2d:37:d6:8e:
5e:fc:a6:0a:e8:29:90:ec:31:bb:50:8c:8e:40:2d:
57:c9:74:b6:03:96:69:55:6b:a3:b4:d1:7c:b3:f4:
ef:15:88:35:1e:c0:58:24:cc:3d:9d:76:6d:97:4e:
92:c8:1f:d1:90:b8:a6:86:64:02:01:d4:19:16:f7:
e7:c2:83:ee:08:a1:cb:e5:80:e6:77:91:8f:1a:60:
52:a6:70:af:d7:fd:2c:54:d0:29:24:03:42:4d:4e:
87:5f:e0:f7:23:28:28:44:1a:35:42:7c:0f:8c:33:
d0:c7:92:a2:3e:e2:c1:5b:c9:1f:55:29:43:ea:71:
1c:96:9c:fd:e8:b1:38:c8:a7:0b:2a:89:a5:4c:50:
e4:0d:d5:db:64:3c:a7:b1:60:56:c4:89:71:22:35:
d7:1a:a9:0b:a8:f7:de:af:aa:69:77:ab:6c:1b:4b:
01:78:e1:cc:9b:a8:f1:e1:20:fa:4e:13:11:6e:a8:
38:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CD:83:43:21:AF:30:0E:8A:E1:BA:1C:FD:08:51:28:83:A2:D2:1C
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/hM2DQyGvMA6K4boc_QhRKIOi0hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb05:4000::/36
Signature Algorithm: sha256WithRSAEncryption
26:6f:0f:42:02:ad:e6:a0:be:6a:a7:09:31:52:f0:85:7a:d4:
68:3f:6d:3c:7d:31:11:09:92:0b:c1:16:f3:ab:b2:25:ee:03:
64:45:29:d1:6a:a5:02:d8:10:4f:22:cb:d7:32:0b:26:a8:23:
76:80:27:78:f0:28:fe:4d:9b:80:c0:30:75:f4:40:00:2f:ef:
e3:6f:33:e3:17:b8:34:d5:41:68:a1:8c:99:e1:e2:bb:fa:a4:
53:e4:e9:17:ef:85:f9:7d:7e:19:fd:08:51:45:2c:cd:9b:d0:
8f:37:59:c2:91:38:0f:12:2b:6a:5a:8e:45:54:13:19:e3:57:
e4:73:2e:ee:e0:09:b8:84:53:6e:c9:97:e7:c9:b1:40:41:44:
21:1c:e3:c1:d1:75:94:7e:2b:a6:ac:25:80:7d:b0:54:18:d4:
b6:c6:9e:83:7d:c7:7e:e9:3e:88:64:5b:2f:e8:81:38:58:82:
d2:fd:cf:24:ea:f4:19:62:7b:75:54:b8:3d:e4:45:ed:f4:75:
bc:42:e2:21:9a:46:af:b0:d7:45:6c:9c:1d:b2:e3:5c:8e:5c:
42:f3:9a:80:30:cb:9b:5b:51:bc:02:6f:1f:13:ce:bd:bd:ea:
4c:47:27:ad:ba:81:1f:50:1e:a4:dd:94:52:ea:15:d3:69:b3:
35:28:96:b6
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZnogqDBGQHKTZ8SCqeN+3xwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDE1MTUzNDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNkODM0MzIxYWYzMDBlOGFlMWJhMWNmZDA4NTEyODgzYTJkMjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHXw36K7cYLRmc9xFOsB/IHKMm5m
mWiwZXX+pqf7F88aLG29px3oENSyN1TQ1w2iWp/j3fxyI3iWRpWm5LXYnA3iT3Bw
fi031o5e/KYK6CmQ7DG7UIyOQC1XyXS2A5ZpVWujtNF8s/TvFYg1HsBYJMw9nXZt
l06SyB/RkLimhmQCAdQZFvfnwoPuCKHL5YDmd5GPGmBSpnCv1/0sVNApJANCTU6H
X+D3IygoRBo1QnwPjDPQx5KiPuLBW8kfVSlD6nEclpz96LE4yKcLKomlTFDkDdXb
ZDynsWBWxIlxIjXXGqkLqPfer6ppd6tsG0sBeOHMm6jx4SD6ThMRbqg4XwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFITNg0MhrzAOiuG6HP0IUSiDotIcMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvaE0yRFF5R3ZNQTZLNGJvY19RaFJLSU9pMGh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAbc3BMA4E
AgACMAgDBgQqAfsFQDANBgkqhkiG9w0BAQsFAAOCAQEAJm8PQgKt5qC+aqcJMVLw
hXrUaD9tPH0xEQmSC8EW86uyJe4DZEUp0WqlAtgQTyLL1zILJqgjdoAnePAo/k2b
gMAwdfRAAC/v428z4xe4NNVBaKGMmeHiu/qkU+TpF++F+X1+Gf0IUUUszZvQjzdZ
wpE4DxIralqORVQTGeNX5HMu7uAJuIRTbsmX58mxQEFEIRzjwdF1lH4rpqwlgH2w
VBjUtsaeg33Hfuk+iGRbL+iBOFiC0v3PJOr0GWJ7dVS4PeRF7fR1vELiIZpGr7DX
RWycHbLjXI5cQvOagDDLm1tRvAJvHxPOvb3qTEcnrbqBH1AepN2UUuoV02mzNSiW
tg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:44 2025 by rpki-client