Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/sR-Ppx8JeczHGpmG679YSmj6PQw.roa
File: sR-Ppx8JeczHGpmG679YSmj6PQw.roa (raw, json)
Hash identifier: scwumdgu3Rey827HmDFQQtaV3M/WPcpows7lj9RX2yY=
Subject key identifier: B1:1F:8F:A7:1F:09:79:CC:C7:1A:99:86:EB:BF:58:4A:68:FA:3D:0C
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0199F92952E845AB25922CDE217A92F87A0B
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/sR-Ppx8JeczHGpmG679YSmj6PQw.roa
Signing time: Sat 18 Oct 2025 21:10:58 +0000
ROA not before: Sat 18 Oct 2025 21:10:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47152
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb02::/34 maxlen: 34
2a01:fb02:8000::/34 maxlen: 34
2a01:fb04::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f9:29:52:e8:45:ab:25:92:2c:de:21:7a:92:f8:7a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 18 21:10:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b11f8fa71f0979ccc71a9986ebbf584a68fa3d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:99:e4:23:00:10:4a:5e:97:a0:12:3e:d3:ed:
bf:ed:c8:48:21:81:05:90:41:a3:42:79:7f:36:48:
d4:17:cd:52:e9:f7:9b:5f:39:68:b5:40:70:4c:20:
b3:d0:75:93:23:36:aa:71:7f:f3:26:f8:76:1b:e0:
98:a7:57:86:a4:39:27:30:5d:ff:f4:fb:07:83:eb:
70:9a:ac:dd:71:07:9c:13:27:52:9a:d3:4f:ce:ab:
19:84:7d:5b:1b:3f:d9:5b:64:6d:df:9c:3a:f4:3f:
18:a1:cc:57:5b:3c:ca:99:c8:26:5e:ce:bd:05:8f:
48:17:88:b6:31:48:f6:4a:dd:d1:96:30:7e:22:cf:
aa:ae:9e:f4:7d:b7:bf:9e:6f:69:09:82:2d:3b:45:
77:3b:66:c5:bc:5b:a8:b1:72:06:a5:33:b3:59:27:
5a:8c:40:79:e3:51:49:cb:17:76:6d:4f:fd:f2:da:
19:de:57:84:2e:8d:20:83:c0:16:72:0b:7f:18:fa:
2c:9f:1b:79:1b:bd:3b:f2:fc:ec:d6:da:9d:cf:66:
f6:4b:ad:f3:0b:40:ac:21:60:b8:68:01:12:fa:41:
02:d9:a0:9f:e1:e3:16:9c:26:8e:f8:b0:79:f4:2c:
3f:09:74:8f:83:b4:4f:cd:5d:75:be:e4:ed:c2:c6:
21:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1F:8F:A7:1F:09:79:CC:C7:1A:99:86:EB:BF:58:4A:68:FA:3D:0C
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/sR-Ppx8JeczHGpmG679YSmj6PQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb02::/34
2a01:fb02:8000::/34
2a01:fb04::/32
Signature Algorithm: sha256WithRSAEncryption
1d:09:c0:55:06:a3:75:21:d1:b2:c3:c8:28:ff:06:ed:b5:6f:
7e:78:b2:fa:4b:2b:bd:aa:10:7f:e7:7f:41:8d:87:f0:fa:8e:
5e:19:cb:b8:f2:af:8d:df:f7:3b:7d:f8:ac:28:d4:40:f5:f0:
3f:43:9c:d4:f2:e0:88:a5:d8:73:9e:9d:a7:87:dd:ac:a9:f9:
cf:86:36:91:71:dc:a9:b6:ff:74:37:f2:38:25:8d:45:43:0a:
ff:e0:c7:97:f2:83:48:29:e5:07:cc:8d:85:7a:99:d8:77:ee:
00:b7:89:8e:61:39:1b:28:5b:b9:30:5c:17:73:2a:05:40:e6:
28:59:05:bb:eb:20:72:8f:53:9b:d3:a7:6e:13:18:70:fb:8d:
95:75:87:04:ef:89:a0:f5:f7:fb:8f:2c:c0:b8:75:52:bb:12:
5a:cb:46:e9:7b:08:99:68:1f:ee:84:e0:35:da:fe:f8:f8:0e:
93:7d:1a:74:d1:21:a3:73:0e:f9:83:b9:a4:9c:fd:ed:3a:d0:
86:f6:82:dc:47:19:db:8d:ab:35:99:22:99:48:c4:1c:ba:ff:
d7:2a:22:f7:c9:85:5c:bc:61:6d:3d:b3:9b:f9:c2:8b:01:cc:
4a:2e:b2:75:46:5c:9e:31:b1:84:8a:17:38:35:b2:e7:22:fb:
31:c4:2a:7e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZn5KVLoRaslkizeIXqS+HoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDE4MjExMDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFmOGZhNzFmMDk3OWNjYzcxYTk5ODZlYmJmNTg0YTY4ZmEzZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZnkIwAQSl6XoBI+0+2/7chIIYEF
kEGjQnl/NkjUF81S6febXzlotUBwTCCz0HWTIzaqcX/zJvh2G+CYp1eGpDknMF3/
9PsHg+twmqzdcQecEydSmtNPzqsZhH1bGz/ZW2Rt35w69D8YocxXWzzKmcgmXs69
BY9IF4i2MUj2St3RljB+Is+qrp70fbe/nm9pCYItO0V3O2bFvFuosXIGpTOzWSda
jEB541FJyxd2bU/98toZ3leELo0gg8AWcgt/GPosnxt5G7078vzs1tqdz2b2S63z
C0CsIWC4aAES+kEC2aCf4eMWnCaO+LB59Cw/CXSPg7RPzV11vuTtwsYhIQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLEfj6cfCXnMxxqZhuu/WEpo+j0MMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvc1ItUHB4OEplY3pIR3BtRzY3OVlTbWo2UFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAbc3BMB0E
AgACMBcDBgYqAfsCAAMGBioB+wKAAwUAKgH7BDANBgkqhkiG9w0BAQsFAAOCAQEA
HQnAVQajdSHRssPIKP8G7bVvfniy+ksrvaoQf+d/QY2H8PqOXhnLuPKvjd/3O334
rCjUQPXwP0Oc1PLgiKXYc56dp4fdrKn5z4Y2kXHcqbb/dDfyOCWNRUMK/+DHl/KD
SCnlB8yNhXqZ2HfuALeJjmE5GyhbuTBcF3MqBUDmKFkFu+sgco9Tm9OnbhMYcPuN
lXWHBO+JoPX3+48swLh1UrsSWstG6XsImWgf7oTgNdr++PgOk30adNEho3MO+YO5
pJz97TrQhvaC3EcZ242rNZkimUjEHLr/1yoi98mFXLxhbT2zm/nCiwHMSi6ydUZc
njGxhIoXODWy5yL7McQqfg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:07:00 2025 by rpki-client