Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Kda4_BxpeRzo46AOCC-woNSn6dE.roa
File: Kda4_BxpeRzo46AOCC-woNSn6dE.roa (raw, json)
Hash identifier: GSKPMLcB6LD8LOKwqVQ0PUjLIOrnQu+6wV4l5ednxmw=
Subject key identifier: 29:D6:B8:FC:1C:69:79:1C:E8:E3:A0:0E:08:2F:B0:A0:D4:A7:E9:D1
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A11E183936908C8F3D0F547941C37AE70
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Kda4_BxpeRzo46AOCC-woNSn6dE.roa
Signing time: Thu 23 Oct 2025 16:23:03 +0000
ROA not before: Thu 23 Oct 2025 16:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214354
IP address blocks: 109.205.193.0/24 maxlen: 24
158.94.221.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 18:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:11:e1:83:93:69:08:c8:f3:d0:f5:47:94:1c:37:ae:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 23 16:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29d6b8fc1c69791ce8e3a00e082fb0a0d4a7e9d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:7f:a7:85:de:36:40:81:2e:9a:34:b3:29:31:
96:2b:75:fa:e1:aa:b6:76:2b:48:64:1f:33:dd:c0:
d7:50:d5:a0:f0:3a:28:e1:b6:36:5b:a3:d0:fc:69:
e3:dd:9f:7b:79:b1:36:d5:7b:69:ce:0c:c4:6b:70:
7d:ea:26:9b:67:ac:5e:6f:d3:ed:61:32:f7:42:a2:
e5:6e:b6:56:84:dc:22:8e:88:91:0a:de:73:9c:4a:
66:9a:ce:0f:56:45:2d:87:4c:a5:83:af:cb:6e:be:
21:65:dc:f1:e8:fe:96:c5:58:3d:d8:4e:58:ad:5a:
8a:9c:3f:ca:b9:7b:f1:7c:f5:c2:11:e5:56:b1:ea:
92:51:49:93:4d:ca:3b:0d:41:ea:d9:87:e7:2e:8e:
02:33:79:09:bc:79:7b:4a:6d:f5:79:88:03:21:7d:
42:d6:6d:9c:56:a1:39:6c:c8:62:ca:35:52:0b:5f:
07:19:09:cc:44:d3:57:61:d9:7d:e8:14:92:3b:30:
d6:e7:81:c0:4d:5a:22:9f:2a:c2:a6:76:5e:0f:56:
9c:0c:27:22:eb:cb:d4:76:48:67:dd:78:12:43:6d:
ef:86:0f:ac:aa:60:7e:4d:ed:40:4d:5a:08:06:ca:
3d:5f:84:02:bf:57:56:20:d2:18:6d:48:4f:12:85:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D6:B8:FC:1C:69:79:1C:E8:E3:A0:0E:08:2F:B0:A0:D4:A7:E9:D1
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/Kda4_BxpeRzo46AOCC-woNSn6dE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
158.94.221.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:6000::/36
Signature Algorithm: sha256WithRSAEncryption
73:88:dd:75:60:83:f2:78:fa:1b:53:00:6d:c8:d6:8c:bd:a6:
a8:89:d6:21:96:f0:dc:3c:ab:ab:66:39:7c:0e:f1:23:be:59:
29:ac:68:f3:5e:49:78:a8:8d:f4:c5:ef:51:37:f4:a2:dc:54:
4a:ec:65:b6:41:f8:75:4b:8a:92:e5:ef:d9:1a:b6:dd:1f:08:
83:d9:a6:f3:19:19:31:6a:af:af:2c:9b:8c:83:85:c9:69:4b:
7c:66:ea:c0:72:6b:7a:1e:0f:94:94:11:90:53:70:e0:32:b6:
68:0f:a0:2f:79:f6:00:c4:ba:41:83:9a:44:43:44:37:ad:c9:
7a:35:64:1a:f0:e1:3a:fa:cd:a4:43:9c:59:cd:59:9d:8a:a5:
06:4d:e7:76:1c:fd:c3:ac:fb:a9:9b:76:b0:36:f4:94:f6:68:
e1:5e:06:c6:0c:78:13:93:0c:f6:87:64:41:e4:c0:ac:ee:58:
71:9d:5d:c9:89:91:45:47:8b:71:8c:43:39:80:dd:da:37:6d:
c3:b0:bd:87:07:30:aa:b8:08:5b:ad:d9:17:e0:d6:be:fd:43:
ac:ae:31:3c:db:af:04:1e:70:53:71:1d:51:8e:8d:fd:ec:50:
14:d1:c2:c1:24:c9:b4:2c:29:c5:0a:ea:2b:08:be:64:91:77:
08:ae:4e:fe
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZoR4YOTaQjI89D1R5QcN65wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDIzMTYyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ2YjhmYzFjNjk3OTFjZThlM2EwMGUwODJmYjBhMGQ0YTdlOWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63+nhd42QIEumjSzKTGWK3X64aq2
ditIZB8z3cDXUNWg8Doo4bY2W6PQ/Gnj3Z97ebE21XtpzgzEa3B96iabZ6xeb9Pt
YTL3QqLlbrZWhNwijoiRCt5znEpmms4PVkUth0ylg6/Lbr4hZdzx6P6WxVg92E5Y
rVqKnD/KuXvxfPXCEeVWseqSUUmTTco7DUHq2YfnLo4CM3kJvHl7Sm31eYgDIX1C
1m2cVqE5bMhiyjVSC18HGQnMRNNXYdl96BSSOzDW54HATVoinyrCpnZeD1acDCci
68vUdkhn3XgSQ23vhg+sqmB+Te1ATVoIBso9X4QCv1dWINIYbUhPEoUBHQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFCnWuPwcaXkc6OOgDggvsKDUp+nRMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvS2RhNF9CeHBlUnpvNDZBT0NDLXdvTlNuNmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzASBAIAATAMAwQAbc3BAwQA
nl7dMBUEAgACMA8DBQAqAfsBAwYEKgH7BWAwDQYJKoZIhvcNAQELBQADggEBAHOI
3XVgg/J4+htTAG3I1oy9pqiJ1iGW8Nw8q6tmOXwO8SO+WSmsaPNeSXiojfTF71E3
9KLcVErsZbZB+HVLipLl79katt0fCIPZpvMZGTFqr68sm4yDhclpS3xm6sBya3oe
D5SUEZBTcOAytmgPoC959gDEukGDmkRDRDetyXo1ZBrw4Tr6zaRDnFnNWZ2KpQZN
53Yc/cOs+6mbdrA29JT2aOFeBsYMeBOTDPaHZEHkwKzuWHGdXcmJkUVHi3GMQzmA
3do3bcOwvYcHMKq4CFut2Rfg1r79Q6yuMTzbrwQecFNxHVGOjf3sUBTRwsEkybQs
KcUK6isIvmSRdwiuTv4=
-----END CERTIFICATE-----
Generated at Sun Oct 26 03:38:30 2025 by rpki-client