Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/ekXMMXGMnM0t3Wfm20dihXvX3Ns.roa
File: ekXMMXGMnM0t3Wfm20dihXvX3Ns.roa (raw, json)
Hash identifier: nY0g/D0KCm+talhDvGLy8FLXRxZXc2NEtZNPHx/DddM=
Subject key identifier: 7A:45:CC:31:71:8C:9C:CD:2D:DD:67:E6:DB:47:62:85:7B:D7:DC:DB
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0198E43263B2D3C84B0703913907D0FAAAD1
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/ekXMMXGMnM0t3Wfm20dihXvX3Ns.roa
Signing time: Tue 26 Aug 2025 02:26:04 +0000
ROA not before: Tue 26 Aug 2025 02:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216096
IP address blocks: 109.175.210.0/24 maxlen: 24
109.205.193.0/24 maxlen: 24
2a01:fb00::/33 maxlen: 33
2a01:fb00::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e4:32:63:b2:d3:c8:4b:07:03:91:39:07:d0:fa:aa:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Aug 26 02:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a45cc31718c9ccd2ddd67e6db4762857bd7dcdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:15:f3:c3:e4:c5:5c:d0:41:ef:15:fa:e1:fa:
6c:75:68:0f:e6:6b:bf:c2:21:a4:3c:7b:47:07:5b:
52:6c:51:85:93:d5:01:45:9c:5c:ae:d1:0f:fd:4b:
fb:ae:6d:5e:e2:73:38:52:33:84:78:f3:78:9f:a7:
4b:05:14:00:c9:2b:a9:cf:e0:6e:99:0d:01:8d:57:
59:c9:a2:47:f6:bf:00:2a:4e:df:e9:48:92:f1:f0:
22:f1:e3:84:77:33:19:d0:04:3f:c0:48:27:35:fb:
5c:a8:ce:75:f7:7e:7a:1b:aa:9e:e6:63:a3:22:ff:
46:05:50:de:77:9b:8d:a2:c5:1b:4f:bb:41:07:ca:
ab:16:d2:77:dc:d4:46:10:24:18:01:0b:35:9d:5a:
b6:90:07:02:58:e7:4e:2d:5d:1d:4c:8b:69:0b:65:
6a:ca:6f:82:07:06:97:e1:d7:ae:d1:d5:3a:50:44:
77:e4:4a:88:c0:c7:34:6d:1c:c3:70:88:15:3e:be:
a5:f5:d6:c9:06:79:e8:11:4b:3b:a7:cf:ec:8b:b3:
0b:86:62:4a:13:cd:4f:e0:31:bf:c6:35:66:ea:33:
77:20:9d:97:a3:d8:25:5f:0d:27:70:f8:e5:7d:bb:
65:4b:b4:f3:4e:6f:85:06:d4:86:49:cd:bf:eb:3a:
39:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:45:CC:31:71:8C:9C:CD:2D:DD:67:E6:DB:47:62:85:7B:D7:DC:DB
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/ekXMMXGMnM0t3Wfm20dihXvX3Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
109.205.193.0/24
IPv6:
2a01:fb00::/33
Signature Algorithm: sha256WithRSAEncryption
0a:63:06:b5:10:e8:0d:bb:76:9f:ca:aa:e3:80:e7:8b:28:cf:
51:75:05:78:b1:10:76:76:fc:87:a2:af:ad:ab:70:8d:bd:d4:
5e:09:9a:15:31:b8:6f:b4:2f:20:84:d9:98:95:aa:41:fd:6c:
21:10:19:56:b1:9a:d4:4c:4d:80:a1:e4:83:2f:98:f6:6b:00:
1f:5c:6d:06:64:bc:eb:b0:c8:f5:a8:f9:66:69:87:0f:6b:b8:
a7:27:4d:21:56:03:c1:a3:e6:51:39:3e:88:a3:30:c6:bf:9a:
4b:5f:d7:67:f1:f4:a9:d9:56:0d:8d:44:83:11:7e:ac:f9:60:
b2:c3:61:95:90:3e:91:1a:d2:fe:7d:b9:ce:6b:6e:84:93:81:
83:dd:6b:3d:8e:3b:e0:25:f9:03:0a:ba:48:e7:39:09:9f:39:
d6:a7:2e:f2:98:0d:38:de:5e:0c:9a:65:06:65:80:1e:17:c8:
84:51:7a:13:3a:ee:a3:ef:57:9e:11:3a:a8:54:00:a3:82:e5:
5b:78:45:fa:f0:5a:b0:e5:be:59:31:e5:03:52:1d:d2:9b:0d:
9e:3f:27:99:27:8a:f1:e6:a4:0c:3f:22:11:af:4c:bb:fc:ba:
f1:ee:63:07:fa:5d:e5:e6:e9:ee:ad:9f:26:1e:48:2c:ac:54:
78:7b:2f:f2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZjkMmOy08hLBwOROQfQ+qrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUwODI2MDIyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTQ1Y2MzMTcxOGM5Y2NkMmRkZDY3ZTZkYjQ3NjI4NTdiZDdkY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRXzw+TFXNBB7xX64fpsdWgP5mu/
wiGkPHtHB1tSbFGFk9UBRZxcrtEP/Uv7rm1e4nM4UjOEePN4n6dLBRQAySupz+Bu
mQ0BjVdZyaJH9r8AKk7f6UiS8fAi8eOEdzMZ0AQ/wEgnNftcqM519356G6qe5mOj
Iv9GBVDed5uNosUbT7tBB8qrFtJ33NRGECQYAQs1nVq2kAcCWOdOLV0dTItpC2Vq
ym+CBwaX4deu0dU6UER35EqIwMc0bRzDcIgVPr6l9dbJBnnoEUs7p8/si7MLhmJK
E81P4DG/xjVm6jN3IJ2Xo9glXw0ncPjlfbtlS7TzTm+FBtSGSc2/6zo5yQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHpFzDFxjJzNLd1n5ttHYoV719zbMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvZWtYTU1YR01uTTB0M1dmbTIwZGloWHZYM05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAba/SAwQA
bc3BMA4EAgACMAgDBgcqAfsAADANBgkqhkiG9w0BAQsFAAOCAQEACmMGtRDoDbt2
n8qq44DniyjPUXUFeLEQdnb8h6Kvratwjb3UXgmaFTG4b7QvIITZmJWqQf1sIRAZ
VrGa1ExNgKHkgy+Y9msAH1xtBmS867DI9aj5ZmmHD2u4pydNIVYDwaPmUTk+iKMw
xr+aS1/XZ/H0qdlWDY1EgxF+rPlgssNhlZA+kRrS/n25zmtuhJOBg91rPY474CX5
Awq6SOc5CZ851qcu8pgNON5eDJplBmWAHhfIhFF6Ezruo+9XnhE6qFQAo4LlW3hF
+vBasOW+WTHlA1Id0psNnj8nmSeK8eakDD8iEa9Mu/y68e5jB/pd5ebp7q2fJh5I
LKxUeHsv8g==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:43:31 2025 by rpki-client