Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vAHwQcFMw1t4Bzyb8dqj65X42dQ.roa
File: vAHwQcFMw1t4Bzyb8dqj65X42dQ.roa (raw, json)
Hash identifier: 7xiUtacwkiCjYN44H3r6SZATgzXzkj4cI+A2bkFG+nE=
Subject key identifier: BC:01:F0:41:C1:4C:C3:5B:78:07:3C:9B:F1:DA:A3:EB:95:F8:D9:D4
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 019A02997683C33EC1AA0747F13DD8C4F3A8
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vAHwQcFMw1t4Bzyb8dqj65X42dQ.roa
Signing time: Mon 20 Oct 2025 17:10:03 +0000
ROA not before: Mon 20 Oct 2025 17:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7720
IP address blocks: 109.205.193.0/24 maxlen: 24
2a01:fb01::/32 maxlen: 32
2a01:fb05:5000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 17:10:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:99:76:83:c3:3e:c1:aa:07:47:f1:3d:d8:c4:f3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 20 17:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc01f041c14cc35b78073c9bf1daa3eb95f8d9d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d2:3c:0f:de:a9:b8:7f:fa:dd:b8:e8:45:98:
02:ef:6e:8f:6b:00:6b:f4:af:dc:31:a4:53:a0:03:
54:a8:af:c2:af:f1:d6:86:e6:67:75:31:ad:67:04:
41:6d:55:28:48:51:85:1d:f7:b0:ef:f1:d2:71:d9:
3d:05:50:05:e1:a7:34:97:cf:3c:ed:ae:ec:4d:d2:
97:ee:07:22:85:e9:b7:a3:f6:ed:c6:8a:d6:da:da:
67:36:9d:4a:f8:33:07:b7:ae:84:b8:5b:96:0a:0b:
30:fb:c5:25:c8:1d:87:e5:7e:e2:af:55:40:58:36:
46:e1:e8:e1:9c:d7:05:4d:7a:c7:73:dc:fd:71:61:
33:75:fc:30:2a:ea:73:5d:17:28:f7:c3:87:8b:9b:
4f:78:1a:42:9e:ca:93:4d:09:e9:a7:71:39:eb:24:
5f:91:54:24:be:83:92:9f:a7:ce:88:09:1a:81:29:
21:f1:84:e9:bd:1a:36:5f:84:b0:5b:c4:e9:06:46:
8b:7c:19:80:1a:79:e2:2b:a8:9e:62:ce:4a:bb:34:
13:d8:95:4d:99:12:7c:4b:1e:97:1b:e8:75:31:11:
ae:a5:a5:2e:44:62:83:77:8e:f2:af:dc:55:5f:57:
4a:a2:75:2e:c6:4b:dd:62:e3:0b:24:9b:07:47:2a:
22:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:01:F0:41:C1:4C:C3:5B:78:07:3C:9B:F1:DA:A3:EB:95:F8:D9:D4
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vAHwQcFMw1t4Bzyb8dqj65X42dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.193.0/24
IPv6:
2a01:fb01::/32
2a01:fb05:5000::/36
Signature Algorithm: sha256WithRSAEncryption
14:87:6c:2d:1b:9c:b6:b0:c4:4c:72:3e:a0:7b:93:72:bc:38:
aa:c3:89:7e:01:b3:1c:de:88:ce:4d:c4:27:d6:77:37:61:20:
92:14:92:f9:e8:2c:c6:ba:cb:b6:28:23:5c:03:68:0a:21:d8:
4e:5b:20:81:cf:88:5f:e6:29:0f:a9:7a:d6:2f:d7:71:b2:ce:
9a:b3:97:8e:30:33:6f:d2:b7:fa:8f:2c:78:41:17:3b:57:c9:
ab:7a:a9:ec:83:21:e3:cd:b4:2e:a7:af:54:82:f5:b5:0e:ec:
44:25:f2:05:cb:a4:89:ea:84:bb:87:62:4c:2b:52:b1:39:7e:
92:1d:69:cc:cf:a1:50:64:5e:55:4a:ef:46:54:45:20:a4:08:
d8:f7:e1:06:b8:11:94:a8:a5:fc:d6:35:7a:a4:67:d8:5b:5f:
6b:9a:73:07:2c:f6:78:7c:4c:ce:69:80:0f:3e:00:70:50:0d:
ac:80:57:53:40:61:96:08:b4:d3:16:17:39:9f:09:33:c7:07:
44:44:67:be:86:b7:4d:82:e8:a9:48:c5:b0:b8:c3:35:32:1c:
40:17:98:34:b8:0b:48:ed:15:9b:62:70:4a:a6:ea:11:08:45:
bb:35:d0:a5:92:10:4a:ed:14:06:90:29:36:ec:c4:a0:9e:fd:
d4:6c:b0:56
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZoCmXaDwz7BqgdH8T3YxPOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDIwMTcxMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzAxZjA0MWMxNGNjMzViNzgwNzNjOWJmMWRhYTNlYjk1ZjhkOWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNI8D96puH/63bjoRZgC726PawBr
9K/cMaRToANUqK/Cr/HWhuZndTGtZwRBbVUoSFGFHfew7/HScdk9BVAF4ac0l888
7a7sTdKX7gcihem3o/btxorW2tpnNp1K+DMHt66EuFuWCgsw+8UlyB2H5X7ir1VA
WDZG4ejhnNcFTXrHc9z9cWEzdfwwKupzXRco98OHi5tPeBpCnsqTTQnpp3E56yRf
kVQkvoOSn6fOiAkagSkh8YTpvRo2X4SwW8TpBkaLfBmAGnniK6ieYs5KuzQT2JVN
mRJ8Sx6XG+h1MRGupaUuRGKDd47yr9xVX1dKonUuxkvdYuMLJJsHRyoi/QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLwB8EHBTMNbeAc8m/Hao+uV+NnUMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvdkFId1FjRk13MXQ0Qnp5YjhkcWo2NVg0MmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAbc3BMBUE
AgACMA8DBQAqAfsBAwYEKgH7BVAwDQYJKoZIhvcNAQELBQADggEBABSHbC0bnLaw
xExyPqB7k3K8OKrDiX4BsxzeiM5NxCfWdzdhIJIUkvnoLMa6y7YoI1wDaAoh2E5b
IIHPiF/mKQ+petYv13Gyzpqzl44wM2/St/qPLHhBFztXyat6qeyDIePNtC6nr1SC
9bUO7EQl8gXLpInqhLuHYkwrUrE5fpIdaczPoVBkXlVK70ZURSCkCNj34Qa4EZSo
pfzWNXqkZ9hbX2uacwcs9nh8TM5pgA8+AHBQDayAV1NAYZYItNMWFzmfCTPHB0RE
Z76Gt02C6KlIxbC4wzUyHEAXmDS4C0jtFZticEqm6hEIRbs10KWSEErtFAaQKTbs
xKCe/dRssFY=
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:42:09 2025 by rpki-client