Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vEwEQe-Knh09uPRNwYDGXQrpTk8.roa
File: vEwEQe-Knh09uPRNwYDGXQrpTk8.roa (raw, json)
Hash identifier: g+lIOboiGWHICqS/0eOl2tbwSAM2DaVhhNc4NGrTYIY=
Subject key identifier: BC:4C:04:41:EF:8A:9E:1D:3D:B8:F4:4D:C1:80:C6:5D:0A:E9:4E:4F
Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Certificate serial: 0199B2D497479EE0511F496857739AC48463
Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vEwEQe-Knh09uPRNwYDGXQrpTk8.roa
Signing time: Sun 05 Oct 2025 05:25:00 +0000
ROA not before: Sun 05 Oct 2025 05:25:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 109.175.210.0/24 maxlen: 24
109.205.193.0/24 maxlen: 24
158.94.220.0/24 maxlen: 24
2a01:fb02:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 23:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b2:d4:97:47:9e:e0:51:1f:49:68:57:73:9a:c4:84:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6
Validity
Not Before: Oct 5 05:25:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc4c0441ef8a9e1d3db8f44dc180c65d0ae94e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6a:44:31:86:00:5b:6b:bd:21:6c:14:05:c8:
c8:1b:06:a9:ec:33:fd:a6:ff:49:a9:66:2f:21:99:
65:04:27:55:d8:d8:f5:cc:8f:7a:e7:47:6d:26:eb:
a0:61:01:0f:3d:7b:d3:ed:6e:9a:e6:56:93:97:e8:
38:7c:73:19:1c:fb:b4:bb:71:59:72:f4:12:9e:d7:
ba:eb:f1:19:ca:20:c4:15:91:93:9f:e9:f6:b0:56:
84:04:48:c5:3c:ef:1f:d6:f2:de:71:0e:8e:b6:8f:
3d:e8:c6:f6:4b:f3:c9:62:fc:17:25:b6:0c:4c:05:
95:c6:b2:98:86:82:28:9a:ac:e0:e0:ae:d2:e1:3c:
e4:5a:ec:94:e5:e3:cb:f1:51:ee:48:ca:4e:06:53:
e2:cb:1e:b8:0e:ca:96:8a:97:b4:07:c1:b8:f4:bf:
cb:75:7d:5e:07:5e:a5:5f:20:06:2a:71:e4:c2:1d:
4d:fd:4c:8a:95:a7:44:77:7f:0a:07:dd:fc:89:40:
49:b3:68:7e:57:be:37:e8:43:e4:0f:e7:d8:47:69:
9b:5b:0f:e4:b2:1c:2f:64:c8:bc:03:61:5e:b0:39:
25:99:39:5c:ce:44:a7:0e:e2:c1:3e:ac:25:02:7d:
e6:93:1a:6d:95:eb:ab:06:f4:30:9c:4a:d6:e8:52:
13:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:4C:04:41:EF:8A:9E:1D:3D:B8:F4:4D:C1:80:C6:5D:0A:E9:4E:4F
X509v3 Authority Key Identifier:
keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/vEwEQe-Knh09uPRNwYDGXQrpTk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.175.210.0/24
109.205.193.0/24
158.94.220.0/24
IPv6:
2a01:fb02:c000::/34
Signature Algorithm: sha256WithRSAEncryption
0d:fa:9d:f5:50:17:52:21:5c:4a:a3:d1:4c:98:73:e1:70:7f:
d9:dc:98:b3:c6:fe:05:3c:01:41:4b:fd:ad:f8:2b:a7:36:ba:
cb:de:c1:1a:c6:a5:f8:f5:c5:d1:2d:51:1f:8b:cd:0d:f1:dc:
70:70:a0:85:c2:1c:cd:c8:61:4b:b5:34:d0:9b:a8:4e:c2:cd:
d8:fd:4f:33:c4:31:62:7c:53:13:b0:91:03:78:78:4d:80:df:
d2:a3:14:f4:68:b9:57:78:ff:82:4a:c4:d9:eb:f6:45:04:e6:
de:88:bd:7e:62:d5:a5:d6:d7:81:31:e3:38:e5:0b:06:a6:fe:
a0:27:88:95:60:91:8f:8e:b0:68:10:67:65:b1:e1:b6:e8:af:
dc:89:6a:58:cb:1c:9f:f6:0d:d1:54:75:da:19:a4:72:73:77:
9f:12:d6:56:44:0f:fe:c2:d4:80:26:33:1c:70:e4:15:a4:b9:
d4:6a:7e:c3:27:b7:01:b0:7d:75:69:5a:5d:e5:29:82:52:bd:
6e:8e:bf:e2:44:c0:73:1f:38:c6:3d:c7:3a:1e:83:b3:1f:14:
39:a4:36:ac:ee:fd:c6:79:ad:4c:41:71:10:2d:00:c8:ce:dd:
f0:b4:87:00:6b:fc:65:d6:cc:40:45:93:6d:69:1d:f4:bb:55:
68:91:8d:55
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZmy1JdHnuBRH0loV3OaxIRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0
Yzk1ZTYwHhcNMjUxMDA1MDUyNTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzRjMDQ0MWVmOGE5ZTFkM2RiOGY0NGRjMTgwYzY1ZDBhZTk0ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGpEMYYAW2u9IWwUBcjIGwap7DP9
pv9JqWYvIZllBCdV2Nj1zI9650dtJuugYQEPPXvT7W6a5laTl+g4fHMZHPu0u3FZ
cvQSnte66/EZyiDEFZGTn+n2sFaEBEjFPO8f1vLecQ6Oto896Mb2S/PJYvwXJbYM
TAWVxrKYhoIomqzg4K7S4TzkWuyU5ePL8VHuSMpOBlPiyx64DsqWipe0B8G49L/L
dX1eB16lXyAGKnHkwh1N/UyKladEd38KB938iUBJs2h+V7436EPkD+fYR2mbWw/k
shwvZMi8A2FesDklmTlczkSnDuLBPqwlAn3mkxptleurBvQwnErW6FITxwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLxMBEHvip4dPbj0TcGAxl0K6U5PMB8GA1UdIwQY
MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt
NmUyZDk3Y2ExNWZmLzEvdkV3RVFlLUtuaDA5dVBSTndZREdYUXJwVGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm
LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAba/SAwQA
bc3BAwQAnl7cMA4EAgACMAgDBgYqAfsCwDANBgkqhkiG9w0BAQsFAAOCAQEADfqd
9VAXUiFcSqPRTJhz4XB/2dyYs8b+BTwBQUv9rfgrpza6y97BGsal+PXF0S1RH4vN
DfHccHCghcIczchhS7U00JuoTsLN2P1PM8QxYnxTE7CRA3h4TYDf0qMU9Gi5V3j/
gkrE2ev2RQTm3oi9fmLVpdbXgTHjOOULBqb+oCeIlWCRj46waBBnZbHhtuiv3Ilq
WMscn/YN0VR12hmkcnN3nxLWVkQP/sLUgCYzHHDkFaS51Gp+wye3AbB9dWlaXeUp
glK9bo6/4kTAcx84xj3HOh6Dsx8UOaQ2rO79xnmtTEFxEC0AyM7d8LSHAGv8ZdbM
QEWTbWkd9LtVaJGNVQ==
-----END CERTIFICATE-----
Generated at Tue Oct 14 06:08:08 2025 by rpki-client