Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1w_R2UZ4X7HxS7MahVBAbKIQ0pw.roa
File: 1w_R2UZ4X7HxS7MahVBAbKIQ0pw.roa (raw, json)
Hash identifier: UkSw7SS6HhlZDnfhm1njnRv5a7s7siPE6EUVRDrM3uI=
Subject key identifier: D7:0F:D1:D9:46:78:5F:B1:F1:4B:B3:1A:85:50:40:6C:A2:10:D2:9C
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A2668A3F92494283F39F463A7A19988B3
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1w_R2UZ4X7HxS7MahVBAbKIQ0pw.roa
Signing time: Mon 27 Oct 2025 16:03:03 +0000
ROA not before: Mon 27 Oct 2025 16:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 14.102.227.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
74.112.152.0/22 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
94.229.218.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
103.102.132.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:68:a3:f9:24:94:28:3f:39:f4:63:a7:a1:99:88:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 27 16:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d70fd1d946785fb1f14bb31a8550406ca210d29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:d9:c3:d6:f4:1c:2f:da:25:07:38:3d:a9:
24:4d:3e:3c:e8:b2:1e:c2:79:ac:63:e0:5a:4f:6d:
38:d5:5e:0e:98:09:fd:9d:99:b5:9e:c0:20:15:7b:
bd:68:e1:f6:f3:56:23:0e:ec:27:74:0b:bd:7e:01:
b9:31:41:06:ab:32:99:9f:7b:7b:f8:f0:d6:38:27:
55:ae:41:09:f3:bd:c8:5d:80:4d:82:8d:fb:01:1a:
84:24:23:4e:a2:dd:a9:e1:ca:43:3b:92:83:3d:dc:
be:b8:ce:d6:fa:42:cc:ae:a3:21:f7:d7:df:09:59:
c9:7e:f8:8d:08:ee:9e:d7:11:ba:1d:84:4d:6c:82:
e5:cb:dd:47:d1:b6:99:14:4e:55:8d:fe:d7:1a:43:
4a:6f:fd:76:01:0c:ae:33:30:ae:e9:ed:0e:95:cb:
a9:26:45:2a:94:83:13:c4:67:96:30:22:73:62:21:
0c:d2:d7:44:21:d3:02:b5:d5:76:64:ae:9e:32:6c:
48:04:7f:03:7f:be:84:51:81:d6:6d:8a:7b:ae:ce:
0a:fb:aa:42:b4:e5:6e:3b:8b:a1:f5:e9:21:12:54:
de:0b:b7:01:c8:a3:6c:c0:41:33:0c:f4:1d:89:ff:
4c:15:8f:e4:a3:3e:c6:8a:e7:c7:ae:18:c5:8e:fc:
f9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0F:D1:D9:46:78:5F:B1:F1:4B:B3:1A:85:50:40:6C:A2:10:D2:9C
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/1w_R2UZ4X7HxS7MahVBAbKIQ0pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.227.0/24
14.102.234.0/24
43.242.136.0/24
45.151.140.0/24
74.112.152.0/22
89.106.16.0/24
89.106.18.0/24
89.106.21.0-89.106.23.255
94.229.218.0/24
94.229.222.0/24
103.102.132.0/24
124.158.112.0/24
194.36.33.0/24
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
36:c8:7c:61:3a:e4:b1:71:cd:6e:60:3a:fd:39:1c:9e:b4:00:
ff:0a:7b:1c:9a:fc:d6:4b:dd:27:c5:75:26:0b:e2:4a:be:39:
cc:41:42:fd:c6:9d:02:8a:dd:80:aa:3c:ec:ac:e3:35:9a:29:
3c:6e:e2:04:73:89:bf:1e:2f:e3:25:6b:17:16:c5:07:87:77:
d3:e4:28:40:7a:38:2b:da:2e:08:38:31:5a:05:c7:de:42:92:
ab:da:9f:39:6b:db:23:c6:b0:06:a9:39:0c:f5:4a:fa:c3:64:
c7:0b:de:93:8f:77:3a:0f:9e:4f:0c:2c:94:2d:71:8b:f0:bf:
f2:00:09:0b:f9:88:6d:1b:bb:13:15:f0:a5:d0:96:de:11:cd:
4a:b3:cd:30:7b:b8:04:9f:2d:01:ef:bf:c4:68:8c:d7:3c:39:
e0:20:d9:9e:9b:36:2f:30:47:4d:1f:7e:65:99:e3:cc:04:b9:
59:10:5d:86:6f:c2:98:d0:57:59:db:24:98:d2:9a:02:ad:26:
bc:86:43:94:e8:c7:70:aa:ec:63:f4:35:10:c1:04:7f:98:dc:
5e:1f:0f:72:43:0d:3b:63:18:00:b6:9f:90:78:51:89:c8:74:
3c:32:26:20:bb:29:df:40:72:d3:59:92:7b:55:6b:30:c7:0d:
03:ac:7f:0c
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZomaKP5JJQoPzn0Y6ehmYizMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMDI3MTYwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBmZDFkOTQ2Nzg1ZmIxZjE0YmIzMWE4NTUwNDA2Y2EyMTBkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRnZw9b0HC/aJQc4PakkTT486LIe
wnmsY+BaT2041V4OmAn9nZm1nsAgFXu9aOH281YjDuwndAu9fgG5MUEGqzKZn3t7
+PDWOCdVrkEJ873IXYBNgo37ARqEJCNOot2p4cpDO5KDPdy+uM7W+kLMrqMh99ff
CVnJfviNCO6e1xG6HYRNbILly91H0baZFE5Vjf7XGkNKb/12AQyuMzCu6e0Olcup
JkUqlIMTxGeWMCJzYiEM0tdEIdMCtdV2ZK6eMmxIBH8Df76EUYHWbYp7rs4K+6pC
tOVuO4uh9ekhElTeC7cByKNswEEzDPQdif9MFY/koz7GiufHrhjFjvz5iQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNcP0dlGeF+x8UuzGoVQQGyiENKcMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMXdfUjJVWjRYN0h4UzdNYWhWQkFiS0lRMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQADmbjAwQA
DmbqAwQAK/KIAwQALZeMAwQCSnCYAwQAWWoQAwQAWWoSMAwDBABZahUDBANZahAD
BABe5doDBABe5d4DBABnZoQDBAB8nnADBADCJCEDBALN7VgwDQYJKoZIhvcNAQEL
BQADggEBADbIfGE65LFxzW5gOv05HJ60AP8Kexya/NZL3SfFdSYL4kq+OcxBQv3G
nQKK3YCqPOys4zWaKTxu4gRzib8eL+MlaxcWxQeHd9PkKEB6OCvaLgg4MVoFx95C
kqvanzlr2yPGsAapOQz1SvrDZMcL3pOPdzoPnk8MLJQtcYvwv/IACQv5iG0buxMV
8KXQlt4RzUqzzTB7uASfLQHvv8RojNc8OeAg2Z6bNi8wR00ffmWZ48wEuVkQXYZv
wpjQV1nbJJjSmgKtJryGQ5Tox3Cq7GP0NRDBBH+Y3F4fD3JDDTtjGAC2n5B4UYnI
dDwyJiC7Kd9ActNZkntVazDHDQOsfww=
-----END CERTIFICATE-----
Generated at Fri Oct 31 18:41:22 2025 by rpki-client