Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/2kiBH_55zL6epR-936KyyrOOxi8.roa
File: 2kiBH_55zL6epR-936KyyrOOxi8.roa (raw, json)
Hash identifier: IgVjObWqENSEs4prJbGkMbkyyLilTFwn6f2TtDfS3Ko=
Subject key identifier: DA:48:81:1F:FE:79:CC:BE:9E:A5:1F:BD:DF:A2:B2:CA:B3:8E:C6:2F
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019ECB7F8B2366FF9A4A843E5F07F39325B9
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/2kiBH_55zL6epR-936KyyrOOxi8.roa
Signing time: Mon 15 Jun 2026 13:36:34 +0000
ROA not before: Mon 15 Jun 2026 13:36:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
43.242.138.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.100.0/24 maxlen: 24
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.106.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
94.229.209.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.102.133.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
201.14.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 14:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cb:7f:8b:23:66:ff:9a:4a:84:3e:5f:07:f3:93:25:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 15 13:36:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=da48811ffe79ccbe9ea51fbddfa2b2cab38ec62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:78:9c:83:9c:9d:3f:61:8d:50:29:c2:ea:2c:
cc:8d:02:37:ce:79:b0:ae:e0:9a:49:3f:60:f4:af:
c5:09:b9:04:5d:0f:c0:67:05:2a:17:88:35:b2:fb:
ef:c4:0b:bf:29:cc:96:2c:6c:a6:a0:15:28:b6:0d:
bb:f3:fa:1e:49:5c:75:39:e4:a7:45:aa:00:f1:e8:
60:ab:66:7a:a6:56:f0:25:16:a0:81:63:90:fd:5f:
20:8b:ce:19:8c:26:95:bd:f1:7f:0c:c2:a4:6d:b0:
95:34:88:ec:9d:55:58:8b:5b:42:6b:eb:c8:7d:ba:
d1:b2:fd:01:7b:07:8b:c0:11:32:88:ea:c4:3d:e4:
03:2f:3e:43:87:d0:86:31:27:6f:5b:f4:6b:87:25:
9b:23:6d:41:f7:db:6b:d5:c4:e8:dc:4a:46:be:66:
fd:67:26:85:01:20:29:c8:6a:79:9f:a7:df:21:90:
9a:4e:4d:7b:e8:2e:20:4c:f2:25:25:09:97:06:7f:
8e:8e:91:38:ce:eb:2d:1b:80:8d:9c:88:7b:69:6d:
69:4b:bc:15:f1:a4:2d:0a:37:6b:bd:b1:80:2b:94:
ee:b4:d4:0f:09:42:5c:1e:e4:0c:7c:b7:bc:a4:82:
89:d0:5e:5d:60:d2:45:1d:2b:5b:84:b7:4a:17:0f:
89:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:48:81:1F:FE:79:CC:BE:9E:A5:1F:BD:DF:A2:B2:CA:B3:8E:C6:2F
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/2kiBH_55zL6epR-936KyyrOOxi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
43.242.136.0/24
43.242.138.0/24
45.151.140.0/24
77.111.96.0-77.111.100.255
77.111.102.0/23
77.111.105.0-77.111.106.255
89.106.2.0/24
94.229.209.0/24
94.229.213.0/24
94.229.222.0/23
103.41.44.0/23
103.102.133.0/24
124.158.112.0/24
194.36.33.0/24
201.14.221.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:b3:6f:76:aa:b3:87:9f:94:ab:af:80:e7:2a:69:12:fe:2d:
2c:23:2c:d2:e3:05:e2:81:a8:dc:7f:ae:bd:e6:e2:e8:1a:01:
4e:6d:c0:95:d7:bd:04:e1:ed:e7:33:c4:e8:68:73:f1:03:df:
85:f5:b1:1c:e7:d2:45:c0:63:f4:97:a7:5c:4f:2c:2e:a5:c1:
94:9c:56:a4:fa:fc:07:d7:2a:4e:ed:e4:d9:d0:81:a4:66:43:
a3:a0:fd:21:d5:64:ed:2e:f4:3c:10:23:1a:7b:3b:63:b6:eb:
ac:8e:ec:f3:4f:5f:53:80:b7:3a:03:2a:e0:32:03:20:11:d1:
2a:4a:b6:98:b9:1d:40:b9:04:87:c8:fd:b7:97:36:ad:09:02:
69:a3:c6:14:2d:44:d6:9b:b0:e9:2e:04:3e:57:0d:bd:73:91:
cb:0a:15:bc:f2:3c:44:a5:8d:71:07:fc:0c:3a:e0:00:94:ba:
5d:2d:8e:f3:e2:75:46:84:73:0d:d1:df:f6:7b:f6:1d:90:69:
9d:9a:a2:80:db:b5:b4:a1:08:b8:2f:a5:0e:93:b3:cd:9d:48:
2e:c2:d6:2d:7d:45:50:94:d7:f0:d0:07:e7:82:7a:b9:91:14:
7b:20:11:88:49:29:04:ab:c9:50:c8:6d:aa:d2:6b:f8:5e:87:
3b:45:00:9f
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZ7Lf4sjZv+aSoQ+XwfzkyW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjE1MTMzNjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ4ODExZmZlNzljY2JlOWVhNTFmYmRkZmEyYjJjYWIzOGVjNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnicg5ydP2GNUCnC6izMjQI3znmw
ruCaST9g9K/FCbkEXQ/AZwUqF4g1svvvxAu/KcyWLGymoBUotg278/oeSVx1OeSn
RaoA8ehgq2Z6plbwJRaggWOQ/V8gi84ZjCaVvfF/DMKkbbCVNIjsnVVYi1tCa+vI
fbrRsv0BeweLwBEyiOrEPeQDLz5Dh9CGMSdvW/RrhyWbI21B99tr1cTo3EpGvmb9
ZyaFASApyGp5n6ffIZCaTk176C4gTPIlJQmXBn+OjpE4zustG4CNnIh7aW1pS7wV
8aQtCjdrvbGAK5TutNQPCUJcHuQMfLe8pIKJ0F5dYNJFHStbhLdKFw+JYQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNpIgR/+ecy+nqUfvd+issqzjsYvMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvMmtpQkhfNTV6TDZlcFItOTM2S3l5ck9PeGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAA5m6gME
ACvyiAMEACvyigMEAC2XjDAMAwQFTW9gAwQATW9kAwQBTW9mMAwDBABNb2kDBABN
b2oDBABZagIDBABe5dEDBABe5dUDBAFe5d4DBAFnKSwDBABnZoUDBAB8nnADBADC
JCEDBADJDt0wDQYJKoZIhvcNAQELBQADggEBAMKzb3aqs4eflKuvgOcqaRL+LSwj
LNLjBeKBqNx/rr3m4ugaAU5twJXXvQTh7eczxOhoc/ED34X1sRzn0kXAY/SXp1xP
LC6lwZScVqT6/AfXKk7t5NnQgaRmQ6Og/SHVZO0u9DwQIxp7O2O266yO7PNPX1OA
tzoDKuAyAyAR0SpKtpi5HUC5BIfI/beXNq0JAmmjxhQtRNabsOkuBD5XDb1zkcsK
FbzyPESljXEH/Aw64ACUul0tjvPidUaEcw3R3/Z79h2QaZ2aooDbtbShCLgvpQ6T
s82dSC7C1i19RVCU1/DQB+eCermRFHsgEYhJKQSryVDIbarSa/hehztFAJ8=
-----END CERTIFICATE-----
Generated at Tue Jun 16 20:09:32 2026 by rpki-client