Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Fu2oBAkhuYZqSdVSVD97LTgtEAY.roa
File: Fu2oBAkhuYZqSdVSVD97LTgtEAY.roa (raw, json)
Hash identifier: aODHZYR+mhzb4HajVCoaGZOE73RrbPYya1rYTs8I1ek=
Subject key identifier: 16:ED:A8:04:09:21:B9:86:6A:49:D5:52:54:3F:7B:2D:38:2D:10:06
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019CBFAC5168CFBB953C4C3CDA21908EA53C
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Fu2oBAkhuYZqSdVSVD97LTgtEAY.roa
Signing time: Thu 05 Mar 2026 20:24:27 +0000
ROA not before: Thu 05 Mar 2026 20:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200469
IP address blocks: 43.242.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bf:ac:51:68:cf:bb:95:3c:4c:3c:da:21:90:8e:a5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 5 20:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16eda8040921b9866a49d552543f7b2d382d1006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:b8:06:ab:77:f1:92:e3:b1:8e:75:9f:c9:
d3:4a:42:1b:d2:f6:e2:cc:c1:a3:37:cf:0a:c2:b8:
42:d2:4b:8a:83:73:6c:b2:fe:a9:d3:73:a2:7a:64:
f8:4b:52:12:8c:93:e0:5a:31:4f:2e:8c:28:5f:bd:
45:4d:f3:ea:b2:2d:8d:11:1f:bd:b8:22:36:49:25:
a2:11:10:ac:26:37:bb:48:51:54:aa:34:67:f3:e3:
60:d4:a7:94:06:35:a5:25:f1:f7:28:91:2f:e0:9c:
b5:3e:5b:62:63:bf:0b:e8:27:b9:4b:fe:a0:89:dc:
63:9f:5e:92:fb:54:48:de:87:73:a4:ae:f1:1c:6f:
d3:3f:6e:80:72:e6:f6:26:e7:ae:bb:66:ae:27:68:
d3:26:a0:d9:ab:a1:b6:9b:fa:e5:6a:4e:40:8a:6a:
2b:cc:ff:1a:0c:60:2c:f2:38:5d:61:9b:47:0e:1a:
24:a5:fa:3c:e3:25:36:61:6a:d4:4b:3f:1a:59:ab:
16:7f:29:90:63:e7:30:d3:33:8c:67:0a:35:17:a1:
6c:e5:24:bb:e1:53:b8:58:f2:c8:40:60:84:aa:6d:
cc:9b:1b:06:01:c7:8d:27:9b:0a:64:6a:ee:c4:27:
9a:94:b8:8d:97:97:42:b2:6c:e7:4e:36:cd:d2:5e:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:ED:A8:04:09:21:B9:86:6A:49:D5:52:54:3F:7B:2D:38:2D:10:06
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Fu2oBAkhuYZqSdVSVD97LTgtEAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.242.138.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ba:e3:86:5e:6b:38:ec:b1:8a:e7:9d:03:af:45:8e:4f:97:
67:c9:8d:d4:38:6d:30:3f:98:25:92:57:19:8f:85:02:f4:df:
95:27:12:9b:68:a5:a2:1d:ae:bc:b7:70:df:e5:51:fb:54:3e:
88:8b:c7:e2:23:0a:e2:5c:55:67:69:d4:4a:fd:34:a2:28:c4:
4e:11:71:02:34:89:e2:6b:09:60:7f:d5:6e:f0:c6:86:38:7e:
6c:48:c8:d0:93:1c:77:72:ce:40:53:9e:ef:fe:c7:47:1f:31:
70:8e:2a:33:dc:95:3d:2d:a3:29:f6:7b:6d:3a:6a:b4:f6:fb:
ed:bf:d8:f0:91:bf:4a:59:40:50:0c:3d:6c:63:8d:a4:1e:7d:
68:82:f5:e0:21:11:7f:f6:f2:05:ac:08:4a:53:78:c5:aa:c2:
15:3d:36:24:8a:2f:a6:6e:73:be:50:9b:e5:3e:7d:89:2b:f7:
fb:fa:03:18:0d:37:3c:15:61:37:9b:2f:c4:e5:9b:a6:e1:ee:
8a:8a:3f:72:f6:bd:75:2e:08:a3:d8:91:b4:3b:1c:42:1a:dd:
96:c8:3f:0a:72:20:0b:37:60:8d:f7:62:1c:b5:70:e3:0b:01:
7b:9c:37:73:22:c7:17:bd:49:43:d6:8c:83:a0:b9:d3:e1:5c:
11:26:2d:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZy/rFFoz7uVPEw82iGQjqU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMzA1MjAyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmVkYTgwNDA5MjFiOTg2NmE0OWQ1NTI1NDNmN2IyZDM4MmQxMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr624Bqt38ZLjsY51n8nTSkIb0vbi
zMGjN88KwrhC0kuKg3Nssv6p03OiemT4S1ISjJPgWjFPLowoX71FTfPqsi2NER+9
uCI2SSWiERCsJje7SFFUqjRn8+Ng1KeUBjWlJfH3KJEv4Jy1PltiY78L6Ce5S/6g
idxjn16S+1RI3odzpK7xHG/TP26Acub2Jueuu2auJ2jTJqDZq6G2m/rlak5Aimor
zP8aDGAs8jhdYZtHDhokpfo84yU2YWrUSz8aWasWfymQY+cw0zOMZwo1F6Fs5SS7
4VO4WPLIQGCEqm3MmxsGAceNJ5sKZGruxCealLiNl5dCsmznTjbN0l7jGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBbtqAQJIbmGaknVUlQ/ey04LRAGMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvRnUyb0JBa2h1WVpxU2RWU1ZEOTdMVGd0RUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK/KKMA0G
CSqGSIb3DQEBCwUAA4IBAQAAuuOGXms47LGK550Dr0WOT5dnyY3UOG0wP5glklcZ
j4UC9N+VJxKbaKWiHa68t3Df5VH7VD6Ii8fiIwriXFVnadRK/TSiKMROEXECNIni
awlgf9Vu8MaGOH5sSMjQkxx3cs5AU57v/sdHHzFwjioz3JU9LaMp9nttOmq09vvt
v9jwkb9KWUBQDD1sY42kHn1ogvXgIRF/9vIFrAhKU3jFqsIVPTYkii+mbnO+UJvl
Pn2JK/f7+gMYDTc8FWE3my/E5Zum4e6Kij9y9r11Lgij2JG0OxxCGt2WyD8KciAL
N2CN92IctXDjCwF7nDdzIscXvUlD1oyDoLnT4VwRJi0o
-----END CERTIFICATE-----
Generated at Sat Mar 7 04:05:34 2026 by rpki-client