Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Tth7FM00PcbkxiLIxs1aTnqP6tk.roa
File: Tth7FM00PcbkxiLIxs1aTnqP6tk.roa (raw, json)
Hash identifier: FeYQsaD+jn3wYogXt9iTI/b/nQNM9Ne9op62YJsuJkU=
Subject key identifier: 4E:D8:7B:14:CD:34:3D:C6:E4:C6:22:C8:C6:CD:5A:4E:7A:8F:EA:D9
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019E3BEEA9875BE10D4462786A25F6656A69
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Tth7FM00PcbkxiLIxs1aTnqP6tk.roa
Signing time: Mon 18 May 2026 16:32:37 +0000
ROA not before: Mon 18 May 2026 16:32:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399989
IP address blocks: 43.242.139.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
124.158.113.0/24 maxlen: 24
124.158.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3b:ee:a9:87:5b:e1:0d:44:62:78:6a:25:f6:65:6a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: May 18 16:32:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ed87b14cd343dc6e4c622c8c6cd5a4e7a8fead9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:28:4d:7d:53:99:4c:75:32:58:23:67:69:
a9:a8:e7:97:6c:4c:23:a3:e3:fc:fb:2a:2d:4b:ae:
3e:64:84:9b:75:d4:59:df:38:b4:aa:57:c4:63:7b:
fc:c0:f7:8b:8f:81:72:f7:70:aa:b9:a5:ad:46:77:
9c:63:a8:37:05:27:15:67:cc:80:98:4c:b9:5d:0c:
01:9d:25:4b:56:8a:35:8e:84:12:d0:dc:7b:ea:cd:
bd:47:af:7e:66:fb:97:da:1a:e3:9b:ed:99:55:df:
b9:06:90:41:0d:82:7a:53:17:23:a8:d8:54:5d:37:
67:bb:5d:d5:20:bb:58:85:20:20:09:12:ab:08:75:
e0:45:30:98:5f:32:ee:00:14:c7:59:92:e7:36:6d:
20:ca:83:d5:12:2c:2a:95:0c:52:bc:bf:13:c4:24:
fe:b3:d0:57:97:0f:a9:8b:2c:a3:41:d1:b4:c6:25:
5f:5c:fd:3c:0b:95:b2:92:5f:16:74:97:03:76:b0:
e0:ea:1d:64:2c:35:f5:88:52:da:82:0a:48:3e:ae:
79:fb:e6:87:d1:8c:1e:50:64:37:3f:a2:c0:0c:e1:
7a:e0:80:2e:61:7e:5e:f8:66:b0:63:31:8b:f7:f6:
e7:26:8f:b0:10:4b:0a:c4:d6:e8:69:0b:53:08:6d:
79:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D8:7B:14:CD:34:3D:C6:E4:C6:22:C8:C6:CD:5A:4E:7A:8F:EA:D9
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Tth7FM00PcbkxiLIxs1aTnqP6tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.242.139.0/24
103.47.59.0/24
124.158.113.0-124.158.114.255
Signature Algorithm: sha256WithRSAEncryption
42:e7:29:b0:11:4a:67:e1:c9:62:b7:99:e1:6f:d2:46:8e:19:
9f:b3:10:b3:fc:d7:04:9b:c6:f2:f0:60:97:42:41:00:8d:f0:
59:99:1c:f1:7e:11:43:e9:95:ec:29:a2:28:fc:e9:2d:f2:b0:
5b:d1:f0:ec:e5:ec:1a:50:21:c2:f5:ff:47:7a:85:86:97:55:
f9:3a:54:70:de:2d:30:1e:3b:f7:25:bb:6e:5b:4e:e7:51:8c:
f8:d5:79:81:30:8b:8c:8a:f1:f0:b4:fc:b2:11:83:cc:16:be:
8a:c7:76:3c:81:f5:ab:5a:67:5d:89:c3:cc:a4:3b:34:2c:85:
b8:bc:f6:7a:0a:0b:54:1c:8e:35:dd:03:69:56:71:d3:6a:17:
14:be:9d:6d:1d:28:e1:28:51:77:99:2c:57:94:6a:7c:71:b0:
b7:16:0b:1b:e1:f4:47:7a:8d:4e:b6:36:ec:8b:f9:ba:6f:aa:
f9:09:b2:26:3c:d3:bf:62:44:b4:78:52:f1:21:93:d6:30:4c:
82:40:3b:64:5f:93:19:49:18:97:aa:fd:47:d4:85:cc:0d:80:
72:44:87:75:19:0e:ee:19:ed:b5:67:af:e9:89:38:73:fc:44:
59:76:b8:b6:53:7c:a5:75:ee:9a:4e:51:48:81:88:ab:61:ef:
6d:9a:5f:53
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ477qmHW+ENRGJ4aiX2ZWppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNTE4MTYzMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ4N2IxNGNkMzQzZGM2ZTRjNjIyYzhjNmNkNWE0ZTdhOGZlYWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF8oTX1TmUx1MlgjZ2mpqOeXbEwj
o+P8+yotS64+ZISbddRZ3zi0qlfEY3v8wPeLj4Fy93CquaWtRnecY6g3BScVZ8yA
mEy5XQwBnSVLVoo1joQS0Nx76s29R69+ZvuX2hrjm+2ZVd+5BpBBDYJ6UxcjqNhU
XTdnu13VILtYhSAgCRKrCHXgRTCYXzLuABTHWZLnNm0gyoPVEiwqlQxSvL8TxCT+
s9BXlw+piyyjQdG0xiVfXP08C5Wykl8WdJcDdrDg6h1kLDX1iFLaggpIPq55++aH
0YweUGQ3P6LADOF64IAuYX5e+GawYzGL9/bnJo+wEEsKxNboaQtTCG15hwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE7YexTNND3G5MYiyMbNWk56j+rZMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvVHRoN0ZNMDBQY2JreGlMSXhzMWFUbnFQNnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAK/KLAwQA
Zy87MAwDBAB8nnEDBAB8nnIwDQYJKoZIhvcNAQELBQADggEBAELnKbARSmfhyWK3
meFv0kaOGZ+zELP81wSbxvLwYJdCQQCN8FmZHPF+EUPplewpoij86S3ysFvR8Ozl
7BpQIcL1/0d6hYaXVfk6VHDeLTAeO/clu25bTudRjPjVeYEwi4yK8fC0/LIRg8wW
vorHdjyB9ataZ12Jw8ykOzQshbi89noKC1QcjjXdA2lWcdNqFxS+nW0dKOEoUXeZ
LFeUanxxsLcWCxvh9Ed6jU62NuyL+bpvqvkJsiY8079iRLR4UvEhk9YwTIJAO2Rf
kxlJGJeq/UfUhcwNgHJEh3UZDu4Z7bVnr+mJOHP8RFl2uLZTfKV17ppOUUiBiKth
722aX1M=
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:21:37 2026 by rpki-client