Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y5rEMjANwoD5WakywdfQs_XeuOo.roa
File: Y5rEMjANwoD5WakywdfQs_XeuOo.roa (raw, json)
Hash identifier: Fql2umA3F9xD59qi7mWXp1RrBb5ppg0woknbIde27wI=
Subject key identifier: 63:9A:C4:32:30:0D:C2:80:F9:59:A9:32:C1:D7:D0:B3:F5:DE:B8:EA
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019CFE92A74C6232A786FE8A1C7E027B8676
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y5rEMjANwoD5WakywdfQs_XeuOo.roa
Signing time: Wed 18 Mar 2026 01:32:29 +0000
ROA not before: Wed 18 Mar 2026 01:32:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.41.46.0/23 maxlen: 24
103.47.59.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Mar 2026 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fe:92:a7:4c:62:32:a7:86:fe:8a:1c:7e:02:7b:86:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 18 01:32:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=639ac432300dc280f959a932c1d7d0b3f5deb8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:47:2e:26:0e:52:69:5b:b1:bc:62:e5:61:19:
45:1d:0c:40:fe:2a:75:7b:d0:c0:a6:7b:ad:3c:66:
65:6b:9d:3b:34:02:88:be:d4:97:ec:dc:a0:52:e8:
72:6f:f9:a8:19:76:2b:46:d8:06:2f:a4:e9:43:61:
00:e8:3f:b1:a6:fe:94:6b:be:83:3c:6e:cb:d0:96:
4b:ef:cd:15:db:d9:f9:f1:a9:a7:08:90:8a:fc:a1:
b1:f9:4d:46:a8:62:1b:2b:bb:02:e5:a9:04:ff:ab:
3d:4b:c1:6b:a2:51:2a:a0:e7:36:f7:f6:f4:63:92:
97:e8:63:28:1d:63:2c:7b:47:d1:9d:0b:b2:34:e3:
50:f9:14:32:5a:83:b0:4c:ff:10:b3:02:de:4c:31:
53:4a:25:e5:11:7c:c2:0c:5a:c0:8d:5e:0c:fd:6a:
6f:3d:50:de:8b:8d:31:23:c4:b6:13:a7:86:9c:c0:
fd:b6:1e:74:4c:b9:7c:41:87:3a:32:11:9f:75:ea:
64:6c:7c:40:3a:ec:da:53:71:54:86:36:4a:3c:5f:
1f:3f:c9:6a:79:1b:15:55:53:16:02:75:14:82:60:
ef:dd:82:5c:8e:d1:07:90:be:62:36:51:15:05:3c:
a0:b1:b5:fe:1a:ff:50:67:2a:82:0f:e2:38:76:9b:
80:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9A:C4:32:30:0D:C2:80:F9:59:A9:32:C1:D7:D0:B3:F5:DE:B8:EA
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y5rEMjANwoD5WakywdfQs_XeuOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
103.41.44.0/22
103.47.59.0/24
124.158.112.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:0e:72:4b:2c:59:11:43:80:30:6f:91:b1:38:e8:8b:29:c7:
86:e3:0a:4b:52:4f:83:8e:9a:e6:60:4b:ae:77:22:a2:b3:a7:
e5:2f:fa:3f:44:71:b6:6d:91:f4:99:6c:07:2d:00:1a:e9:21:
f1:04:07:2a:23:54:96:56:b2:e2:0d:49:1a:88:2d:6c:2c:bf:
0c:47:25:01:46:b3:5f:5b:1f:44:ab:35:af:c3:1c:f8:80:94:
64:80:8c:f1:60:70:cc:06:ff:86:d2:de:19:36:5c:aa:aa:af:
9b:3a:2c:44:7a:52:62:64:91:fe:45:b4:26:aa:8c:60:29:77:
7f:d6:5c:3f:4a:43:b3:8f:aa:56:5e:6c:97:84:34:c0:8a:bb:
7d:13:6b:d7:e7:75:2c:4a:1b:94:e4:cc:c7:ab:27:a9:c5:97:
66:58:5a:a2:25:a9:6f:2e:77:b5:d3:ce:74:fc:f2:16:44:8f:
c1:c2:18:cb:ed:ec:37:ad:10:be:c9:c5:d3:6a:f6:44:27:ad:
b5:50:1c:f4:a3:39:50:4a:9d:5c:c6:62:8e:4c:b0:d0:06:83:
19:78:83:d1:df:ed:ca:aa:0c:0b:12:92:7f:fd:a2:fe:c2:9d:
8f:75:b1:72:80:f4:34:5f:18:2e:f8:32:98:9f:1d:43:9e:57:
2a:35:f3:fb
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZz+kqdMYjKnhv6KHH4Ce4Z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMzE4MDEzMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzlhYzQzMjMwMGRjMjgwZjk1OWE5MzJjMWQ3ZDBiM2Y1ZGViOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykcuJg5SaVuxvGLlYRlFHQxA/ip1
e9DApnutPGZla507NAKIvtSX7NygUuhyb/moGXYrRtgGL6TpQ2EA6D+xpv6Ua76D
PG7L0JZL780V29n58amnCJCK/KGx+U1GqGIbK7sC5akE/6s9S8FrolEqoOc29/b0
Y5KX6GMoHWMse0fRnQuyNONQ+RQyWoOwTP8QswLeTDFTSiXlEXzCDFrAjV4M/Wpv
PVDei40xI8S2E6eGnMD9th50TLl8QYc6MhGfdepkbHxAOuzaU3FUhjZKPF8fP8lq
eRsVVVMWAnUUgmDv3YJcjtEHkL5iNlEVBTygsbX+Gv9QZyqCD+I4dpuAOwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGOaxDIwDcKA+VmpMsHX0LP13rjqMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWTVyRU1qQU53b0Q1V2FreXdkZlFzX1hldU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQADmbqAwQA
LZeMAwQCTW9gAwQBTW9mAwQATW9pAwQCZyksAwQAZy87AwQAfJ5wAwQAwiQhMA0G
CSqGSIb3DQEBCwUAA4IBAQB7DnJLLFkRQ4Awb5GxOOiLKceG4wpLUk+DjprmYEuu
dyKis6flL/o/RHG2bZH0mWwHLQAa6SHxBAcqI1SWVrLiDUkaiC1sLL8MRyUBRrNf
Wx9EqzWvwxz4gJRkgIzxYHDMBv+G0t4ZNlyqqq+bOixEelJiZJH+RbQmqoxgKXd/
1lw/SkOzj6pWXmyXhDTAirt9E2vX53UsShuU5MzHqyepxZdmWFqiJalvLne10850
/PIWRI/BwhjL7ew3rRC+ycXTavZEJ621UBz0ozlQSp1cxmKOTLDQBoMZeIPR3+3K
qgwLEpJ//aL+wp2PdbFygPQ0Xxgu+DKYnx1DnlcqNfP7
-----END CERTIFICATE-----
Generated at Wed Mar 18 06:28:37 2026 by rpki-client