Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZAiNx0Vb-a-mu5oii-2bsDjaUJU.roa
File: ZAiNx0Vb-a-mu5oii-2bsDjaUJU.roa (raw, json)
Hash identifier: oYae0krMRIzt9TDaKaF1FPKYSQ7k0K3wEyLimffaa+U=
Subject key identifier: 64:08:8D:C7:45:5B:F9:AF:A6:BB:9A:22:8B:ED:9B:B0:38:DA:50:95
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019DB620F73E749AA182BB882369EF7D8E31
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZAiNx0Vb-a-mu5oii-2bsDjaUJU.roa
Signing time: Wed 22 Apr 2026 16:58:26 +0000
ROA not before: Wed 22 Apr 2026 16:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399989
IP address blocks: 14.102.234.0/24 maxlen: 24
43.242.139.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
124.158.113.0/24 maxlen: 24
124.158.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b6:20:f7:3e:74:9a:a1:82:bb:88:23:69:ef:7d:8e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 22 16:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64088dc7455bf9afa6bb9a228bed9bb038da5095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:83:88:c5:d5:f2:20:55:63:3b:f9:0c:0c:d8:
85:91:97:4d:f6:e7:71:9a:fa:30:76:91:e0:61:36:
69:d5:b9:bb:0d:7f:3b:c9:c3:e6:69:8d:0c:fb:c1:
8a:99:a7:c6:2f:3a:2d:e8:66:6a:0b:4c:c2:5a:8c:
93:b9:95:50:d2:4e:8c:10:30:99:29:09:03:2b:67:
68:b8:36:ce:79:e1:2c:a3:81:67:37:9f:92:d9:10:
2f:e9:90:53:71:a7:20:58:86:0c:4b:0f:9d:ef:a3:
cf:9a:e8:db:0d:c2:a7:36:c7:92:c8:9d:0f:37:f3:
71:29:95:6a:dc:5f:30:7a:28:ea:eb:d4:33:9f:45:
90:31:08:e1:78:89:5e:8f:96:70:4f:2c:c9:38:5e:
e2:93:35:23:12:26:2d:52:24:ec:e5:40:e4:c4:39:
b0:ff:34:de:a5:9c:8d:a9:68:87:05:83:eb:6d:5e:
1c:49:96:10:60:b7:62:62:d1:0f:c7:fe:ca:5e:3a:
ce:af:3f:56:b2:ae:8f:f0:8e:d7:07:e1:c3:32:f6:
4f:78:c3:70:9d:bb:67:ee:ac:4a:07:65:e6:65:a8:
1f:13:4a:e7:7c:ea:34:f7:c2:16:98:23:2c:2a:dd:
5a:22:0e:e6:42:42:b5:69:b1:2a:66:7d:be:d9:b3:
db:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:08:8D:C7:45:5B:F9:AF:A6:BB:9A:22:8B:ED:9B:B0:38:DA:50:95
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ZAiNx0Vb-a-mu5oii-2bsDjaUJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
43.242.139.0/24
103.47.59.0/24
124.158.113.0-124.158.114.255
Signature Algorithm: sha256WithRSAEncryption
3b:45:bb:72:2f:f3:bd:44:29:fe:36:e5:1d:69:65:4f:0e:3a:
24:9b:71:82:c8:e7:44:58:c0:d3:e3:f2:6c:e0:bf:f4:c3:b0:
63:f1:d5:6f:e8:2d:be:6e:c4:cc:03:a7:f4:fa:78:99:70:38:
1f:0f:4d:07:0a:bd:91:61:40:5c:23:52:8d:80:aa:61:83:c2:
a5:ef:7c:c8:06:2e:cc:0a:74:1c:74:e4:73:84:b8:ba:22:5b:
08:e4:fc:f6:b7:bc:17:8f:67:ce:42:3e:3c:d9:44:bb:12:87:
39:99:3c:74:16:23:31:83:9a:38:44:db:43:2d:a0:d0:b3:bb:
b7:8e:36:b9:94:f3:d6:3e:5e:12:05:9b:e8:2b:86:6c:ab:b2:
a1:af:4e:39:b2:4a:a6:5e:a9:10:9c:b6:4e:7e:d8:e2:e4:3a:
b8:2c:dd:e9:a8:02:f8:bd:bb:65:37:21:72:1f:1a:01:51:57:
87:cc:6e:34:15:f9:13:ae:6d:d8:94:9d:53:0b:45:29:cf:19:
f5:9b:9d:75:76:f9:46:4b:c4:f5:f3:4e:a5:40:a4:7e:7c:eb:
7c:87:da:7f:74:e7:8c:e5:d0:3e:a3:0d:68:89:f4:92:21:53:
dd:da:76:5c:fa:b9:d1:33:6a:44:40:4f:b0:c9:22:eb:fb:10:
ac:e1:42:bb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ22IPc+dJqhgruII2nvfY4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNDIyMTY1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDA4OGRjNzQ1NWJmOWFmYTZiYjlhMjI4YmVkOWJiMDM4ZGE1MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYOIxdXyIFVjO/kMDNiFkZdN9udx
mvowdpHgYTZp1bm7DX87ycPmaY0M+8GKmafGLzot6GZqC0zCWoyTuZVQ0k6MEDCZ
KQkDK2douDbOeeEso4FnN5+S2RAv6ZBTcacgWIYMSw+d76PPmujbDcKnNseSyJ0P
N/NxKZVq3F8weijq69Qzn0WQMQjheIlej5ZwTyzJOF7ikzUjEiYtUiTs5UDkxDmw
/zTepZyNqWiHBYPrbV4cSZYQYLdiYtEPx/7KXjrOrz9Wsq6P8I7XB+HDMvZPeMNw
nbtn7qxKB2XmZagfE0rnfOo098IWmCMsKt1aIg7mQkK1abEqZn2+2bPbMQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGQIjcdFW/mvpruaIovtm7A42lCVMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWkFpTngwVmItYS1tdTVvaWktMmJzRGphVUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQADmbqAwQA
K/KLAwQAZy87MAwDBAB8nnEDBAB8nnIwDQYJKoZIhvcNAQELBQADggEBADtFu3Iv
871EKf425R1pZU8OOiSbcYLI50RYwNPj8mzgv/TDsGPx1W/oLb5uxMwDp/T6eJlw
OB8PTQcKvZFhQFwjUo2AqmGDwqXvfMgGLswKdBx05HOEuLoiWwjk/Pa3vBePZ85C
PjzZRLsShzmZPHQWIzGDmjhE20MtoNCzu7eONrmU89Y+XhIFm+grhmyrsqGvTjmy
SqZeqRCctk5+2OLkOrgs3emoAvi9u2U3IXIfGgFRV4fMbjQV+ROubdiUnVMLRSnP
GfWbnXV2+UZLxPXzTqVApH5863yH2n9054zl0D6jDWiJ9JIhU93adlz6udEzakRA
T7DJIuv7EKzhQrs=
-----END CERTIFICATE-----
Generated at Sat May 2 07:37:32 2026 by rpki-client