Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/d15ADNIUcHM20b9EBqM2UR6miF4.roa
File: d15ADNIUcHM20b9EBqM2UR6miF4.roa (raw, json)
Hash identifier: 34/q0NEEy8KJ3K9/ultI+XTJ2jj2MtuifXPE+//ZYx4=
Subject key identifier: 77:5E:40:0C:D2:14:70:73:36:D1:BF:44:06:A3:36:51:1E:A6:88:5E
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019D01E4B9B9B2A4BEF028E2ECDD5992CCF3
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/d15ADNIUcHM20b9EBqM2UR6miF4.roa
Signing time: Wed 18 Mar 2026 17:01:00 +0000
ROA not before: Wed 18 Mar 2026 17:01:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21769
IP address blocks: 45.127.248.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
103.84.212.0/24 maxlen: 24
124.158.100.0/24 maxlen: 24
185.195.212.0/22 maxlen: 22
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
185.199.116.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:e4:b9:b9:b2:a4:be:f0:28:e2:ec:dd:59:92:cc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 18 17:01:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=775e400cd214707336d1bf4406a336511ea6885e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:10:f0:8d:61:64:f1:b7:85:cf:3d:98:4e:ba:
55:b8:9c:47:85:c1:fb:88:07:da:7b:5f:84:77:bb:
6c:80:6a:a5:1e:ef:89:ba:64:7f:9c:e4:4a:17:e7:
21:04:69:94:61:b4:f0:0d:23:81:75:8e:70:42:a3:
42:35:fe:d6:87:64:80:70:bb:08:18:37:e3:70:1b:
b5:7e:ed:fc:eb:87:67:79:19:2f:9a:8f:48:1b:8d:
19:de:3c:49:fb:20:be:d2:c3:3b:85:6f:9b:42:aa:
19:9c:c0:2a:41:96:25:5b:f4:b9:05:c3:55:a7:1e:
a6:08:01:95:3b:0b:bf:08:09:54:6a:be:70:3a:9f:
f1:72:55:fd:03:07:91:3c:7e:33:a7:a4:db:5b:7f:
9a:da:1c:9a:df:a3:b9:9a:1f:07:1f:0e:be:c7:db:
98:68:32:20:e4:60:f6:67:6c:3d:a4:78:bc:b4:d5:
4e:67:ea:57:eb:44:00:c7:a1:92:54:bf:02:01:d3:
79:6d:70:dd:5a:74:89:2a:13:90:dd:4b:00:68:8e:
2b:ff:2e:07:22:90:b3:5b:7e:6e:13:e1:86:5c:73:
ac:7a:2d:a7:07:3c:5a:18:fe:76:a3:a1:23:68:48:
4e:c9:ed:f4:61:b2:ef:96:58:d0:e3:72:ee:f8:09:
73:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5E:40:0C:D2:14:70:73:36:D1:BF:44:06:A3:36:51:1E:A6:88:5E
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/d15ADNIUcHM20b9EBqM2UR6miF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
103.71.61.0/24
103.84.212.0/24
124.158.100.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
2e:d4:1a:3a:59:b8:3c:e8:83:56:72:9b:88:56:1d:d9:19:6c:
77:ce:56:96:54:cd:3b:be:0a:4c:d4:e1:88:ac:45:58:77:d7:
2b:1d:df:e5:d8:53:d9:0c:90:57:83:d3:53:4b:46:0a:2b:12:
47:a2:90:f3:d4:e3:dc:bd:d9:4a:68:d9:6a:bc:c4:4b:21:bc:
ee:73:d2:1c:64:e0:04:ce:7c:3b:97:a7:1d:cd:a5:69:d4:7f:
7f:8b:92:47:d5:df:92:2a:d2:25:2e:7d:7b:7c:59:5a:51:74:
6c:cb:c1:78:99:b9:8e:44:ab:2f:70:f4:ea:ac:4d:30:87:b7:
ed:e3:2c:7e:af:a6:5c:6e:30:22:88:69:33:d3:a0:77:d7:a6:
5a:ff:27:bb:1c:ce:eb:fc:d4:ca:5e:33:d9:31:11:81:88:1e:
e3:d2:56:9e:8d:5d:dd:74:20:99:d1:17:1a:32:db:bf:0b:75:
02:80:54:0f:8a:34:51:21:5d:76:bf:d4:26:29:6b:16:97:34:
c6:e9:89:1a:c6:4c:2e:a8:d7:a2:c8:69:8c:38:e0:54:8b:5a:
97:4f:4f:b4:98:1c:37:33:e5:3f:b0:e4:6a:b4:f2:c8:6f:73:
f4:2f:b4:de:c0:b3:fc:ff:fc:df:e2:fa:a6:c0:94:e4:4d:9f:
34:5c:1d:4e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ0B5Lm5sqS+8Cji7N1ZkszzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMzE4MTcwMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVlNDAwY2QyMTQ3MDczMzZkMWJmNDQwNmEzMzY1MTFlYTY4ODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohDwjWFk8beFzz2YTrpVuJxHhcH7
iAfae1+Ed7tsgGqlHu+JumR/nORKF+chBGmUYbTwDSOBdY5wQqNCNf7Wh2SAcLsI
GDfjcBu1fu3864dneRkvmo9IG40Z3jxJ+yC+0sM7hW+bQqoZnMAqQZYlW/S5BcNV
px6mCAGVOwu/CAlUar5wOp/xclX9AweRPH4zp6TbW3+a2hya36O5mh8HHw6+x9uY
aDIg5GD2Z2w9pHi8tNVOZ+pX60QAx6GSVL8CAdN5bXDdWnSJKhOQ3UsAaI4r/y4H
IpCzW35uE+GGXHOsei2nBzxaGP52o6EjaEhOye30YbLvlljQ43Lu+Alz/QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHdeQAzSFHBzNtG/RAajNlEepoheMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZDE1QUROSVVjSE0yMGI5RUJxTTJVUjZtaUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLX/4AwQA
Z0c9AwQAZ1TUAwQAfJ5kAwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQCwl0EMA0E
AgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQAu1Bo6Wbg86INWcpuIVh3Z
GWx3zlaWVM07vgpM1OGIrEVYd9crHd/l2FPZDJBXg9NTS0YKKxJHopDz1OPcvdlK
aNlqvMRLIbzuc9IcZOAEznw7l6cdzaVp1H9/i5JH1d+SKtIlLn17fFlaUXRsy8F4
mbmORKsvcPTqrE0wh7ft4yx+r6ZcbjAiiGkz06B316Za/ye7HM7r/NTKXjPZMRGB
iB7j0laejV3ddCCZ0RcaMtu/C3UCgFQPijRRIV12v9QmKWsWlzTG6YkaxkwuqNei
yGmMOOBUi1qXT0+0mBw3M+U/sORqtPLIb3P0L7TewLP8//zf4vqmwJTkTZ80XB1O
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:22:35 2026 by rpki-client