Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fLHg3vSEtExFDuMsTxH8TSsUpmc.roa
File: fLHg3vSEtExFDuMsTxH8TSsUpmc.roa (raw, json)
Hash identifier: COKYkgMjGaeelfK/jYUeUq6oRqr4S+KS+NVAOdYZInI=
Subject key identifier: 7C:B1:E0:DE:F4:84:B4:4C:45:0E:E3:2C:4F:11:FC:4D:2B:14:A6:67
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01994E12BFC72514BA2A2414FCCF66D54D26
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fLHg3vSEtExFDuMsTxH8TSsUpmc.roa
Signing time: Mon 15 Sep 2025 15:51:15 +0000
ROA not before: Mon 15 Sep 2025 15:51:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
194.36.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4e:12:bf:c7:25:14:ba:2a:24:14:fc:cf:66:d5:4d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Sep 15 15:51:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7cb1e0def484b44c450ee32c4f11fc4d2b14a667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fa:4a:7d:ab:b0:8d:1d:45:89:05:7f:75:17:
95:05:06:39:8b:54:46:c0:28:8b:e4:19:30:eb:dc:
0e:7c:57:af:55:ca:f9:e9:ee:f7:07:b3:72:03:a9:
f9:32:4b:87:8b:03:69:01:f8:cb:15:23:c7:36:00:
91:67:b9:02:a3:20:e6:37:56:ee:0d:49:6a:d0:c8:
21:11:68:c4:0d:05:dc:4c:65:60:7a:43:95:47:2c:
a8:84:b8:3d:fa:0b:29:b2:94:ec:65:1c:3b:c4:6a:
d5:9d:12:e6:bd:2b:d9:3c:53:06:20:33:15:11:94:
87:9f:be:98:58:1e:f2:51:f6:e3:7d:53:d5:71:6a:
43:4c:14:00:72:43:a4:7e:c0:4a:83:e7:82:c2:8a:
ef:b4:01:74:7d:2f:89:1e:77:49:a4:ed:df:e3:8e:
a9:2f:10:c0:d7:ab:38:7d:0c:c7:a5:77:f5:4a:18:
f9:96:8f:87:71:cc:37:99:04:8e:9a:30:98:05:38:
fb:6d:a3:66:e2:9f:ae:09:d4:57:e2:df:69:b1:be:
31:fc:e3:f8:39:a6:bf:1f:55:9d:2d:6e:d0:99:95:
3e:46:2d:39:c3:6d:cc:2d:98:b8:7c:ab:12:30:2b:
c3:11:62:28:38:32:f4:9a:ae:8f:43:7d:b2:85:1f:
83:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B1:E0:DE:F4:84:B4:4C:45:0E:E3:2C:4F:11:FC:4D:2B:14:A6:67
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/fLHg3vSEtExFDuMsTxH8TSsUpmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
94.229.212.0/24
194.36.35.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c0:16:fe:23:e4:4f:e4:bb:9b:68:1e:d2:be:a9:07:ec:d4:
25:73:40:a6:49:eb:d4:32:03:5e:e6:59:96:08:b4:35:dd:cd:
be:7c:a7:bd:e7:ee:19:15:0e:31:ad:16:a7:b8:58:02:60:f6:
43:5b:ca:f3:65:59:0c:40:17:61:5c:55:5f:c7:6a:ae:c3:9c:
4c:31:de:f6:68:31:eb:73:be:e6:f5:78:57:94:9a:53:d3:99:
28:16:9d:2b:44:82:4a:21:ed:dc:a8:29:e7:06:50:ac:51:d7:
27:54:70:e9:45:ac:bd:f5:42:17:b7:03:d0:b4:f7:ad:1d:0d:
7d:1e:46:bb:71:5b:c7:db:84:b3:2d:75:a5:ca:e2:5d:ff:63:
4a:34:0f:a1:e8:a8:15:46:7f:91:df:55:c9:df:58:c9:d6:ef:
34:d1:8e:d2:83:56:66:cc:47:59:75:a7:42:7e:68:86:17:a4:
82:a5:22:e6:4f:94:01:5d:d5:93:99:ce:e0:75:f9:8c:59:6c:
6c:e3:7f:d5:9d:e3:e8:e9:66:11:41:97:a7:2e:9b:df:23:67:
45:fb:5b:c3:d5:8e:dd:55:38:3b:12:24:f8:41:b3:0e:e6:ab:
34:b6:65:5f:2e:0b:ff:e8:b0:72:d3:76:f3:50:5d:e6:e3:27:
a4:0e:95:b9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZlOEr/HJRS6KiQU/M9m1U0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwOTE1MTU1MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IxZTBkZWY0ODRiNDRjNDUwZWUzMmM0ZjExZmM0ZDJiMTRhNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPpKfauwjR1FiQV/dReVBQY5i1RG
wCiL5Bkw69wOfFevVcr56e73B7NyA6n5MkuHiwNpAfjLFSPHNgCRZ7kCoyDmN1bu
DUlq0MghEWjEDQXcTGVgekOVRyyohLg9+gspspTsZRw7xGrVnRLmvSvZPFMGIDMV
EZSHn76YWB7yUfbjfVPVcWpDTBQAckOkfsBKg+eCworvtAF0fS+JHndJpO3f446p
LxDA16s4fQzHpXf1Shj5lo+Hccw3mQSOmjCYBTj7baNm4p+uCdRX4t9psb4x/OP4
Oaa/H1WdLW7QmZU+Ri05w23MLZi4fKsSMCvDEWIoODL0mq6PQ32yhR+DZQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHyx4N70hLRMRQ7jLE8R/E0rFKZnMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZkxIZzN2U0V0RXhGRHVNc1R4SDhUU3NVcG1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBDmbiAwQC
TW9gAwQBTW9mAwQATW9pAwQAXuXUAwQAwiQjMA0GCSqGSIb3DQEBCwUAA4IBAQCh
wBb+I+RP5LubaB7SvqkH7NQlc0CmSevUMgNe5lmWCLQ13c2+fKe95+4ZFQ4xrRan
uFgCYPZDW8rzZVkMQBdhXFVfx2quw5xMMd72aDHrc77m9XhXlJpT05koFp0rRIJK
Ie3cqCnnBlCsUdcnVHDpRay99UIXtwPQtPetHQ19Hka7cVvH24SzLXWlyuJd/2NK
NA+h6KgVRn+R31XJ31jJ1u800Y7Sg1ZmzEdZdadCfmiGF6SCpSLmT5QBXdWTmc7g
dfmMWWxs43/VnePo6WYRQZenLpvfI2dF+1vD1Y7dVTg7EiT4QbMO5qs0tmVfLgv/
6LBy03bzUF3m4yekDpW5
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:34:36 2025 by rpki-client