Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/9J3YVTVMUdaatwtJmeQQCEHVcBo.roa
File: 9J3YVTVMUdaatwtJmeQQCEHVcBo.roa (raw, json)
Hash identifier: JsWCcwC76EJOdv3FoZmA8WjcY5j8vfKeP+fChTbStNo=
Subject key identifier: F4:9D:D8:55:35:4C:51:D6:9A:B7:0B:49:99:E4:10:08:41:D5:70:1A
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019EA7FF15B38D30DD7EF10900B7A00C028F
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/9J3YVTVMUdaatwtJmeQQCEHVcBo.roa
Signing time: Mon 08 Jun 2026 16:09:32 +0000
ROA not before: Mon 08 Jun 2026 16:09:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
43.242.138.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.100.0/24 maxlen: 24
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.106.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
94.229.209.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.102.133.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:17:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:ff:15:b3:8d:30:dd:7e:f1:09:00:b7:a0:0c:02:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 8 16:09:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f49dd855354c51d69ab70b4999e4100841d5701a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c1:e1:52:54:c7:d8:b8:1b:e5:e8:9d:91:dd:
c1:a1:1b:d0:97:ac:f5:1f:c8:03:7d:6e:1e:c0:32:
64:31:70:6a:8f:af:b5:d7:cf:c1:4e:40:22:6f:2a:
ca:76:45:00:6f:9f:bb:4b:15:e5:0b:e2:3a:18:c9:
8a:58:26:99:57:9b:dd:e1:f3:4b:1b:83:80:ca:8e:
25:af:d3:d2:5c:49:c4:ac:ed:7e:f6:20:cb:9f:c4:
7b:b4:38:b6:c3:76:60:34:5f:38:24:d3:2d:1e:ba:
6b:86:27:35:23:a2:f9:09:ed:3f:a8:e6:9e:63:b0:
9b:83:2f:e6:63:ab:d0:83:86:c2:2e:78:8c:6a:a0:
6b:e4:07:15:f0:df:90:cb:0e:1c:5c:e4:fb:9a:1d:
dd:47:34:b3:5c:12:0e:c2:7f:4a:25:81:59:af:e1:
9f:ff:f8:61:e7:13:0f:0a:72:2d:2f:9c:4c:fa:5a:
2b:2a:3b:d0:62:35:87:57:ee:f2:40:0c:55:4c:69:
e6:8b:3c:79:31:a8:f8:b5:22:21:c0:54:84:59:ba:
40:6c:43:44:f9:69:30:f9:1c:31:24:eb:0f:2f:aa:
d3:5c:90:2c:fd:58:94:06:ef:31:67:e2:45:5f:53:
f0:ff:bf:93:ee:33:17:8a:e9:9c:1e:b8:9f:84:78:
d4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9D:D8:55:35:4C:51:D6:9A:B7:0B:49:99:E4:10:08:41:D5:70:1A
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/9J3YVTVMUdaatwtJmeQQCEHVcBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
43.242.136.0/24
43.242.138.0/24
45.151.140.0/24
77.111.96.0-77.111.100.255
77.111.102.0/23
77.111.105.0-77.111.106.255
89.106.2.0/24
94.229.209.0/24
94.229.213.0/24
94.229.222.0/23
103.41.44.0/23
103.102.133.0/24
124.158.112.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
de:a2:99:be:f9:7a:55:61:5a:c9:04:13:63:05:fe:0e:dc:b5:
f7:e8:6f:7e:83:38:d6:b5:c1:fb:ee:d4:fd:a8:f8:28:ef:95:
d2:e9:3c:94:92:c7:72:33:cc:15:d6:bb:32:ff:3e:b0:8d:c5:
3f:18:70:30:3c:25:bb:0a:1f:b2:f6:e1:cd:e3:e1:e1:3b:3f:
b8:59:81:a4:39:ea:2a:f3:73:51:0d:70:61:41:da:b2:e4:71:
ab:da:6f:03:9e:05:30:0f:16:17:bb:12:58:84:8c:af:ec:92:
16:6d:99:11:bd:b2:f5:be:ec:c3:1c:bf:b5:f8:a7:6e:c4:59:
50:9f:c0:d6:0d:9d:ff:a9:e9:ff:db:a5:9e:07:e8:3c:02:22:
12:73:f3:3b:d3:8f:29:52:f5:b1:56:e2:57:43:17:85:9d:4b:
d8:e6:09:65:07:87:2e:45:0c:5e:5d:6d:e9:91:f1:e6:c3:13:
b2:c6:17:52:50:cb:50:9e:a9:24:d7:24:84:62:aa:97:dc:9d:
a9:18:e2:7a:09:d2:fe:13:4d:90:fc:f1:9c:e1:76:cb:6f:f9:
73:77:cd:19:72:a0:10:9e:fa:51:42:5a:a4:95:c4:7b:45:9d:
f7:bd:5a:48:64:20:38:c8:39:9a:10:35:0c:8b:ee:16:81:40:
79:a7:a3:1b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ6n/xWzjTDdfvEJALegDAKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNjA4MTYwOTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDlkZDg1NTM1NGM1MWQ2OWFiNzBiNDk5OWU0MTAwODQxZDU3MDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MHhUlTH2Lgb5eidkd3BoRvQl6z1
H8gDfW4ewDJkMXBqj6+118/BTkAibyrKdkUAb5+7SxXlC+I6GMmKWCaZV5vd4fNL
G4OAyo4lr9PSXEnErO1+9iDLn8R7tDi2w3ZgNF84JNMtHrprhic1I6L5Ce0/qOae
Y7Cbgy/mY6vQg4bCLniMaqBr5AcV8N+Qyw4cXOT7mh3dRzSzXBIOwn9KJYFZr+Gf
//hh5xMPCnItL5xM+lorKjvQYjWHV+7yQAxVTGnmizx5Maj4tSIhwFSEWbpAbENE
+Wkw+RwxJOsPL6rTXJAs/ViUBu8xZ+JFX1Pw/7+T7jMXiumcHrifhHjUPQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFPSd2FU1TFHWmrcLSZnkEAhB1XAaMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvOUozWVZUVk1VZGFhdHd0Sm1lUVFDRUhWY0JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAA5m6gME
ACvyiAMEACvyigMEAC2XjDAMAwQFTW9gAwQATW9kAwQBTW9mMAwDBABNb2kDBABN
b2oDBABZagIDBABe5dEDBABe5dUDBAFe5d4DBAFnKSwDBABnZoUDBAB8nnADBADC
JCEwDQYJKoZIhvcNAQELBQADggEBAN6imb75elVhWskEE2MF/g7ctffob36DONa1
wfvu1P2o+CjvldLpPJSSx3IzzBXWuzL/PrCNxT8YcDA8JbsKH7L24c3j4eE7P7hZ
gaQ56irzc1ENcGFB2rLkcavabwOeBTAPFhe7EliEjK/skhZtmRG9svW+7MMcv7X4
p27EWVCfwNYNnf+p6f/bpZ4H6DwCIhJz8zvTjylS9bFW4ldDF4WdS9jmCWUHhy5F
DF5dbemR8ebDE7LGF1JQy1CeqSTXJIRiqpfcnakY4noJ0v4TTZD88Zzhdstv+XN3
zRlyoBCe+lFCWqSVxHtFnfe9WkhkIDjIOZoQNQyL7haBQHmnoxs=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:39:49 2026 by rpki-client