Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GoD6GCRSw9JqgYLNBtaYzkfmXD4.roa
File: GoD6GCRSw9JqgYLNBtaYzkfmXD4.roa (raw, json)
Hash identifier: YRaXKSrGgG9kkNuqj84rvoNFWupR4nhuTDOerjxq0Os=
Subject key identifier: 1A:80:FA:18:24:52:C3:D2:6A:81:82:CD:06:D6:98:CE:47:E6:5C:3E
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019CA09A2621865EC2C82B75232666AD8373
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GoD6GCRSw9JqgYLNBtaYzkfmXD4.roa
Signing time: Fri 27 Feb 2026 19:36:22 +0000
ROA not before: Fri 27 Feb 2026 19:36:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.234.0/24 maxlen: 24
43.242.137.0/24 maxlen: 24
43.242.138.0/24 maxlen: 24
43.242.139.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
45.151.141.0/24 maxlen: 24
74.112.152.0/22 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.108.0/24 maxlen: 24
89.106.14.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
94.229.208.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.215.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.47.59.0/24 maxlen: 24
103.102.134.0/24 maxlen: 24
103.102.135.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
124.158.114.0/24 maxlen: 24
124.158.115.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
194.36.35.0/24 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:9a:26:21:86:5e:c2:c8:2b:75:23:26:66:ad:83:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Feb 27 19:36:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a80fa182452c3d26a8182cd06d698ce47e65c3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:88:dc:11:88:35:cc:34:36:23:89:d5:27:ce:
f1:4e:12:1c:c7:a1:06:1c:e2:89:50:75:f6:1d:2e:
2c:0f:06:d2:6e:a5:9a:b2:10:e2:98:a6:b7:04:3b:
c3:0b:22:a2:10:e6:3c:3b:55:c3:7a:3a:43:68:f3:
ea:67:df:98:59:8f:47:d9:55:6e:08:a8:28:20:70:
ad:d0:8e:9b:ba:d8:2b:fe:89:ce:1f:c0:3c:d0:36:
50:a7:24:f1:98:d7:77:90:e7:55:31:c9:37:84:c0:
84:aa:db:d7:e0:59:90:09:4c:f1:be:98:8b:83:da:
a3:b7:11:71:d1:3c:bc:d4:5a:cb:f8:ca:8b:c5:7f:
49:c2:08:30:55:9a:d2:8b:fd:71:db:a8:7d:22:4d:
35:8c:a0:e9:2e:26:67:a1:3c:41:05:73:b3:49:cf:
0e:51:a4:79:bb:12:0b:8c:70:c8:42:ea:b6:86:59:
35:31:7f:01:f9:13:61:b1:02:e5:60:ce:fb:3e:a1:
c9:b5:c2:06:97:83:27:de:2e:0f:49:dd:26:e6:e6:
30:b7:a8:ca:43:cf:7b:3e:67:f2:70:04:48:cc:3d:
a1:b4:da:71:04:de:79:a3:5e:dd:97:68:53:1c:cf:
a7:3e:29:be:e4:8c:11:8b:e0:1e:eb:d4:c1:8c:08:
fa:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:80:FA:18:24:52:C3:D2:6A:81:82:CD:06:D6:98:CE:47:E6:5C:3E
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/GoD6GCRSw9JqgYLNBtaYzkfmXD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.234.0/24
43.242.137.0-43.242.139.255
45.151.140.0/23
74.112.152.0/22
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
77.111.108.0/24
89.106.14.0/24
89.106.16.0/24
89.106.18.0/24
89.106.21.0-89.106.23.255
94.229.208.0/24
94.229.213.0/24
94.229.215.0/24
94.229.222.0/23
103.41.44.0/23
103.47.59.0/24
103.102.134.0/23
124.158.112.0/24
124.158.114.0/23
194.36.33.0/24
194.36.35.0/24
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:cc:9f:1e:24:cc:d1:bb:7d:66:74:0c:80:15:d8:21:36:df:
8f:b8:1c:5a:bb:f0:3d:c2:7c:26:16:65:fa:bf:d6:e1:65:52:
3c:8a:f9:95:bb:33:cf:26:91:75:17:9b:33:11:8f:e0:15:46:
37:7e:8d:4f:1d:cc:93:40:a1:2a:6b:1f:48:0c:c4:73:9b:41:
70:4d:2c:0a:c3:4a:73:93:1d:2b:3b:58:6f:5e:93:6e:09:05:
8b:1e:bf:8e:5f:9d:69:1f:30:fa:99:ae:e6:47:23:48:fa:87:
e8:5d:c0:84:21:cd:13:c6:0e:c3:f4:24:5c:49:29:61:bd:57:
d3:db:4d:a6:31:a1:73:e8:cf:2b:5f:19:f5:a1:64:22:6a:ca:
ed:49:0c:13:ef:22:af:12:79:25:fb:73:28:77:d6:40:c6:01:
a9:9d:24:e1:11:61:a5:ed:e6:04:29:62:5b:4b:de:71:69:7b:
4a:fa:f1:f0:f4:84:a5:f2:4b:b6:52:a2:d9:b1:17:51:63:a1:
e9:a3:31:23:0e:19:79:6b:9e:77:69:49:be:bf:de:b0:6b:ab:
42:d0:ba:96:9c:a0:90:d2:05:d2:69:8c:f2:4f:26:a6:86:28:
b3:d2:96:8e:6a:bc:59:c3:57:14:4e:69:94:c5:77:42:14:6d:
0d:66:de:d6
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZygmiYhhl7CyCt1IyZmrYNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMjI3MTkzNjIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTgwZmExODI0NTJjM2QyNmE4MTgyY2QwNmQ2OThjZTQ3ZTY1YzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YjcEYg1zDQ2I4nVJ87xThIcx6EG
HOKJUHX2HS4sDwbSbqWashDimKa3BDvDCyKiEOY8O1XDejpDaPPqZ9+YWY9H2VVu
CKgoIHCt0I6butgr/onOH8A80DZQpyTxmNd3kOdVMck3hMCEqtvX4FmQCUzxvpiL
g9qjtxFx0Ty81FrL+MqLxX9JwggwVZrSi/1x26h9Ik01jKDpLiZnoTxBBXOzSc8O
UaR5uxILjHDIQuq2hlk1MX8B+RNhsQLlYM77PqHJtcIGl4Mn3i4PSd0m5uYwt6jK
Q897PmfycARIzD2htNpxBN55o17dl2hTHM+nPim+5IwRi+Ae69TBjAj6CwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFBqA+hgkUsPSaoGCzQbWmM5H5lw+MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvR29ENkdDUlN3OUpxZ1lMTkJ0YVl6a2ZtWEQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBAEO
ZuIDBAAOZuowDAMEACvyiQMEAivyiAMEAS2XjAMEAkpwmAMEAk1vYAMEAU1vZgME
AE1vaQMEAE1vbAMEAFlqDgMEAFlqEAMEAFlqEjAMAwQAWWoVAwQDWWoQAwQAXuXQ
AwQAXuXVAwQAXuXXAwQBXuXeAwQBZyksAwQAZy87AwQBZ2aGAwQAfJ5wAwQBfJ5y
AwQAwiQhAwQAwiQjAwQCze1YMA0GCSqGSIb3DQEBCwUAA4IBAQBuzJ8eJMzRu31m
dAyAFdghNt+PuBxau/A9wnwmFmX6v9bhZVI8ivmVuzPPJpF1F5szEY/gFUY3fo1P
HcyTQKEqax9IDMRzm0FwTSwKw0pzkx0rO1hvXpNuCQWLHr+OX51pHzD6ma7mRyNI
+ofoXcCEIc0Txg7D9CRcSSlhvVfT202mMaFz6M8rXxn1oWQiasrtSQwT7yKvEnkl
+3Mod9ZAxgGpnSThEWGl7eYEKWJbS95xaXtK+vHw9ISl8ku2UqLZsRdRY6HpozEj
Dhl5a553aUm+v96wa6tC0LqWnKCQ0gXSaYzyTyamhiiz0paOarxZw1cUTmmUxXdC
FG0NZt7W
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:20:07 2026 by rpki-client