Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/b1wxlax1fB1o13uLuH2hEJdpeRU.roa
File: b1wxlax1fB1o13uLuH2hEJdpeRU.roa (raw, json)
Hash identifier: ewkvAIPeH4KhQxaFQOn72A2T2c76d+mmTKDJPMqb0Q8=
Subject key identifier: 6F:5C:31:95:AC:75:7C:1D:68:D7:7B:8B:B8:7D:A1:10:97:69:79:15
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A5026ACF006EB2F3950919C1C0BF578AA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/b1wxlax1fB1o13uLuH2hEJdpeRU.roa
Signing time: Tue 04 Nov 2025 18:35:03 +0000
ROA not before: Tue 04 Nov 2025 18:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 14.102.227.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
43.242.136.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
89.106.16.0/24 maxlen: 24
89.106.18.0/24 maxlen: 24
89.106.21.0/24 maxlen: 24
89.106.22.0/24 maxlen: 24
89.106.23.0/24 maxlen: 24
94.229.218.0/24 maxlen: 24
103.102.132.0/24 maxlen: 24
124.158.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:26:ac:f0:06:eb:2f:39:50:91:9c:1c:0b:f5:78:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 4 18:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f5c3195ac757c1d68d77b8bb87da11097697915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:28:29:01:63:a7:83:8e:d1:de:90:40:55:4a:
34:40:ef:26:92:3e:3e:17:87:7b:fb:ff:5c:d9:8c:
cc:f7:52:59:0b:24:07:01:4e:e7:92:d9:89:9e:7b:
b5:1b:1e:ae:10:85:9e:22:49:d8:87:25:30:c7:f7:
c5:c2:0a:4e:10:e8:b7:fb:d9:53:f7:b7:72:8f:d2:
78:19:b1:07:05:cc:de:c7:2a:11:be:44:c6:58:94:
dd:24:67:52:3b:04:23:1e:38:4c:4e:f2:12:39:ef:
9c:08:2a:58:6a:c9:06:65:e8:ba:54:5b:cb:67:1c:
f0:d0:3f:c0:0c:d7:ec:e3:0b:64:a7:fb:85:92:57:
52:2a:0e:06:1b:33:ba:0c:54:20:61:00:f7:79:4f:
d7:e5:bc:09:e6:af:c4:dd:c2:9f:19:58:d9:8d:25:
60:3a:49:cc:1f:a8:c0:08:ca:e4:d4:ed:d4:f4:db:
bc:8a:da:e3:58:97:5a:e4:c9:0a:73:9f:0d:44:e1:
f2:a6:ec:1a:3b:44:8a:2b:5b:dc:b5:d6:26:10:bc:
92:2f:32:24:2c:6c:48:5f:62:fc:9f:9c:97:9a:74:
da:1f:1e:a9:ae:0e:20:be:f6:2d:3d:94:88:43:95:
7a:13:90:03:5a:2d:bf:b9:29:13:d5:8a:db:dd:bd:
53:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5C:31:95:AC:75:7C:1D:68:D7:7B:8B:B8:7D:A1:10:97:69:79:15
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/b1wxlax1fB1o13uLuH2hEJdpeRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.227.0/24
14.102.234.0/24
43.242.136.0/24
45.151.140.0/24
89.106.16.0/24
89.106.18.0/24
89.106.21.0-89.106.23.255
94.229.218.0/24
103.102.132.0/24
124.158.112.0/24
Signature Algorithm: sha256WithRSAEncryption
63:57:ba:c6:a6:32:f5:e6:af:7b:15:17:21:34:58:ae:9b:5d:
24:e1:16:20:60:b5:37:7f:00:51:4d:07:a4:52:06:03:6d:1a:
55:e0:e5:70:93:5d:52:23:46:5b:44:56:66:35:f7:de:21:3e:
57:77:3e:9b:0b:1c:7e:20:53:76:40:11:d5:ae:36:f6:7e:ef:
4b:9c:63:60:2b:80:b2:ae:07:09:c1:78:27:77:4a:a9:24:eb:
de:b0:08:af:d6:c6:37:7a:52:c8:44:5e:22:92:18:5f:66:ed:
6c:0b:f9:11:42:81:cf:73:4d:3e:70:48:04:a1:d3:91:c1:98:
73:a8:cf:00:e2:b5:bb:49:70:a0:04:b0:09:2b:63:7b:c7:6d:
d7:7b:2f:ec:8d:9e:74:29:85:f1:c8:ba:bf:1c:0e:af:33:cd:
d3:ad:cb:59:2f:fc:1d:f8:28:0c:87:b3:70:e5:4a:97:01:39:
d1:ca:a3:fb:29:ac:c3:5c:a0:de:77:88:62:0d:d7:33:b3:30:
97:98:f5:e8:7a:c3:fc:c8:1f:56:bf:5a:82:1d:16:08:e1:77:
a0:e8:86:09:95:c5:68:c1:b2:3c:09:d0:72:62:54:50:1c:d8:
f5:e6:b3:d6:67:f9:ec:16:1d:d6:a7:6b:f3:1f:47:e1:df:9b:
18:84:af:64
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZpQJqzwBusvOVCRnBwL9XiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMTA0MTgzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVjMzE5NWFjNzU3YzFkNjhkNzdiOGJiODdkYTExMDk3Njk3OTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ygpAWOng47R3pBAVUo0QO8mkj4+
F4d7+/9c2YzM91JZCyQHAU7nktmJnnu1Gx6uEIWeIknYhyUwx/fFwgpOEOi3+9lT
97dyj9J4GbEHBczexyoRvkTGWJTdJGdSOwQjHjhMTvISOe+cCCpYaskGZei6VFvL
Zxzw0D/ADNfs4wtkp/uFkldSKg4GGzO6DFQgYQD3eU/X5bwJ5q/E3cKfGVjZjSVg
OknMH6jACMrk1O3U9Nu8itrjWJda5MkKc58NROHypuwaO0SKK1vctdYmELySLzIk
LGxIX2L8n5yXmnTaHx6prg4gvvYtPZSIQ5V6E5ADWi2/uSkT1Yrb3b1TnQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFG9cMZWsdXwdaNd7i7h9oRCXaXkVMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvYjF3eGxheDFmQjFvMTN1THVIMmhFSmRwZVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQADmbjAwQA
DmbqAwQAK/KIAwQALZeMAwQAWWoQAwQAWWoSMAwDBABZahUDBANZahADBABe5doD
BABnZoQDBAB8nnAwDQYJKoZIhvcNAQELBQADggEBAGNXusamMvXmr3sVFyE0WK6b
XSThFiBgtTd/AFFNB6RSBgNtGlXg5XCTXVIjRltEVmY1994hPld3PpsLHH4gU3ZA
EdWuNvZ+70ucY2ArgLKuBwnBeCd3Sqkk696wCK/Wxjd6UshEXiKSGF9m7WwL+RFC
gc9zTT5wSASh05HBmHOozwDitbtJcKAEsAkrY3vHbdd7L+yNnnQphfHIur8cDq8z
zdOty1kv/B34KAyHs3DlSpcBOdHKo/sprMNcoN53iGIN1zOzMJeY9eh6w/zIH1a/
WoIdFgjhd6DohgmVxWjBsjwJ0HJiVFAc2PXms9Zn+ewWHdana/MfR+HfmxiEr2Q=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:03:12 2025 by rpki-client