Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lCeTjrXFiSgV1nryq0uuPkfFAT8.roa
File: lCeTjrXFiSgV1nryq0uuPkfFAT8.roa (raw, json)
Hash identifier: Ql1FmzXtlQ77KF7A+gcItlxBFH+0TkZZRODCF2vE7fc=
Subject key identifier: 94:27:93:8E:B5:C5:89:28:15:D6:7A:F2:AB:4B:AE:3E:47:C5:01:3F
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01976F28DABDC22ADD411468A20E83B07A59
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lCeTjrXFiSgV1nryq0uuPkfFAT8.roa
Signing time: Sat 14 Jun 2025 15:57:17 +0000
ROA not before: Sat 14 Jun 2025 15:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.227.0/24 maxlen: 24
14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
89.106.15.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.47.56.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
194.36.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6f:28:da:bd:c2:2a:dd:41:14:68:a2:0e:83:b0:7a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 14 15:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9427938eb5c5892815d67af2ab4bae3e47c5013f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:7e:5c:0e:f8:ea:9a:d8:ca:28:b5:ab:d4:bd:
c3:79:3f:ba:3c:1a:12:47:ea:38:4c:ba:74:85:9c:
15:68:5a:08:f5:30:c6:03:b9:cf:13:c5:43:ba:52:
2d:84:c5:a1:cd:e4:bf:04:7e:db:7d:77:02:c3:62:
cd:b9:27:40:f6:18:bb:d3:b3:fb:01:0d:ac:19:3f:
01:38:fd:59:e5:92:b3:44:4d:81:20:8f:05:c1:b0:
8a:e3:8d:55:9f:f2:f6:00:a3:ed:72:e3:0f:11:12:
ac:a4:60:d1:2d:14:a1:bf:7c:a4:5f:4e:59:1b:c4:
42:b8:51:76:bf:8f:b6:06:52:87:ff:88:a8:f3:24:
0a:71:8b:dd:9a:56:54:02:ab:6b:30:d1:01:5f:bd:
58:df:3c:ee:20:32:a0:cb:1a:88:52:07:35:88:af:
a5:5d:df:d0:23:90:0b:32:4c:6b:4d:04:4a:e4:6e:
67:30:d8:f6:56:64:bf:25:3f:75:7c:a3:8c:83:d1:
34:d4:17:47:d1:53:5e:fe:60:a1:e4:59:bc:60:58:
7e:5b:ae:34:e2:6f:7c:b9:13:57:fa:bd:ac:fb:03:
fd:b8:32:91:ee:85:14:d8:c8:82:07:54:a1:35:ac:
be:01:eb:1d:ef:87:9e:55:ae:a8:e2:5e:14:04:fe:
5a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:27:93:8E:B5:C5:89:28:15:D6:7A:F2:AB:4B:AE:3E:47:C5:01:3F
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/lCeTjrXFiSgV1nryq0uuPkfFAT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
14.102.234.0/24
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
89.106.2.0/24
89.106.15.0/24
94.229.212.0/24
94.229.220.0/24
94.229.222.0/23
103.47.56.0/24
103.47.59.0/24
194.36.33.0-194.36.34.255
Signature Algorithm: sha256WithRSAEncryption
c9:ff:d8:a4:ec:2e:03:ac:5c:08:69:c4:17:d1:e4:44:97:8d:
32:09:ca:17:30:fb:3c:2b:04:bc:a8:2d:c3:1a:21:dc:5a:dd:
a8:b3:49:a6:2d:42:12:af:b1:3e:35:0c:4d:d1:f4:e8:2b:b1:
87:80:38:8c:5c:d9:5e:90:60:66:0d:4d:8b:41:a0:2d:64:f1:
f2:58:70:02:8c:29:00:a9:62:7e:db:87:77:13:18:03:3a:4a:
fa:24:96:e8:cb:f3:1b:fc:ba:b5:5b:55:0e:c1:23:fc:dd:60:
c0:97:f3:af:5d:05:06:ad:59:21:99:3f:e9:ee:e2:2c:80:7f:
3f:11:9a:01:17:a4:1b:0e:d2:5c:3e:bf:44:64:b0:d2:44:02:
83:c3:2d:4b:7a:07:2b:c4:1d:5b:2d:b9:fe:b1:60:35:1e:4f:
66:7c:0c:b9:71:21:5e:08:c0:c3:94:04:59:0a:58:6d:26:2f:
19:d1:04:46:fc:f2:85:83:9b:cb:28:70:98:95:25:b2:37:14:
3f:24:64:29:df:3b:f4:bd:09:9e:12:d8:c6:ff:1a:bc:65:38:
87:53:fa:9e:ce:db:0b:9e:14:f8:fd:e6:f5:e9:3f:f4:06:42:
fc:91:4f:b1:d9:3d:00:5d:79:74:d9:60:72:ca:6e:d2:f3:0b:
0c:53:51:cf
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZdvKNq9wirdQRRoog6DsHpZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjE0MTU1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI3OTM4ZWI1YzU4OTI4MTVkNjdhZjJhYjRiYWUzZTQ3YzUwMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3n5cDvjqmtjKKLWr1L3DeT+6PBoS
R+o4TLp0hZwVaFoI9TDGA7nPE8VDulIthMWhzeS/BH7bfXcCw2LNuSdA9hi707P7
AQ2sGT8BOP1Z5ZKzRE2BII8FwbCK441Vn/L2AKPtcuMPERKspGDRLRShv3ykX05Z
G8RCuFF2v4+2BlKH/4io8yQKcYvdmlZUAqtrMNEBX71Y3zzuIDKgyxqIUgc1iK+l
Xd/QI5ALMkxrTQRK5G5nMNj2VmS/JT91fKOMg9E01BdH0VNe/mCh5Fm8YFh+W640
4m98uRNX+r2s+wP9uDKR7oUU2MiCB1ShNay+Aesd74eeVa6o4l4UBP5a+wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFJQnk461xYkoFdZ68qtLrj5HxQE/MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbENlVGpyWEZpU2dWMW5yeXEwdXVQa2ZGQVQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQBDmbiAwQA
DmbqAwQALZeMAwQCTW9gAwQBTW9mAwQATW9pAwQAWWoCAwQAWWoPAwQAXuXUAwQA
XuXcAwQBXuXeAwQAZy84AwQAZy87MAwDBADCJCEDBADCJCIwDQYJKoZIhvcNAQEL
BQADggEBAMn/2KTsLgOsXAhpxBfR5ESXjTIJyhcw+zwrBLyoLcMaIdxa3aizSaYt
QhKvsT41DE3R9OgrsYeAOIxc2V6QYGYNTYtBoC1k8fJYcAKMKQCpYn7bh3cTGAM6
SvoklujL8xv8urVbVQ7BI/zdYMCX869dBQatWSGZP+nu4iyAfz8RmgEXpBsO0lw+
v0RksNJEAoPDLUt6ByvEHVstuf6xYDUeT2Z8DLlxIV4IwMOUBFkKWG0mLxnRBEb8
8oWDm8socJiVJbI3FD8kZCnfO/S9CZ4S2Mb/GrxlOIdT+p7O2wueFPj95vXpP/QG
QvyRT7HZPQBdeXTZYHLKbtLzCwxTUc8=
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:53:24 2025 by rpki-client