Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/nfzfnof43EeyY-yGFt5A9R9D2sA.roa
File: nfzfnof43EeyY-yGFt5A9R9D2sA.roa (raw, json)
Hash identifier: R/xTQSnBIy7YsSQe8wngHTfmhsFZqVHbDKSBjn5h7hA=
Subject key identifier: 9D:FC:DF:9E:87:F8:DC:47:B2:63:EC:86:16:DE:40:F5:1F:43:DA:C0
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019D97E994C4015C72F992405E7E4BBA6939
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/nfzfnof43EeyY-yGFt5A9R9D2sA.roa
Signing time: Thu 16 Apr 2026 20:09:20 +0000
ROA not before: Thu 16 Apr 2026 20:09:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.226.0/24 maxlen: 24
14.102.232.0/24 maxlen: 24
85.208.11.0/24 maxlen: 24
94.229.214.0/24 maxlen: 24
94.229.219.0/24 maxlen: 24
94.229.221.0/24 maxlen: 24
124.158.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:e9:94:c4:01:5c:72:f9:92:40:5e:7e:4b:ba:69:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 16 20:09:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9dfcdf9e87f8dc47b263ec8616de40f51f43dac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:1a:98:8d:f1:4d:84:f4:12:32:29:92:b4:
04:dc:dc:e1:79:7b:3b:41:af:3f:5b:8b:72:97:95:
46:2c:69:54:84:83:b4:f1:de:dc:d1:67:cb:e8:bf:
51:7e:94:ca:4c:a4:46:fa:04:ef:81:cb:90:1b:bb:
23:e0:81:0d:51:66:ee:68:5e:9a:07:50:c1:d6:73:
85:7d:fb:5e:71:66:14:e0:de:19:a0:8a:ff:75:2f:
25:2e:a6:e7:ac:0f:50:85:71:f9:52:94:13:e1:2b:
ba:e7:a3:7f:68:e6:30:20:c4:52:83:34:1e:2b:da:
6b:22:e9:ee:c8:5b:d8:fb:9d:1f:d5:50:1a:94:ae:
a0:c5:78:04:0d:a7:05:76:c2:23:48:cd:44:f2:41:
73:0f:bf:94:2d:aa:e4:2e:48:f3:2c:1c:25:ed:88:
6e:70:fe:1a:ae:8c:b2:6e:39:51:2e:93:8f:64:1c:
14:53:76:52:f5:d9:c5:9d:38:90:ae:b0:e4:4f:9e:
5b:38:5d:8e:a3:e9:2d:cf:f2:6f:b1:11:c5:0b:33:
13:60:c2:95:7c:2c:9b:93:48:8f:0a:3d:3a:73:e9:
c5:29:4b:99:51:09:96:c5:f9:4d:1e:9c:e5:64:81:
92:73:04:c9:4e:e4:4e:cb:7d:03:3c:cb:c1:02:65:
b4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FC:DF:9E:87:F8:DC:47:B2:63:EC:86:16:DE:40:F5:1F:43:DA:C0
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/nfzfnof43EeyY-yGFt5A9R9D2sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/24
14.102.232.0/24
85.208.11.0/24
94.229.214.0/24
94.229.219.0/24
94.229.221.0/24
124.158.101.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1a:09:85:52:af:5d:f7:b1:48:08:2e:b0:60:f7:ee:dd:ad:
46:4a:88:2e:33:c3:97:65:43:f7:2a:ab:6d:f6:12:f9:92:74:
6a:17:2a:d1:13:e4:be:1b:8a:4a:9c:be:6d:b6:f8:ca:40:be:
be:9f:c3:c4:9e:9a:47:0d:1f:9c:b6:bf:80:3c:23:9a:a1:8f:
16:0f:1f:2d:bc:90:d3:ea:fa:69:e8:81:d3:df:c8:99:1c:e9:
c3:d6:87:0f:e1:50:27:d7:d5:79:66:0d:d9:db:90:60:cc:cc:
d8:88:0e:db:86:8a:e2:b2:cf:16:d1:04:e6:cd:49:a1:b1:53:
f9:26:76:ac:73:9c:aa:54:97:63:4c:dd:36:f7:23:43:c6:34:
d5:b6:1e:25:60:ef:66:93:fc:9c:5f:f4:47:0f:77:60:4e:18:
cf:1c:52:0e:67:31:83:3e:49:f0:25:37:f7:bd:4a:33:78:ec:
09:09:44:97:ff:1e:96:c1:d4:3c:5a:b0:bb:e7:d2:13:31:22:
59:09:25:7e:14:3c:3c:cb:97:d6:62:b8:24:f1:8c:82:76:f1:
0a:64:75:98:d4:97:b9:5d:dd:90:f8:b0:cc:91:74:f8:8a:b8:
57:16:38:73:4a:57:20:f1:3c:25:13:f7:4f:66:95:6d:7c:e4:
fa:5e:31:fc
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ2X6ZTEAVxy+ZJAXn5Lumk5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwNDE2MjAwOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZjZGY5ZTg3ZjhkYzQ3YjI2M2VjODYxNmRlNDBmNTFmNDNkYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ycamI3xTYT0EjIpkrQE3NzheXs7
Qa8/W4tyl5VGLGlUhIO08d7c0WfL6L9RfpTKTKRG+gTvgcuQG7sj4IENUWbuaF6a
B1DB1nOFfftecWYU4N4ZoIr/dS8lLqbnrA9QhXH5UpQT4Su656N/aOYwIMRSgzQe
K9prIunuyFvY+50f1VAalK6gxXgEDacFdsIjSM1E8kFzD7+ULarkLkjzLBwl7Yhu
cP4aroyybjlRLpOPZBwUU3ZS9dnFnTiQrrDkT55bOF2Oo+ktz/JvsRHFCzMTYMKV
fCybk0iPCj06c+nFKUuZUQmWxflNHpzlZIGScwTJTuROy30DPMvBAmW09QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ38356H+NxHsmPshhbeQPUfQ9rAMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbmZ6Zm5vZjQzRWV5WS15R0Z0NUE5UjlEMnNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQADmbiAwQA
DmboAwQAVdALAwQAXuXWAwQAXuXbAwQAXuXdAwQAfJ5lMA0GCSqGSIb3DQEBCwUA
A4IBAQA7GgmFUq9d97FICC6wYPfu3a1GSoguM8OXZUP3Kqtt9hL5knRqFyrRE+S+
G4pKnL5ttvjKQL6+n8PEnppHDR+ctr+APCOaoY8WDx8tvJDT6vpp6IHT38iZHOnD
1ocP4VAn19V5Zg3Z25BgzMzYiA7bhoriss8W0QTmzUmhsVP5Jnasc5yqVJdjTN02
9yNDxjTVth4lYO9mk/ycX/RHD3dgThjPHFIOZzGDPknwJTf3vUozeOwJCUSX/x6W
wdQ8WrC759ITMSJZCSV+FDw8y5fWYrgk8YyCdvEKZHWY1Je5Xd2Q+LDMkXT4irhX
FjhzSlcg8TwlE/dPZpVtfOT6XjH8
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:38:41 2026 by rpki-client