Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uABT1LaKh-TGB1c-9iDqTzxM1jE.roa
File: uABT1LaKh-TGB1c-9iDqTzxM1jE.roa (raw, json)
Hash identifier: /5q3tzvRRh5nnsX0Wf/873YkJU9ao5sKlUjQ+49cFGI=
Subject key identifier: B8:00:53:D4:B6:8A:87:E4:C6:07:57:3E:F6:20:EA:4F:3C:4C:D6:31
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019A554C1F2296E29BD166D328F5BF73C06A
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uABT1LaKh-TGB1c-9iDqTzxM1jE.roa
Signing time: Wed 05 Nov 2025 18:34:03 +0000
ROA not before: Wed 05 Nov 2025 18:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
45.151.143.0/24 maxlen: 24
74.112.152.0/22 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
77.111.108.0/24 maxlen: 24
85.208.11.0/24 maxlen: 24
94.229.213.0/24 maxlen: 24
94.229.214.0/24 maxlen: 24
94.229.219.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
194.36.33.0/24 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 06:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:4c:1f:22:96:e2:9b:d1:66:d3:28:f5:bf:73:c0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Nov 5 18:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b80053d4b68a87e4c607573ef620ea4f3c4cd631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5a:21:52:5d:5e:4e:14:40:25:2e:0c:cd:c9:
29:f8:f7:f0:a8:75:f3:9e:64:82:ad:08:26:67:87:
61:8e:9a:6a:94:c4:dc:84:a6:f3:55:60:e4:9e:f6:
3c:5f:6e:4d:5d:a3:a3:55:95:9e:d2:4a:fc:17:b9:
97:4b:b8:46:b8:73:93:b9:ce:7f:35:5f:bf:cd:f6:
52:0c:85:42:a0:9e:05:ff:a1:4e:fa:d9:54:ec:cf:
d5:d6:c8:8e:af:ed:33:6e:7a:27:3a:08:0b:3d:cf:
99:f0:7e:2e:05:42:21:91:30:05:b6:31:de:ff:d4:
2f:ce:8b:0b:cd:e1:ee:83:e6:fb:3e:58:7b:ed:ac:
3b:cf:2c:49:8c:3f:8e:da:6b:94:2b:cb:b0:0a:eb:
ce:aa:8a:69:2c:56:e6:77:b7:30:81:aa:aa:76:af:
a5:8c:aa:f9:15:8c:ad:18:ad:5f:ee:43:4f:df:19:
0c:19:2f:f8:88:74:41:67:65:59:52:8b:24:cc:4d:
ab:7e:e1:56:8b:80:a4:70:0b:2e:cf:cc:44:d1:c3:
14:c9:e9:79:e4:3f:b4:93:dd:9d:6a:f1:dc:7f:63:
63:fc:d0:d2:8f:e2:bf:e2:1b:81:4a:13:36:7e:e3:
79:14:0f:ed:29:ae:85:5f:c4:41:09:15:99:7f:85:
a4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:00:53:D4:B6:8A:87:E4:C6:07:57:3E:F6:20:EA:4F:3C:4C:D6:31
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/uABT1LaKh-TGB1c-9iDqTzxM1jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
45.151.143.0/24
74.112.152.0/22
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
77.111.108.0/24
85.208.11.0/24
94.229.213.0-94.229.214.255
94.229.219.0/24
94.229.222.0/24
103.41.44.0/23
194.36.33.0/24
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
57:b8:aa:1b:c8:68:a1:cc:cf:2e:4f:72:65:37:e2:a6:f5:e0:
7f:3a:6b:9a:eb:b4:4f:c4:4e:f0:56:53:1c:7b:ff:90:b8:6c:
90:1c:5e:29:ac:ff:f5:cd:1d:fc:5e:1d:80:8b:c9:22:d9:98:
8b:69:b6:54:f0:96:d5:7a:d4:3f:5f:e5:47:a4:46:5c:d7:d0:
e5:6b:ca:48:07:0b:fc:2a:a4:06:f8:b4:fd:2f:1a:f1:66:2a:
ea:f3:09:e8:93:d1:5d:5f:17:a5:61:36:b2:5c:eb:3c:ac:21:
68:0f:fb:c7:ec:61:90:7b:58:81:a3:e3:25:26:a1:0d:e7:a7:
4b:4c:d5:a3:02:54:0d:3d:c3:f3:73:5e:dd:fa:e7:39:19:a7:
bd:42:65:25:d1:68:52:ee:1d:53:cc:1c:ba:f9:ae:81:73:2d:
4d:8f:39:4a:32:a9:29:8f:c9:f8:33:cb:92:0a:a9:fd:5b:58:
e8:9f:13:35:75:de:45:79:30:79:ad:29:5d:aa:d4:62:ce:ec:
cb:99:b4:02:c5:4a:82:03:35:bb:56:70:3b:00:31:f4:f0:14:
92:15:04:d8:95:84:f5:76:3c:48:af:ac:e0:d9:cf:ab:0f:a3:
1e:2d:dd:fc:24:37:ba:a9:97:f2:2b:08:36:f1:f5:a2:9c:a2:
33:00:d6:b9
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZpVTB8iluKb0WbTKPW/c8BqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUxMTA1MTgzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODAwNTNkNGI2OGE4N2U0YzYwNzU3M2VmNjIwZWE0ZjNjNGNkNjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVohUl1eThRAJS4Mzckp+PfwqHXz
nmSCrQgmZ4dhjppqlMTchKbzVWDknvY8X25NXaOjVZWe0kr8F7mXS7hGuHOTuc5/
NV+/zfZSDIVCoJ4F/6FO+tlU7M/V1siOr+0zbnonOggLPc+Z8H4uBUIhkTAFtjHe
/9QvzosLzeHug+b7Plh77aw7zyxJjD+O2muUK8uwCuvOqoppLFbmd7cwgaqqdq+l
jKr5FYytGK1f7kNP3xkMGS/4iHRBZ2VZUoskzE2rfuFWi4CkcAsuz8xE0cMUyel5
5D+0k92davHcf2Nj/NDSj+K/4huBShM2fuN5FA/tKa6FX8RBCRWZf4WkDQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLgAU9S2iofkxgdXPvYg6k88TNYxMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdUFCVDFMYUtoLVRHQjFjLTlpRHFUenhNMWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQBDmbiAwQA
LZePAwQCSnCYAwQCTW9gAwQBTW9mAwQATW9pAwQATW9sAwQAVdALMAwDBABe5dUD
BABe5dYDBABe5dsDBABe5d4DBAFnKSwDBADCJCEDBALN7VgwDQYJKoZIhvcNAQEL
BQADggEBAFe4qhvIaKHMzy5PcmU34qb14H86a5rrtE/ETvBWUxx7/5C4bJAcXims
//XNHfxeHYCLySLZmItptlTwltV61D9f5UekRlzX0OVrykgHC/wqpAb4tP0vGvFm
KurzCeiT0V1fF6VhNrJc6zysIWgP+8fsYZB7WIGj4yUmoQ3np0tM1aMCVA09w/Nz
Xt365zkZp71CZSXRaFLuHVPMHLr5roFzLU2POUoyqSmPyfgzy5IKqf1bWOifEzV1
3kV5MHmtKV2q1GLO7MuZtALFSoIDNbtWcDsAMfTwFJIVBNiVhPV2PEivrODZz6sP
ox4t3fwkN7qpl/IrCDbx9aKcojMA1rk=
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:37 2025 by rpki-client