Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZaOChiLR4frKuuBBbTMd_HGkmQ.roa
File: vZaOChiLR4frKuuBBbTMd_HGkmQ.roa (raw, json)
Hash identifier: hlJx+1/iH5TVehSBlx7A2kgfZF6kVvOJJE2MQ6/Gtl0=
Subject key identifier: BD:96:8E:0A:18:8B:47:87:EB:2A:EB:81:05:B4:CC:77:F1:C6:92:64
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01977EC26324A85C07C24B1CE556E75C6E22
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZaOChiLR4frKuuBBbTMd_HGkmQ.roa
Signing time: Tue 17 Jun 2025 16:39:17 +0000
ROA not before: Tue 17 Jun 2025 16:39:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.227.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
89.106.15.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.220.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
194.36.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 16:43:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:c2:63:24:a8:5c:07:c2:4b:1c:e5:56:e7:5c:6e:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 17 16:39:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd968e0a188b4787eb2aeb8105b4cc77f1c69264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d2:23:ae:b2:ab:ac:be:f5:51:38:14:b4:91:
ff:b3:cb:5a:8c:b1:cb:00:f0:8c:f3:75:0c:25:bb:
05:fc:0d:73:ce:62:17:0d:a0:c5:cc:c6:e7:41:52:
f3:73:e6:e5:d2:83:9c:aa:78:33:a7:02:5a:23:28:
fd:55:a1:00:44:13:2c:ff:5a:b1:31:6e:6d:86:3d:
9f:75:3c:9f:6f:65:9b:fb:77:b1:2f:7a:ac:77:ed:
39:a9:97:3b:9b:26:26:8c:b7:ac:b0:81:af:71:62:
d9:6b:cc:26:9d:c0:93:75:ea:b3:4d:cb:2c:c7:b9:
7d:12:b0:ad:0c:60:30:fa:d0:d1:40:46:a6:83:61:
00:0c:b6:f0:1b:ae:0b:fe:65:34:0e:db:a6:c8:11:
45:7c:b5:67:9a:0f:54:04:44:a3:74:73:30:40:1c:
93:e8:b2:a3:db:92:de:88:02:7b:c7:a7:fc:f9:81:
20:80:06:42:43:5b:4c:5c:15:29:6b:40:e3:e2:d9:
3c:d7:4e:97:63:12:3b:80:04:28:b9:5d:b2:76:74:
f6:27:1b:9f:7c:19:00:15:0b:81:4f:e2:de:a2:6b:
ff:b6:61:da:ee:87:a8:5f:f4:22:79:ba:e8:0c:3e:
09:e4:ef:c2:a9:26:dc:6a:94:12:d5:74:0b:5e:44:
6e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:96:8E:0A:18:8B:47:87:EB:2A:EB:81:05:B4:CC:77:F1:C6:92:64
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/vZaOChiLR4frKuuBBbTMd_HGkmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
89.106.2.0/24
89.106.15.0/24
94.229.212.0/24
94.229.220.0/24
94.229.222.0/23
103.47.59.0/24
194.36.33.0-194.36.34.255
Signature Algorithm: sha256WithRSAEncryption
6e:a6:2b:1e:b5:3b:71:7a:65:97:f8:6b:af:ca:4d:fb:48:93:
c7:fb:5d:7c:97:aa:fc:d7:0e:6a:cd:5a:16:ed:33:69:ed:59:
92:f0:43:81:e3:db:e1:e8:95:b7:c1:ac:f1:21:9f:03:cb:b1:
77:6e:d0:34:79:1f:a6:46:0d:3c:f9:f1:1e:ee:b1:cc:be:51:
5a:d7:98:fa:41:22:6a:0d:38:0f:49:6c:6c:00:b1:3b:c2:b5:
92:36:18:58:96:4d:36:5b:50:86:f1:d6:3c:51:5d:10:0c:ca:
aa:a8:99:14:8f:59:95:d9:73:d2:5c:49:b1:08:0d:64:7d:21:
c2:40:7a:83:83:17:2b:24:0c:ea:08:4f:11:32:65:1a:29:14:
ba:80:1a:46:9d:fe:79:3a:e2:58:25:98:f3:f6:4a:1c:fc:52:
16:9f:d5:d4:ba:1b:35:45:1d:5b:12:a8:b7:f6:7e:23:d9:ab:
18:fb:dd:89:2e:f4:55:3f:d9:63:7a:3a:5a:b0:7b:28:3c:01:
d3:76:85:2c:8b:ac:1e:07:82:19:e6:54:21:64:b7:59:9b:68:
9b:56:44:fe:09:b6:13:99:56:49:e6:6c:98:56:d2:df:c8:4d:
4d:67:4b:a3:fd:d1:59:2e:68:d4:99:d4:fe:30:87:c3:1f:81:
00:23:78:c5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZd+wmMkqFwHwksc5VbnXG4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjE3MTYzOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDk2OGUwYTE4OGI0Nzg3ZWIyYWViODEwNWI0Y2M3N2YxYzY5MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodIjrrKrrL71UTgUtJH/s8tajLHL
APCM83UMJbsF/A1zzmIXDaDFzMbnQVLzc+bl0oOcqngzpwJaIyj9VaEARBMs/1qx
MW5thj2fdTyfb2Wb+3exL3qsd+05qZc7myYmjLessIGvcWLZa8wmncCTdeqzTcss
x7l9ErCtDGAw+tDRQEamg2EADLbwG64L/mU0DtumyBFFfLVnmg9UBESjdHMwQByT
6LKj25LeiAJ7x6f8+YEggAZCQ1tMXBUpa0Dj4tk8106XYxI7gAQouV2ydnT2Jxuf
fBkAFQuBT+Leomv/tmHa7oeoX/QiebroDD4J5O/CqSbcapQS1XQLXkRuUQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFL2WjgoYi0eH6yrrgQW0zHfxxpJkMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdlphT0NoaUxSNGZyS3V1QkJiVE1kX0hHa21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBDmbiAwQA
LZeMAwQCTW9gAwQBTW9mAwQATW9pAwQAWWoCAwQAWWoPAwQAXuXUAwQAXuXcAwQB
XuXeAwQAZy87MAwDBADCJCEDBADCJCIwDQYJKoZIhvcNAQELBQADggEBAG6mKx61
O3F6ZZf4a6/KTftIk8f7XXyXqvzXDmrNWhbtM2ntWZLwQ4Hj2+HolbfBrPEhnwPL
sXdu0DR5H6ZGDTz58R7uscy+UVrXmPpBImoNOA9JbGwAsTvCtZI2GFiWTTZbUIbx
1jxRXRAMyqqomRSPWZXZc9JcSbEIDWR9IcJAeoODFyskDOoITxEyZRopFLqAGkad
/nk64lglmPP2Shz8Uhaf1dS6GzVFHVsSqLf2fiPZqxj73Yku9FU/2WN6Olqweyg8
AdN2hSyLrB4HghnmVCFkt1mbaJtWRP4JthOZVknmbJhW0t/ITU1nS6P90VkuaNSZ
1P4wh8MfgQAjeMU=
-----END CERTIFICATE-----
Generated at Wed Jun 18 01:41:51 2025 by rpki-client