Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7nFl2d1fNa-S_kEy5_Fn2GX1FtI.roa
File: 7nFl2d1fNa-S_kEy5_Fn2GX1FtI.roa (raw, json)
Hash identifier: O+xbrYgsIgUqFbkRDFmuvgbsFshp/1CCY8iGKT0bVQ8=
Subject key identifier: EE:71:65:D9:DD:5F:35:AF:92:FE:41:32:E7:F1:67:D8:65:F5:16:D2
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0197B25CBA57A4B3E9E2F8481ED20DC6264D
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7nFl2d1fNa-S_kEy5_Fn2GX1FtI.roa
Signing time: Fri 27 Jun 2025 17:08:30 +0000
ROA not before: Fri 27 Jun 2025 17:08:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 14.102.226.0/23 maxlen: 24
14.102.227.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
89.106.2.0/24 maxlen: 24
94.229.212.0/24 maxlen: 24
94.229.222.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
103.47.59.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
194.36.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 11:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b2:5c:ba:57:a4:b3:e9:e2:f8:48:1e:d2:0d:c6:26:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jun 27 17:08:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee7165d9dd5f35af92fe4132e7f167d865f516d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:93:28:4e:37:ea:1e:eb:96:8e:78:97:c1:
e7:01:f9:61:fa:ef:4e:55:fc:26:62:44:62:e9:da:
ce:19:1c:2a:fa:d8:ca:a6:9f:51:f9:3c:1e:f6:a3:
7a:10:00:93:d3:b0:b0:50:78:72:26:ec:0f:ce:49:
47:d4:03:c1:fe:62:53:72:d9:29:26:11:50:c4:17:
6b:55:7f:70:ed:88:04:62:b6:52:7e:68:41:f3:96:
39:75:12:d2:15:a6:26:3a:07:be:9e:02:90:01:d7:
95:8b:09:ae:fe:85:d7:26:13:50:1a:04:b8:d6:db:
ba:62:62:d1:4f:ee:a5:a2:e4:9e:aa:5a:29:7f:f9:
5e:2f:67:c5:c6:7c:25:1f:83:d2:98:93:b5:d2:0f:
19:d7:84:6e:e8:64:03:5b:f3:1d:35:1c:6b:06:86:
5d:40:b6:01:04:11:d5:a2:07:7f:e0:3b:24:35:a6:
b8:a3:e0:ef:13:a0:03:91:5a:38:8d:35:c1:4c:51:
89:d1:ac:88:9c:c1:fc:70:fa:a3:3c:16:fe:ef:df:
46:2e:74:79:a7:31:7c:4a:72:12:58:6a:3d:f8:e9:
ad:58:9a:25:92:c5:fe:59:06:04:8f:2e:46:9d:1d:
42:47:52:cc:6d:5a:01:d3:2a:28:a3:d1:f0:4b:a4:
1a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:71:65:D9:DD:5F:35:AF:92:FE:41:32:E7:F1:67:D8:65:F5:16:D2
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7nFl2d1fNa-S_kEy5_Fn2GX1FtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.226.0/23
45.151.140.0/24
77.111.96.0/22
77.111.102.0/23
77.111.105.0/24
89.106.2.0/24
94.229.212.0/24
94.229.222.0/23
103.47.59.0/24
194.36.33.0-194.36.34.255
Signature Algorithm: sha256WithRSAEncryption
4f:b2:81:6e:b0:50:c2:8a:62:e1:65:f6:8a:f0:4c:f6:d4:32:
bb:7d:8b:0e:e9:53:8a:3a:48:7c:ec:91:0a:3a:7c:54:4e:26:
a6:c2:e5:16:d1:a6:89:e5:d2:ec:86:d8:6d:0c:cf:cf:91:20:
01:b7:fd:fe:e3:0c:36:58:68:01:cf:06:dd:bb:88:bc:cd:ca:
9c:d1:f7:74:75:22:7f:fb:7b:f3:87:86:c8:65:fa:7a:62:77:
98:18:9c:9f:76:7a:de:62:31:49:ec:93:84:43:96:db:ca:2b:
b0:dd:ac:51:6a:e4:e9:71:c2:94:ff:4c:d9:64:67:84:ed:6e:
64:c8:8c:1d:5f:02:8c:12:ec:b1:b0:b3:e4:70:67:e7:58:ed:
b4:0b:5f:89:bf:e1:67:46:5d:9c:8e:92:d6:8a:b8:38:87:11:
d5:b2:d6:cd:47:64:3e:dc:5f:67:60:69:13:7a:66:00:9a:d0:
ee:c7:4b:4e:27:9d:27:72:85:b2:69:d7:41:5f:bc:05:aa:c1:
98:a5:fb:3f:e7:cf:f0:5a:f2:ee:da:bf:a9:3d:6b:0d:ee:93:
bc:2d:19:fa:48:5b:f4:f5:f0:c7:47:d4:b2:45:5b:30:42:4d:
7f:fe:a3:ca:02:03:cf:05:fe:e3:e1:a3:b3:4c:5a:70:97:4a:
88:97:a1:1f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZeyXLpXpLPp4vhIHtINxiZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNjI3MTcwODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTcxNjVkOWRkNWYzNWFmOTJmZTQxMzJlN2YxNjdkODY1ZjUxNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsleTKE436h7rlo54l8HnAflh+u9O
VfwmYkRi6drOGRwq+tjKpp9R+Twe9qN6EACT07CwUHhyJuwPzklH1APB/mJTctkp
JhFQxBdrVX9w7YgEYrZSfmhB85Y5dRLSFaYmOge+ngKQAdeViwmu/oXXJhNQGgS4
1tu6YmLRT+6louSeqlopf/leL2fFxnwlH4PSmJO10g8Z14Ru6GQDW/MdNRxrBoZd
QLYBBBHVogd/4DskNaa4o+DvE6ADkVo4jTXBTFGJ0ayInMH8cPqjPBb+799GLnR5
pzF8SnISWGo9+OmtWJolksX+WQYEjy5GnR1CR1LMbVoB0yooo9HwS6QafQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFO5xZdndXzWvkv5BMufxZ9hl9RbSMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvN25GbDJkMWZOYS1TX2tFeTVfRm4yR1gxRnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBDmbiAwQA
LZeMAwQCTW9gAwQBTW9mAwQATW9pAwQAWWoCAwQAXuXUAwQBXuXeAwQAZy87MAwD
BADCJCEDBADCJCIwDQYJKoZIhvcNAQELBQADggEBAE+ygW6wUMKKYuFl9orwTPbU
Mrt9iw7pU4o6SHzskQo6fFROJqbC5RbRponl0uyG2G0Mz8+RIAG3/f7jDDZYaAHP
Bt27iLzNypzR93R1In/7e/OHhshl+npid5gYnJ92et5iMUnsk4RDltvKK7DdrFFq
5OlxwpT/TNlkZ4TtbmTIjB1fAowS7LGws+RwZ+dY7bQLX4m/4WdGXZyOktaKuDiH
EdWy1s1HZD7cX2dgaRN6ZgCa0O7HS04nnSdyhbJp10FfvAWqwZil+z/nz/Ba8u7a
v6k9aw3uk7wtGfpIW/T18MdH1LJFWzBCTX/+o8oCA88F/uPho7NMWnCXSoiXoR8=
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:45:56 2025 by rpki-client