Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q_ZBladZq9H-IqPSJzQVLjG7NIc.roa
File: q_ZBladZq9H-IqPSJzQVLjG7NIc.roa (raw, json)
Hash identifier: 8nFvGJB89uV6djz8ORdX8NzmQiyTIVAdFYcsru2CxIU=
Subject key identifier: AB:F6:41:95:A7:59:AB:D1:FE:22:A3:D2:27:34:15:2E:31:BB:34:87
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019D30D8F3FA546B8D182736B3B5B318A3FA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q_ZBladZq9H-IqPSJzQVLjG7NIc.roa
Signing time: Fri 27 Mar 2026 19:50:17 +0000
ROA not before: Fri 27 Mar 2026 19:50:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
77.111.100.0/24 maxlen: 24
77.111.102.0/23 maxlen: 24
77.111.105.0/24 maxlen: 24
94.229.209.0/24 maxlen: 24
103.41.44.0/23 maxlen: 24
103.41.46.0/23 maxlen: 24
103.47.59.0/24 maxlen: 24
124.158.113.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:30:d8:f3:fa:54:6b:8d:18:27:36:b3:b5:b3:18:a3:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Mar 27 19:50:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=abf64195a759abd1fe22a3d22734152e31bb3487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:10:64:b3:03:d3:a0:29:98:f2:44:b1:d7:
8b:d3:6d:6f:04:bb:19:85:df:ab:c7:e6:7a:61:5a:
8f:20:b0:38:b2:3d:12:15:78:40:e3:3e:7a:c1:e4:
14:1d:a8:ab:03:11:dc:95:d4:e7:ad:fa:ad:f6:c8:
97:62:77:5a:28:e9:10:45:12:c8:ec:89:81:86:0d:
48:f6:18:b0:d9:15:74:a9:5a:b7:63:07:e3:1f:04:
d0:3f:b3:4d:ec:5a:e9:25:0e:11:59:1a:fb:81:15:
00:04:53:23:40:72:e3:b7:10:e8:da:cf:3e:dd:47:
56:07:59:b4:6c:86:4f:3a:44:3a:71:66:04:fd:a7:
aa:7d:a0:c9:59:31:4b:17:ac:f9:f2:91:d7:c6:31:
eb:6b:da:22:7a:8f:2b:70:dd:16:99:56:5b:47:8c:
a8:ac:d3:08:1a:ef:e9:58:b9:c5:d2:ff:1c:d3:72:
8b:57:d2:6a:5a:e3:b8:bc:12:5c:b1:47:db:88:76:
19:ba:9b:5d:e1:03:e0:d3:c6:fa:81:f1:58:9a:80:
0c:38:1c:81:77:4a:d0:00:e4:90:05:39:e1:41:6e:
04:01:1e:43:aa:d4:eb:a3:0a:65:a8:06:4d:ff:ad:
fe:ed:08:41:2b:44:17:36:88:91:1f:ef:88:9f:32:
fc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:F6:41:95:A7:59:AB:D1:FE:22:A3:D2:27:34:15:2E:31:BB:34:87
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/q_ZBladZq9H-IqPSJzQVLjG7NIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
45.151.140.0/24
77.111.96.0-77.111.100.255
77.111.102.0/23
77.111.105.0/24
94.229.209.0/24
103.41.44.0/22
103.47.59.0/24
124.158.113.0/24
194.36.33.0/24
Signature Algorithm: sha256WithRSAEncryption
64:09:bc:79:64:0b:7e:f7:54:cf:b1:cf:6c:c4:a9:78:17:9e:
e1:5e:ff:b5:a0:2f:8c:f8:24:84:e5:69:44:50:49:41:3d:a4:
5f:27:35:43:3f:82:7a:d4:74:cf:d9:58:bc:45:2d:49:59:ba:
6c:71:f0:f7:96:ac:1c:2d:30:b5:6c:16:f1:a6:a6:d7:55:63:
97:3e:a3:51:e3:0e:1e:bf:06:c4:3c:84:eb:a1:cd:a2:7f:96:
d0:fb:98:b4:72:c0:f6:7b:4e:f7:3d:12:2e:87:23:8b:15:80:
af:42:cb:21:ab:16:6d:72:da:5c:4b:09:e1:5a:d7:53:c5:46:
88:ae:9f:84:29:c8:83:21:de:58:42:f9:c7:12:d1:dc:97:8e:
7e:a8:6d:df:89:20:1c:c8:ff:ff:4a:d3:4c:91:2b:8f:c3:f0:
ea:1f:bd:45:72:f3:7a:0d:78:f7:76:c4:bd:7f:80:77:98:9f:
c3:48:03:2a:05:df:6f:20:1a:8d:28:6a:e3:3f:63:56:f9:cc:
d0:fb:e0:2f:f4:08:fb:9c:96:76:f8:63:9a:7f:bb:be:b6:b1:
c5:95:a4:32:c9:74:48:b5:3d:a4:f1:d6:c5:e6:83:fc:34:74:
57:85:09:b4:af:8d:10:57:92:4c:85:e7:23:d6:16:e2:49:f3:
07:5e:09:0d
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ0w2PP6VGuNGCc2s7WzGKP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjYwMzI3MTk1MDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmY2NDE5NWE3NTlhYmQxZmUyMmEzZDIyNzM0MTUyZTMxYmIzNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8MQZLMD06ApmPJEsdeL021vBLsZ
hd+rx+Z6YVqPILA4sj0SFXhA4z56weQUHairAxHcldTnrfqt9siXYndaKOkQRRLI
7ImBhg1I9hiw2RV0qVq3YwfjHwTQP7NN7FrpJQ4RWRr7gRUABFMjQHLjtxDo2s8+
3UdWB1m0bIZPOkQ6cWYE/aeqfaDJWTFLF6z58pHXxjHra9oieo8rcN0WmVZbR4yo
rNMIGu/pWLnF0v8c03KLV9JqWuO4vBJcsUfbiHYZuptd4QPg08b6gfFYmoAMOByB
d0rQAOSQBTnhQW4EAR5DqtTrowplqAZN/63+7QhBK0QXNoiRH++InzL86wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKv2QZWnWavR/iKj0ic0FS4xuzSHMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvcV9aQmxhZFpxOUgtSXFQU0p6UVZMakc3TkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQADmbqAwQA
LZeMMAwDBAVNb2ADBABNb2QDBAFNb2YDBABNb2kDBABe5dEDBAJnKSwDBABnLzsD
BAB8nnEDBADCJCEwDQYJKoZIhvcNAQELBQADggEBAGQJvHlkC373VM+xz2zEqXgX
nuFe/7WgL4z4JITlaURQSUE9pF8nNUM/gnrUdM/ZWLxFLUlZumxx8PeWrBwtMLVs
FvGmptdVY5c+o1HjDh6/BsQ8hOuhzaJ/ltD7mLRywPZ7Tvc9Ei6HI4sVgK9CyyGr
Fm1y2lxLCeFa11PFRoiun4QpyIMh3lhC+ccS0dyXjn6obd+JIBzI//9K00yRK4/D
8OofvUVy83oNePd2xL1/gHeYn8NIAyoF328gGo0oauM/Y1b5zND74C/0CPuclnb4
Y5p/u762scWVpDLJdEi1PaTx1sXmg/w0dFeFCbSvjRBXkkyF5yPWFuJJ8wdeCQ0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 14:52:36 2026 by rpki-client