Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/11gOlPgfEOm3x9J4WMCja7bIIgU.roa
File: 11gOlPgfEOm3x9J4WMCja7bIIgU.roa (raw, json)
Hash identifier: 0b4yz2esaPYcTHyx3m3d3j8PiY7qwt7Gx5VsV7rwocg=
Subject key identifier: D7:58:0E:94:F8:1F:10:E9:B7:C7:D2:78:58:C0:A3:6B:B6:C8:22:05
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0196A6790347FE153B414C09AE1CA1A7A624
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/11gOlPgfEOm3x9J4WMCja7bIIgU.roa
Signing time: Tue 06 May 2025 16:41:10 +0000
ROA not before: Tue 06 May 2025 16:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a6:79:03:47:fe:15:3b:41:4c:09:ae:1c:a1:a7:a6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 6 16:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7580e94f81f10e9b7c7d27858c0a36bb6c82205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:8a:6f:25:f0:06:c9:35:23:0e:49:ba:87:6d:
1d:5d:ed:d2:6f:db:5a:ae:c2:9e:16:22:e2:3f:c6:
37:01:94:56:e1:87:50:6b:72:af:d5:2b:73:d8:64:
f2:34:9b:29:4c:e1:15:4d:ef:4f:8e:0c:be:c7:26:
ef:3d:8c:3b:68:e7:4b:b2:03:7c:6b:86:d0:dc:f1:
56:c2:e8:8d:3c:c3:43:0f:59:b3:6b:c8:a3:e4:fe:
e1:28:f5:45:20:fe:a2:12:e7:67:fd:a9:00:67:21:
1e:bb:ec:ce:e0:0b:2e:24:40:93:af:2a:bd:03:eb:
15:51:24:6b:03:d1:97:82:75:9a:c9:bd:37:b8:53:
5c:84:9b:3e:07:4f:25:35:fb:88:25:8f:88:ad:67:
b3:51:4b:22:6c:96:06:26:e0:cc:3d:04:5c:87:8f:
f4:b0:4d:85:5a:ea:b2:16:21:b1:4c:81:b2:f3:6b:
75:0b:61:73:9f:9b:ba:58:21:5f:a1:06:da:1e:8c:
e0:9d:69:89:6b:b3:45:50:73:92:f5:df:7c:7e:e9:
3e:79:e8:7f:a4:44:ef:c9:1f:82:e6:10:3f:30:38:
1d:e7:dd:af:a2:bd:45:8a:bd:9d:11:7f:52:96:11:
59:05:f2:dc:12:51:9f:0d:23:eb:18:de:e1:43:28:
ab:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:58:0E:94:F8:1F:10:E9:B7:C7:D2:78:58:C0:A3:6B:B6:C8:22:05
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/11gOlPgfEOm3x9J4WMCja7bIIgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.63.0/24
84.32.107.0/24
84.32.149.0/24
84.32.151.0-84.32.152.255
84.32.154.0/24
84.32.156.0/24
84.32.177.0/24
84.32.218.0/24
84.32.244.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
91:9d:59:48:f6:7b:5d:73:50:b2:c8:0c:79:30:d3:99:74:b2:
36:23:5c:e1:f1:c2:19:a1:bd:eb:15:08:5f:38:5b:35:37:21:
3a:42:2d:68:4d:f6:ad:8a:17:7c:cf:30:d9:47:92:f3:b0:40:
b9:09:a3:fa:83:30:22:3e:25:78:57:c8:7d:25:df:ef:f4:da:
97:a9:f2:d4:3c:06:bc:b1:84:5b:a9:8c:2d:17:a2:59:1d:a8:
ab:c1:53:f4:5e:38:ac:b0:bb:7e:eb:63:a4:c7:6c:65:74:e4:
cd:80:22:d1:4a:eb:9d:01:ba:f6:f8:14:14:6e:e8:80:88:72:
66:3a:85:44:fa:3b:5f:c6:4e:32:85:fc:59:5a:4a:87:95:05:
db:e1:48:36:e7:52:72:65:b6:81:3b:2b:66:96:a5:89:22:dc:
01:af:98:64:c3:74:55:c2:78:50:b2:7a:d1:50:cb:d4:a3:c3:
5f:cd:27:e2:55:f3:cd:8e:42:e7:4a:e4:19:86:6d:59:af:58:
79:c3:b8:70:0d:08:bd:05:a6:1a:a8:66:fd:8c:c3:9e:50:95:
c4:24:dc:32:30:0f:44:12:64:7d:35:10:36:51:89:96:be:dd:
f9:ee:e2:bf:4b:95:9f:e2:92:2a:e7:c9:4b:cc:88:de:fd:f4:
a7:c9:46:bb
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZameQNH/hU7QUwJrhyhp6YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNTA2MTY0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzU4MGU5NGY4MWYxMGU5YjdjN2QyNzg1OGMwYTM2YmI2YzgyMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApopvJfAGyTUjDkm6h20dXe3Sb9ta
rsKeFiLiP8Y3AZRW4YdQa3Kv1Stz2GTyNJspTOEVTe9Pjgy+xybvPYw7aOdLsgN8
a4bQ3PFWwuiNPMNDD1mza8ij5P7hKPVFIP6iEudn/akAZyEeu+zO4AsuJECTryq9
A+sVUSRrA9GXgnWayb03uFNchJs+B08lNfuIJY+IrWezUUsibJYGJuDMPQRch4/0
sE2FWuqyFiGxTIGy82t1C2Fzn5u6WCFfoQbaHozgnWmJa7NFUHOS9d98fuk+eeh/
pETvyR+C5hA/MDgd592vor1Fir2dEX9SlhFZBfLcElGfDSPrGN7hQyir5wIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFNdYDpT4HxDpt8fSeFjAo2u2yCIFMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMTFnT2xQZ2ZFT20zeDlKNFdNQ2phN2JJSWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAVCAPAwQA
VCAYAwQAVCA/AwQAVCBrAwQAVCCVMAwDBABUIJcDBABUIJgDBABUIJoDBABUIJwD
BABUILEDBABUINoDBABUIPQDBABY2CkDBABY2LowDQYJKoZIhvcNAQELBQADggEB
AJGdWUj2e11zULLIDHkw05l0sjYjXOHxwhmhvesVCF84WzU3ITpCLWhN9q2KF3zP
MNlHkvOwQLkJo/qDMCI+JXhXyH0l3+/02pep8tQ8BryxhFupjC0XolkdqKvBU/Re
OKywu37rY6THbGV05M2AItFK650Buvb4FBRu6ICIcmY6hUT6O1/GTjKF/FlaSoeV
BdvhSDbnUnJltoE7K2aWpYki3AGvmGTDdFXCeFCyetFQy9Sjw1/NJ+JV882OQudK
5BmGbVmvWHnDuHANCL0FphqoZv2Mw55QlcQk3DIwD0QSZH01EDZRiZa+3fnu4r9L
lZ/ikirnyUvMiN799KfJRrs=
-----END CERTIFICATE-----
Generated at Wed May 7 22:29:46 2025 by rpki-client