Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8n3Vj0vzmzfMdF6i9f82KuiyVX8.roa
File: 8n3Vj0vzmzfMdF6i9f82KuiyVX8.roa (raw, json)
Hash identifier: d0ftBL5eyZnGIioFf1mKEwOvwSECuo/DyZID+rA1v/0=
Subject key identifier: F2:7D:D5:8F:4B:F3:9B:37:CC:74:5E:A2:F5:FF:36:2A:E8:B2:55:7F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01987AD92A66C9CD10CF02AEAEAF41BB8097
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8n3Vj0vzmzfMdF6i9f82KuiyVX8.roa
Signing time: Tue 05 Aug 2025 15:28:29 +0000
ROA not before: Tue 05 Aug 2025 15:28:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.98.0/24 maxlen: 24
84.32.100.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:d9:2a:66:c9:cd:10:cf:02:ae:ae:af:41:bb:80:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 5 15:28:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f27dd58f4bf39b37cc745ea2f5ff362ae8b2557f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:82:bd:bf:e7:c3:5c:71:c4:ba:f5:68:c3:
5d:94:67:58:f7:a2:9f:ac:51:53:00:10:e6:46:dd:
76:ae:01:2d:8a:16:97:c1:d8:51:af:1a:fe:8a:91:
e9:b1:c0:00:0d:15:0c:d8:a1:6d:63:88:27:b4:fa:
3d:f6:54:a8:31:7d:77:9a:18:6a:4e:32:eb:3f:6e:
88:c2:55:c7:a7:7e:b3:fa:b4:19:ae:43:e3:d0:b3:
98:b2:68:4b:38:f2:60:90:87:88:28:c0:35:86:56:
f5:25:39:49:96:54:8b:91:e3:49:01:40:e7:c5:a7:
f9:e1:b8:2a:d6:b3:66:fc:c5:a2:d2:e8:98:5d:a2:
06:65:8f:14:0c:67:53:ba:9d:5d:2b:7d:e5:56:26:
f7:a8:5c:2a:07:23:6c:76:a8:76:84:f7:c7:07:33:
ea:c6:8f:da:13:92:fe:e7:0c:f6:f7:d4:52:07:90:
fa:25:f3:6d:96:43:92:72:ed:df:63:aa:dd:0a:7a:
2f:3e:e2:43:5e:4f:c2:50:8d:38:63:aa:df:e6:08:
9d:74:db:f4:d8:15:0f:9a:bd:fc:f8:3c:12:f0:28:
a4:af:43:9c:db:6c:49:aa:c8:b2:27:04:a7:61:41:
76:8f:67:9b:96:53:73:15:01:c4:2f:db:ba:3c:1c:
a7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7D:D5:8F:4B:F3:9B:37:CC:74:5E:A2:F5:FF:36:2A:E8:B2:55:7F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8n3Vj0vzmzfMdF6i9f82KuiyVX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.59.0/24
84.32.98.0/24
84.32.100.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
68:f5:6d:bd:0a:5f:82:80:92:d6:22:5e:55:34:2f:bc:01:d4:
aa:e2:76:32:3d:c8:29:1a:fa:bf:14:95:f1:db:ad:97:66:4c:
e5:16:83:32:ab:20:1e:49:5c:ec:87:4d:09:b0:1e:89:49:9a:
a6:4d:37:24:02:f5:b1:f6:52:51:8c:93:5f:0a:01:ac:05:32:
49:d8:63:4b:9a:4e:ad:1c:56:46:b4:4d:20:81:4f:4c:98:80:
b0:58:dd:e2:c0:72:c6:9c:5d:f1:24:19:ee:f3:ff:39:18:37:
21:66:ec:ce:72:6c:b8:36:16:cf:1d:f2:b8:3d:df:ba:c0:6e:
33:e7:ae:37:0e:0f:37:1a:5c:0f:c4:26:73:81:64:ea:7d:2d:
99:fc:9a:d6:de:44:ca:d6:33:d6:12:85:22:32:2b:fe:73:bf:
b6:fa:92:60:14:b0:0c:96:a3:7c:03:73:0e:4c:66:e6:4c:98:
47:5b:2d:e3:54:69:2f:c7:66:8c:13:7f:bb:d2:27:75:67:44:
7d:8d:c5:16:87:d6:21:ae:f4:e4:87:d1:51:d5:f0:dc:e1:41:
06:b6:35:f4:9f:d7:da:c3:63:79:56:2b:f9:34:90:1a:f8:ed:
b5:ac:9e:28:69:15:63:87:77:ff:d7:c9:10:d7:fc:77:98:8f:
a4:98:bb:31
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZh62Spmyc0QzwKurq9Bu4CXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwODA1MTUyODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdkZDU4ZjRiZjM5YjM3Y2M3NDVlYTJmNWZmMzYyYWU4YjI1NTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwiCvb/nw1xxxLr1aMNdlGdY96Kf
rFFTABDmRt12rgEtihaXwdhRrxr+ipHpscAADRUM2KFtY4gntPo99lSoMX13mhhq
TjLrP26IwlXHp36z+rQZrkPj0LOYsmhLOPJgkIeIKMA1hlb1JTlJllSLkeNJAUDn
xaf54bgq1rNm/MWi0uiYXaIGZY8UDGdTup1dK33lVib3qFwqByNsdqh2hPfHBzPq
xo/aE5L+5wz299RSB5D6JfNtlkOScu3fY6rdCnovPuJDXk/CUI04Y6rf5giddNv0
2BUPmr38+DwS8Cikr0Oc22xJqsiyJwSnYUF2j2ebllNzFQHEL9u6PBynNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPJ91Y9L85s3zHReovX/NiroslV/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOG4zVmowdnptemZNZEY2aTlmODJLdWl5Vlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCA7AwQA
VCBiAwQAVCBkAwQAWNjcMA0GCSqGSIb3DQEBCwUAA4IBAQBo9W29Cl+CgJLWIl5V
NC+8AdSq4nYyPcgpGvq/FJXx262XZkzlFoMyqyAeSVzsh00JsB6JSZqmTTckAvWx
9lJRjJNfCgGsBTJJ2GNLmk6tHFZGtE0ggU9MmICwWN3iwHLGnF3xJBnu8/85GDch
ZuzOcmy4NhbPHfK4Pd+6wG4z5643Dg83GlwPxCZzgWTqfS2Z/JrW3kTK1jPWEoUi
Miv+c7+2+pJgFLAMlqN8A3MOTGbmTJhHWy3jVGkvx2aME3+70id1Z0R9jcUWh9Yh
rvTkh9FR1fDc4UEGtjX0n9faw2N5Viv5NJAa+O21rJ4oaRVjh3f/18kQ1/x3mI+k
mLsx
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:17:07 2025 by rpki-client