Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LEX6XkIS6uiL_PU891bauAyUQ2s.roa
File: LEX6XkIS6uiL_PU891bauAyUQ2s.roa (raw, json)
Hash identifier: FLlitpqlpngGH8FIcDhPoPOf8nGmjeUMUK8mUZsRHz8=
Subject key identifier: 2C:45:FA:5E:42:12:EA:E8:8B:FC:F5:3C:F7:56:DA:B8:0C:94:43:6B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01989DBC10E9268FF9A253DEE18598E050BD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LEX6XkIS6uiL_PU891bauAyUQ2s.roa
Signing time: Tue 12 Aug 2025 10:03:24 +0000
ROA not before: Tue 12 Aug 2025 10:03:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.48.0/22 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.60.0/22 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.70.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 22:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:bc:10:e9:26:8f:f9:a2:53:de:e1:85:98:e0:50:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 12 10:03:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2c45fa5e4212eae88bfcf53cf756dab80c94436b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:df:9a:ee:15:51:48:d2:06:64:8c:c3:bf:2b:
3a:85:9d:37:83:db:bc:29:5b:63:7d:76:64:ed:dc:
ca:ff:18:cf:66:38:72:e3:18:3f:92:4a:aa:2a:6f:
ad:9a:7f:2d:05:cf:3c:3c:42:79:45:be:57:34:9f:
49:76:55:cc:43:e6:3b:02:8f:22:17:e6:f2:97:c9:
77:4b:63:c7:94:f5:2c:ce:38:13:cb:f0:a7:e7:cc:
ff:ce:5e:a6:02:fe:dd:b7:0a:30:d2:1d:9e:70:9c:
4a:77:71:6d:92:f9:b2:f7:26:2c:c9:1f:7b:d0:b1:
df:58:9b:dd:88:15:c1:2d:36:2e:f3:53:e0:6f:05:
99:0e:58:60:47:06:f5:06:74:dd:48:c4:59:e9:02:
2e:d8:83:6e:62:53:36:49:44:d8:e9:e2:9c:b6:53:
f8:51:8d:24:63:26:17:e3:a7:3f:dc:bf:ee:fe:66:
94:e1:5d:f6:ee:5f:15:9a:d5:d0:57:ed:57:4d:08:
20:15:a9:a6:0a:0f:34:4f:54:46:92:93:e6:d1:b8:
a9:d1:11:18:aa:d7:8f:07:bd:36:92:7e:ac:43:a3:
6b:dd:25:fc:f0:74:8b:65:79:93:b8:b4:07:01:ee:
02:ed:d5:99:76:3e:37:96:5b:79:a9:5a:29:e6:85:
6a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:45:FA:5E:42:12:EA:E8:8B:FC:F5:3C:F7:56:DA:B8:0C:94:43:6B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LEX6XkIS6uiL_PU891bauAyUQ2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0-84.32.51.255
84.32.64.0/24
84.32.104.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.217.0/24
84.32.223.0/24
84.32.230.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.60.0/22
88.216.66.0/23
88.216.70.0/24
88.216.90.0/24
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.184.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
43:53:21:9c:aa:46:b9:ce:10:7c:8c:95:d3:94:d2:64:39:00:
f6:12:b6:34:6c:99:93:8d:a4:f3:7e:17:e1:ca:68:09:d8:58:
10:df:99:40:3d:f8:18:de:bd:9c:44:e9:83:6a:20:19:59:c7:
d8:49:31:3e:f1:f7:01:b5:3f:c6:b8:68:be:d2:ad:c3:da:ec:
9d:15:4c:b3:94:83:0b:d7:82:2b:89:ad:8d:6e:02:4e:68:7a:
35:ab:b3:af:08:91:5b:a6:02:0c:19:ee:a2:8f:38:12:8e:4b:
de:8d:ff:6a:2e:fb:ab:48:eb:41:3b:23:72:3b:8c:d1:ee:0a:
ae:69:91:56:c9:53:eb:cf:dc:fd:37:66:12:cf:ab:be:24:16:
5c:af:5c:51:e4:b8:54:f5:51:63:6b:af:2f:01:0f:c4:65:37:
fa:ae:18:96:e5:cd:1d:39:cf:7c:8a:14:de:65:81:9a:0b:3d:
01:d3:96:e7:4f:4c:62:2e:db:ae:96:96:4c:04:b8:45:b3:88:
e9:56:fb:31:c0:f8:05:45:c8:a9:dc:19:09:d1:77:19:67:8a:
bc:e3:b0:65:27:23:c4:42:86:33:64:78:d3:a2:6c:8d:66:06:
dd:a9:74:b6:f6:e4:a4:79:3b:74:51:f6:75:4a:3f:4e:95:9e:
86:b0:ff:7f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZidvBDpJo/5olPe4YWY4FC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwODEyMTAwMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzQ1ZmE1ZTQyMTJlYWU4OGJmY2Y1M2NmNzU2ZGFiODBjOTQ0MzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t+a7hVRSNIGZIzDvys6hZ03g9u8
KVtjfXZk7dzK/xjPZjhy4xg/kkqqKm+tmn8tBc88PEJ5Rb5XNJ9JdlXMQ+Y7Ao8i
F+byl8l3S2PHlPUszjgTy/Cn58z/zl6mAv7dtwow0h2ecJxKd3Ftkvmy9yYsyR97
0LHfWJvdiBXBLTYu81PgbwWZDlhgRwb1BnTdSMRZ6QIu2INuYlM2SUTY6eKctlP4
UY0kYyYX46c/3L/u/maU4V327l8VmtXQV+1XTQggFammCg80T1RGkpPm0bip0REY
qtePB702kn6sQ6Nr3SX88HSLZXmTuLQHAe4C7dWZdj43llt5qVop5oVqqQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFCxF+l5CEuroi/z1PPdW2rgMlENrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTEVYNlhrSVM2dWlMX1BVODkxYmF1QXlVUTJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AFQgBwMEAFQgCAMEAlQgFDAMAwQBVCAuAwQCVCAwAwQAVCBAAwQAVCBoAwQCVCCU
AwQBVCCuAwQBVCDWAwQAVCDZAwQAVCDfAwQBVCDmAwQCVCD0AwQBWNgWAwQBWNgs
AwQCWNg8AwQBWNhCAwQAWNhGAwQAWNhaAwQAWNhdAwQBWNiCAwQBWNiGAwQAWNi4
AwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQBDUyGcqka5zhB8jJXTlNJkOQD2ErY0
bJmTjaTzfhfhymgJ2FgQ35lAPfgY3r2cROmDaiAZWcfYSTE+8fcBtT/GuGi+0q3D
2uydFUyzlIML14Iria2NbgJOaHo1q7OvCJFbpgIMGe6ijzgSjkvejf9qLvurSOtB
OyNyO4zR7gquaZFWyVPrz9z9N2YSz6u+JBZcr1xR5LhU9VFja68vAQ/EZTf6rhiW
5c0dOc98ihTeZYGaCz0B05bnT0xiLtuulpZMBLhFs4jpVvsxwPgFRcip3BkJ0XcZ
Z4q847BlJyPEQoYzZHjTomyNZgbdqXS29uSkeTt0UfZ1Sj9OlZ6GsP9/
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:11:39 2025 by rpki-client