Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dMTPbGHWjuEwl9avwUsHiohJil4.roa
File: dMTPbGHWjuEwl9avwUsHiohJil4.roa (raw, json)
Hash identifier: DeFOwFqIX9OwVhiaFhJvP+NWhLQZ2MsgBViC2W/igS4=
Subject key identifier: 74:C4:CF:6C:61:D6:8E:E1:30:97:D6:AF:C1:4B:07:8A:88:49:8A:5E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019DB54D7ACDA59FA5A5DE99791693AB3E7A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dMTPbGHWjuEwl9avwUsHiohJil4.roa
Signing time: Wed 22 Apr 2026 13:07:26 +0000
ROA not before: Wed 22 Apr 2026 13:07:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.230.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:4d:7a:cd:a5:9f:a5:a5:de:99:79:16:93:ab:3e:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 22 13:07:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=74c4cf6c61d68ee13097d6afc14b078a88498a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5e:b1:f1:6f:c0:c0:47:36:a4:52:88:d7:5b:
ef:42:fa:ff:ee:c6:9e:95:cf:0e:68:63:32:7c:37:
3c:3e:ee:e3:57:c7:0d:b6:41:19:ef:f0:3b:a1:7d:
b3:34:45:ff:46:f3:65:01:31:8d:75:fb:08:05:1d:
fa:8b:ed:ee:4c:69:db:4d:45:70:6d:ae:dd:37:7c:
82:09:48:0d:b6:b4:8f:fd:9c:d8:17:cc:b1:65:80:
da:35:ff:a3:65:1f:2c:1a:83:bf:c2:d4:47:52:1b:
8d:6a:5f:ae:94:a7:eb:2d:82:ca:cf:70:14:02:ca:
3a:07:b2:89:75:73:29:62:49:bd:b5:22:50:56:ce:
42:ec:71:40:5b:63:50:e0:78:cd:4d:b4:a8:12:cc:
07:6b:e6:37:0f:3c:a2:62:88:27:ae:c5:e0:ab:50:
bd:b0:23:b5:b6:22:82:f0:b2:6d:a7:b7:dc:bf:1d:
ec:21:71:ee:5a:3d:27:3c:35:8a:e6:27:ab:ee:44:
e4:a2:2d:5d:b8:ef:64:9e:22:3b:46:c2:98:e0:5c:
5c:85:c4:dc:8b:52:31:f4:b9:c9:08:6f:bf:2a:79:
ca:78:6e:6f:63:28:f9:a4:cf:3d:ab:82:8a:15:7b:
26:4a:c0:74:db:50:c2:24:8e:9b:05:06:18:df:04:
ce:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C4:CF:6C:61:D6:8E:E1:30:97:D6:AF:C1:4B:07:8A:88:49:8A:5E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dMTPbGHWjuEwl9avwUsHiohJil4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.20.0/22
84.32.46.0/23
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.230.0/24
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.57.0/24
88.216.66.0/23
88.216.130.0/23
88.216.134.0/23
Signature Algorithm: sha256WithRSAEncryption
30:05:1d:ad:6b:be:01:e9:b7:cd:77:f4:41:ab:c0:f9:af:b4:
dc:06:07:16:41:74:9f:e5:b0:41:e8:cd:b4:68:26:72:4d:bd:
1d:16:7b:3f:ee:19:b1:82:cf:18:a9:01:c3:3b:0d:15:7d:90:
12:85:58:1f:34:e6:47:40:a0:3b:90:40:44:f4:63:da:3e:94:
dd:9e:6e:d4:c8:7e:1a:9a:c0:3c:5e:97:28:3e:7f:69:a2:2d:
0e:a4:41:39:9a:7b:c9:d1:c0:23:63:72:43:c6:36:ba:fc:5d:
cf:5b:bc:8b:a3:5f:34:fb:75:ae:b9:16:e5:2f:b6:fd:33:84:
e6:c3:28:fd:a9:c5:a4:05:3f:12:ef:8f:b4:81:07:2b:5c:ec:
fd:b9:3b:6e:38:d0:fd:36:48:62:30:2a:4b:81:6b:79:1c:7f:
14:de:92:c8:4c:f5:25:50:e0:f2:19:08:a5:36:bc:95:d8:cc:
0d:30:ad:c1:2a:9c:f3:19:0e:a4:fa:f9:6a:65:07:5b:ff:d1:
72:86:3d:7e:01:d1:83:2e:5d:93:06:d7:e6:c1:5c:cc:02:d7:
e2:49:a8:7a:7d:74:65:bd:64:5e:43:47:20:b3:b5:b5:e2:73:
b1:df:96:48:29:01:ad:17:bb:a9:03:a2:81:08:81:cc:60:71:
db:04:13:66
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ21TXrNpZ+lpd6ZeRaTqz56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNDIyMTMwNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGM0Y2Y2YzYxZDY4ZWUxMzA5N2Q2YWZjMTRiMDc4YTg4NDk4YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F6x8W/AwEc2pFKI11vvQvr/7sae
lc8OaGMyfDc8Pu7jV8cNtkEZ7/A7oX2zNEX/RvNlATGNdfsIBR36i+3uTGnbTUVw
ba7dN3yCCUgNtrSP/ZzYF8yxZYDaNf+jZR8sGoO/wtRHUhuNal+ulKfrLYLKz3AU
Aso6B7KJdXMpYkm9tSJQVs5C7HFAW2NQ4HjNTbSoEswHa+Y3DzyiYognrsXgq1C9
sCO1tiKC8LJtp7fcvx3sIXHuWj0nPDWK5ier7kTkoi1duO9kniI7RsKY4FxchcTc
i1Ix9LnJCG+/KnnKeG5vYyj5pM89q4KKFXsmSsB021DCJI6bBQYY3wTO6QIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHTEz2xh1o7hMJfWr8FLB4qISYpeMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZE1UUGJHSFdqdUV3bDlhdndVc0hpb2hKaWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAVCAHAwQC
VCAUAwQBVCAuAwQCVCCUAwQBVCCuAwQBVCDWAwQAVCDmAwQCVCD0AwQBWNgWAwQB
WNgsAwQAWNg5AwQBWNhCAwQBWNiCAwQBWNiGMA0GCSqGSIb3DQEBCwUAA4IBAQAw
BR2ta74B6bfNd/RBq8D5r7TcBgcWQXSf5bBB6M20aCZyTb0dFns/7hmxgs8YqQHD
Ow0VfZAShVgfNOZHQKA7kEBE9GPaPpTdnm7UyH4amsA8XpcoPn9poi0OpEE5mnvJ
0cAjY3JDxja6/F3PW7yLo180+3WuuRblL7b9M4Tmwyj9qcWkBT8S74+0gQcrXOz9
uTtuOND9NkhiMCpLgWt5HH8U3pLITPUlUODyGQilNryV2MwNMK3BKpzzGQ6k+vlq
ZQdb/9Fyhj1+AdGDLl2TBtfmwVzMAtfiSah6fXRlvWReQ0cgs7W14nOx35ZIKQGt
F7upA6KBCIHMYHHbBBNm
-----END CERTIFICATE-----
Generated at Tue May 12 22:32:16 2026 by rpki-client