Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hmq4wYMBQlEZWRFFA8pT139dl7k.roa
File: hmq4wYMBQlEZWRFFA8pT139dl7k.roa (raw, json)
Hash identifier: WMU6/TIdv/tyuBsrxyauS5GVnRNpf/iYZHnu+HNixwY=
Subject key identifier: 86:6A:B8:C1:83:01:42:51:19:59:11:45:03:CA:53:D7:7F:5D:97:B9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01978CD78464487437F163384B6DFB3E5373
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hmq4wYMBQlEZWRFFA8pT139dl7k.roa
Signing time: Fri 20 Jun 2025 10:17:03 +0000
ROA not before: Fri 20 Jun 2025 10:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49912
IP address blocks: 84.32.36.0/23 maxlen: 23
84.32.80.0/23 maxlen: 23
88.216.26.0/23 maxlen: 23
88.216.160.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:d7:84:64:48:74:37:f1:63:38:4b:6d:fb:3e:53:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 20 10:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=866ab8c1830142511959114503ca53d77f5d97b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:31:bf:cc:78:e0:8f:da:dc:28:2d:89:a8:36:
31:44:24:13:70:ad:d3:c9:d1:98:ff:84:64:2e:42:
3f:84:63:d9:8c:e5:2f:98:94:96:43:cc:3e:e2:ea:
04:f8:f8:d3:79:9f:1b:d4:19:a7:e5:36:a8:2c:34:
3e:0c:0c:65:59:58:c1:68:80:e3:da:df:df:46:81:
c1:ae:a7:31:c1:43:78:83:95:a5:6d:c2:08:70:a4:
40:21:85:34:b0:62:ed:09:02:a2:51:aa:69:9a:70:
aa:86:73:03:7d:33:3b:e4:44:d9:cf:54:d7:63:81:
3e:3b:65:57:22:1c:7b:11:97:37:f6:df:2a:67:de:
65:ce:06:07:8a:a3:b8:43:6f:18:31:0b:d0:98:48:
67:a9:71:e1:1e:79:33:52:60:e1:a8:13:a0:e0:34:
72:f9:41:d5:43:5c:f2:2e:91:57:4c:9b:9e:02:f0:
57:1a:95:58:58:3d:3e:b6:26:76:38:a9:11:81:3a:
a6:13:a0:e2:e5:20:58:6b:50:87:7c:09:90:9c:5e:
6c:fd:01:0e:56:88:dc:49:62:34:3e:df:3c:04:f7:
8f:7e:3a:fe:64:0e:94:b8:e6:dd:af:d9:1b:d8:06:
90:ba:7e:1e:97:97:21:3b:7b:ba:68:00:36:7d:0b:
24:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:6A:B8:C1:83:01:42:51:19:59:11:45:03:CA:53:D7:7F:5D:97:B9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hmq4wYMBQlEZWRFFA8pT139dl7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.36.0/23
84.32.80.0/23
88.216.26.0/23
88.216.160.0/23
Signature Algorithm: sha256WithRSAEncryption
52:2c:b1:09:09:d3:6e:19:aa:f1:dc:b5:4e:12:5a:de:be:34:
9c:00:dd:81:d7:1a:4b:39:ed:0f:9b:0a:05:e9:0c:1e:72:0c:
46:f6:10:20:13:76:ac:df:99:cd:e0:b6:98:f8:60:7b:cd:10:
49:97:84:51:e2:b9:a5:81:f4:6a:60:70:72:b0:e6:60:0d:c1:
28:01:43:fd:b1:da:c3:bc:e4:a4:98:40:1a:33:a2:09:f0:af:
ad:b2:fa:7d:0d:f1:bc:73:a9:10:05:a6:81:94:66:b9:b6:78:
00:58:03:fb:74:e7:6f:a1:53:9b:64:f5:09:f0:ba:1b:a8:a7:
2c:90:6b:2c:f0:b4:43:6e:68:fc:cb:e7:8c:3e:4e:2c:69:bb:
7d:9e:8a:da:85:62:44:7c:94:4f:92:12:bf:39:a3:6d:1f:f8:
2a:d4:3e:eb:0b:70:71:4e:06:52:89:b8:55:60:ef:2f:38:f3:
9c:44:14:21:be:e2:73:89:a5:6a:39:1d:6f:03:1a:d2:ec:13:
dc:c9:81:c2:8c:d7:40:b8:ed:6f:f9:12:ce:46:fe:68:73:10:
27:30:4e:8c:7b:d0:d1:38:6f:74:6a:db:c1:8c:99:d2:e3:4b:
a4:a7:f9:cf:37:4c:c0:c0:ae:9f:ab:e6:ef:32:ae:c4:92:4a:
44:eb:65:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeM14RkSHQ38WM4S237PlNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNjIwMTAxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjZhYjhjMTgzMDE0MjUxMTk1OTExNDUwM2NhNTNkNzdmNWQ5N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjG/zHjgj9rcKC2JqDYxRCQTcK3T
ydGY/4RkLkI/hGPZjOUvmJSWQ8w+4uoE+PjTeZ8b1Bmn5TaoLDQ+DAxlWVjBaIDj
2t/fRoHBrqcxwUN4g5WlbcIIcKRAIYU0sGLtCQKiUappmnCqhnMDfTM75ETZz1TX
Y4E+O2VXIhx7EZc39t8qZ95lzgYHiqO4Q28YMQvQmEhnqXHhHnkzUmDhqBOg4DRy
+UHVQ1zyLpFXTJueAvBXGpVYWD0+tiZ2OKkRgTqmE6Di5SBYa1CHfAmQnF5s/QEO
VojcSWI0Pt88BPePfjr+ZA6UuObdr9kb2AaQun4el5chO3u6aAA2fQskjwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIZquMGDAUJRGVkRRQPKU9d/XZe5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaG1xNHdZTUJRbEVaV1JGRkE4cFQxMzlkbDdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBVCAkAwQB
VCBQAwQBWNgaAwQBWNigMA0GCSqGSIb3DQEBCwUAA4IBAQBSLLEJCdNuGarx3LVO
ElrevjScAN2B1xpLOe0PmwoF6QwecgxG9hAgE3as35nN4LaY+GB7zRBJl4RR4rml
gfRqYHBysOZgDcEoAUP9sdrDvOSkmEAaM6IJ8K+tsvp9DfG8c6kQBaaBlGa5tngA
WAP7dOdvoVObZPUJ8LobqKcskGss8LRDbmj8y+eMPk4sabt9norahWJEfJRPkhK/
OaNtH/gq1D7rC3BxTgZSibhVYO8vOPOcRBQhvuJziaVqOR1vAxrS7BPcyYHCjNdA
uO1v+RLORv5ocxAnME6Me9DROG90atvBjJnS40ukp/nPN0zAwK6fq+bvMq7EkkpE
62UJ
-----END CERTIFICATE-----
Generated at Sun Jun 29 21:06:50 2025 by rpki-client