Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0_jZiKPAN6F4QmgYiEcekjeWVg.roa
File: l0_jZiKPAN6F4QmgYiEcekjeWVg.roa (raw, json)
Hash identifier: GGVcI8Tj5qMeCuMsMzEcHZWD1fIDH91INMkPrhAk/5w=
Subject key identifier: 97:4F:E3:66:22:8F:00:DE:85:E1:09:A0:62:21:1C:7A:48:DE:59:58
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019DB54CF6087F9BB7ED3A1D7D6A7B7838E8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0_jZiKPAN6F4QmgYiEcekjeWVg.roa
Signing time: Wed 22 Apr 2026 13:06:52 +0000
ROA not before: Wed 22 Apr 2026 13:06:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.15.0/24 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:4c:f6:08:7f:9b:b7:ed:3a:1d:7d:6a:7b:78:38:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 22 13:06:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=974fe366228f00de85e109a062211c7a48de5958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a5:3f:ff:60:f5:50:5a:7b:09:de:b8:e3:f7:
af:39:36:f9:e4:08:31:5d:7e:93:37:e0:64:d2:fb:
97:97:7c:0a:d7:cd:42:d4:f4:48:c2:8d:30:16:55:
dc:89:6b:38:8c:10:89:17:76:05:6e:dc:3d:02:05:
ea:98:c3:41:9a:15:ce:a2:b1:60:be:19:8d:28:e4:
01:85:14:78:8e:9b:49:83:95:b0:82:87:53:29:4f:
0f:de:6d:de:48:1a:d8:77:9a:dc:a9:19:a7:9b:2b:
99:98:7b:fe:82:f5:22:e9:59:f6:e3:1d:d1:98:5c:
00:13:08:6b:a4:40:42:0d:45:ea:39:e3:5a:ee:ca:
f2:a9:2a:9c:ab:3c:78:c2:ad:c5:bf:6b:08:4b:ec:
42:6e:91:bd:03:af:4b:86:d0:ed:10:36:ca:56:51:
81:26:62:aa:e6:09:c1:27:e7:44:bd:b5:b7:08:43:
e0:21:61:84:f3:69:30:22:02:10:e6:41:07:c0:87:
90:db:dd:d4:34:99:95:5c:62:2f:44:74:f7:22:6a:
c7:77:10:bc:28:57:18:aa:52:71:4a:20:74:4e:fd:
6c:6d:d0:85:f9:1b:99:11:93:da:e8:07:a4:d3:41:
f3:ce:81:36:6e:2b:bc:cd:bc:c6:fc:6f:2c:8e:37:
72:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:4F:E3:66:22:8F:00:DE:85:E1:09:A0:62:21:1C:7A:48:DE:59:58
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l0_jZiKPAN6F4QmgYiEcekjeWVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.24.0/24
84.32.107.0/24
84.32.152.0/24
84.32.156.0/24
84.32.218.0/24
88.216.41.0/24
88.216.186.0/24
Signature Algorithm: sha256WithRSAEncryption
17:44:8f:06:07:d5:8a:0d:c4:6a:28:73:4d:87:14:eb:64:aa:
9b:c7:45:34:70:e4:e6:ce:fa:4a:f1:40:96:cf:75:81:dd:de:
8f:f4:c4:c3:46:73:4f:cd:b2:40:69:28:7b:91:7b:8d:24:6e:
94:9b:ef:07:62:d3:37:b7:36:a7:99:08:9e:89:5e:92:bf:89:
82:c1:a1:01:5b:e3:4c:0f:60:f4:27:2e:9f:fd:67:b6:56:9a:
09:dd:a5:ff:4e:81:66:ed:c9:92:47:e6:e9:05:51:7f:55:3d:
83:39:07:0f:ed:5d:6e:28:60:e6:20:ca:88:67:00:b6:1f:08:
f8:a3:b0:43:43:d6:22:23:d6:72:9c:6c:85:39:34:dd:2a:4b:
a7:81:ef:0c:a4:ed:f7:e7:35:38:60:3f:71:f7:f1:50:c3:09:
b3:0b:a0:9c:96:c5:fb:62:05:05:cf:eb:b3:f1:9a:65:5b:b5:
2e:f3:c7:38:32:32:99:2d:63:67:78:ec:be:bb:5c:30:06:3b:
48:5d:05:9c:9a:43:fa:de:40:14:95:e7:47:ec:4e:47:41:3e:
88:d4:7e:06:83:40:31:f7:31:ea:44:0c:19:90:9a:a0:b4:14:
98:63:84:5f:3f:ac:85:42:cc:75:d6:ac:8d:be:13:0a:ce:13:
ed:f5:d7:11
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ21TPYIf5u37TodfWp7eDjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNDIyMTMwNjUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzRmZTM2NjIyOGYwMGRlODVlMTA5YTA2MjIxMWM3YTQ4ZGU1OTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaU//2D1UFp7Cd644/evOTb55Agx
XX6TN+Bk0vuXl3wK181C1PRIwo0wFlXciWs4jBCJF3YFbtw9AgXqmMNBmhXOorFg
vhmNKOQBhRR4jptJg5WwgodTKU8P3m3eSBrYd5rcqRmnmyuZmHv+gvUi6Vn24x3R
mFwAEwhrpEBCDUXqOeNa7sryqSqcqzx4wq3Fv2sIS+xCbpG9A69LhtDtEDbKVlGB
JmKq5gnBJ+dEvbW3CEPgIWGE82kwIgIQ5kEHwIeQ293UNJmVXGIvRHT3ImrHdxC8
KFcYqlJxSiB0Tv1sbdCF+RuZEZPa6Aek00HzzoE2biu8zbzG/G8sjjdyxwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJdP42YijwDeheEJoGIhHHpI3llYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbDBfalppS1BBTjZGNFFtZ1lpRWNla2plV1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAPAwQA
VCAYAwQAVCBrAwQAVCCYAwQAVCCcAwQAVCDaAwQAWNgpAwQAWNi6MA0GCSqGSIb3
DQEBCwUAA4IBAQAXRI8GB9WKDcRqKHNNhxTrZKqbx0U0cOTmzvpK8UCWz3WB3d6P
9MTDRnNPzbJAaSh7kXuNJG6Um+8HYtM3tzanmQieiV6Sv4mCwaEBW+NMD2D0Jy6f
/We2VpoJ3aX/ToFm7cmSR+bpBVF/VT2DOQcP7V1uKGDmIMqIZwC2Hwj4o7BDQ9Yi
I9ZynGyFOTTdKkunge8MpO335zU4YD9x9/FQwwmzC6CclsX7YgUFz+uz8ZplW7Uu
88c4MjKZLWNneOy+u1wwBjtIXQWcmkP63kAUledH7E5HQT6I1H4Gg0Ax9zHqRAwZ
kJqgtBSYY4RfP6yFQsx11qyNvhMKzhPt9dcR
-----END CERTIFICATE-----
Generated at Wed May 13 12:02:15 2026 by rpki-client