Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4eIDAMbhDVblKTA0DXYXug_2CmU.roa
File: 4eIDAMbhDVblKTA0DXYXug_2CmU.roa (raw, json)
Hash identifier: seI0ipW4oeSo4QSmOlpeewa6yZQrP39iYqMx0owniqY=
Subject key identifier: E1:E2:03:00:C6:E1:0D:56:E5:29:30:34:0D:76:17:BA:0F:F6:0A:65
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019C8A2B1E6F118DD744BE5DC8D58049A916
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4eIDAMbhDVblKTA0DXYXug_2CmU.roa
Signing time: Mon 23 Feb 2026 11:03:27 +0000
ROA not before: Mon 23 Feb 2026 11:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.9.0/24 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
84.32.97.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.178.0/23 maxlen: 23
84.32.209.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.244.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.127.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8a:2b:1e:6f:11:8d:d7:44:be:5d:c8:d5:80:49:a9:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Feb 23 11:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1e20300c6e10d56e52930340d7617ba0ff60a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:16:54:88:bc:05:f1:b8:fe:4a:17:59:86:da:
77:2b:ac:67:0a:d5:1f:bc:20:0e:22:32:de:bb:b3:
a5:ea:b7:52:b9:db:08:32:6c:f7:07:02:9a:01:e1:
24:a8:d9:c7:28:9b:36:9d:4e:b8:18:90:b0:71:6e:
1e:97:98:2b:fc:b7:92:0c:6b:01:90:d4:d2:51:f9:
11:e9:fa:03:10:b8:c2:21:0f:ee:53:f0:b6:8b:0b:
97:3c:2d:53:75:ad:09:dc:64:95:8d:be:73:5d:fa:
a0:12:7c:7e:e8:04:df:d8:5f:93:cf:55:f2:bc:6c:
d0:af:27:38:1c:13:7f:e9:83:78:cf:bb:f3:32:d1:
7b:7d:84:28:d7:60:31:00:70:74:bb:80:c2:c4:93:
d3:ff:1b:00:34:80:af:3c:0f:41:df:fb:6c:22:bd:
b2:0c:8f:73:37:3e:af:e5:26:dc:f3:0e:b6:ae:72:
b3:f9:2d:f3:54:14:c7:01:ba:f1:a7:b5:79:cb:a9:
4e:da:dc:b2:cd:14:dd:86:ce:ca:f1:6e:c2:ff:33:
a3:12:de:ea:25:24:04:1f:92:b7:c6:57:b0:c5:23:
4e:6f:69:d8:07:8e:f8:45:48:06:80:65:49:88:89:
71:30:7d:be:ba:b6:fa:4f:9f:91:ef:8b:74:25:95:
30:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:E2:03:00:C6:E1:0D:56:E5:29:30:34:0D:76:17:BA:0F:F6:0A:65
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4eIDAMbhDVblKTA0DXYXug_2CmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.25.0/24
84.32.51.0/24
84.32.83.0/24
84.32.97.0/24
84.32.109.0-84.32.110.255
84.32.149.0/24
84.32.151.0/24
84.32.178.0/23
84.32.209.0/24
84.32.214.0/23
84.32.244.0/24
84.32.248.0/24
88.216.62.0/24
88.216.90.0/24
88.216.93.0/24
88.216.127.0/24
88.216.197.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:90:53:53:8e:44:37:f7:dd:d6:c6:41:a0:e6:f6:f4:60:9b:
07:03:fc:e5:a4:c0:94:6c:13:10:86:a9:64:8c:ac:a6:90:f5:
35:67:6d:ba:8c:e9:cb:31:c1:74:4a:32:1d:a9:49:a2:b1:55:
3a:8d:ec:56:c0:4a:c8:7a:4e:11:a3:3b:8f:c0:66:bc:e5:93:
3c:6e:57:ea:ef:9d:f2:e2:7f:4f:26:9e:5b:c7:8e:e9:83:d6:
4e:7c:0d:6b:45:61:67:f9:aa:de:f4:57:ca:e8:7c:8f:0c:10:
0f:47:e9:ee:9b:cd:d5:b6:b3:0f:8a:1a:d0:67:13:2b:17:c9:
90:62:d4:79:14:22:c4:fd:5c:6d:a7:75:62:18:fb:59:98:d3:
bf:8f:87:ba:d3:bb:d0:c0:c4:cd:91:25:99:c7:51:27:4a:ce:
4a:d1:96:53:c0:ed:61:81:d3:fe:32:ff:32:f4:e6:34:32:1a:
ed:1d:f7:31:51:f3:ae:27:03:59:fa:e8:5c:75:ef:a8:60:91:
8e:e5:a5:4b:a4:9c:34:c4:b0:45:90:42:71:a4:9a:82:3a:0b:
b9:bb:1c:67:a7:9b:97:7a:42:09:9f:68:ac:30:b9:47:d0:e3:
d5:01:84:3d:7f:f1:24:91:f0:77:5b:4b:fb:4a:4e:6e:7b:84:
46:e7:7c:88
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZyKKx5vEY3XRL5dyNWASakWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwMjIzMTEwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWUyMDMwMGM2ZTEwZDU2ZTUyOTMwMzQwZDc2MTdiYTBmZjYwYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xZUiLwF8bj+ShdZhtp3K6xnCtUf
vCAOIjLeu7Ol6rdSudsIMmz3BwKaAeEkqNnHKJs2nU64GJCwcW4el5gr/LeSDGsB
kNTSUfkR6foDELjCIQ/uU/C2iwuXPC1Tda0J3GSVjb5zXfqgEnx+6ATf2F+Tz1Xy
vGzQryc4HBN/6YN4z7vzMtF7fYQo12AxAHB0u4DCxJPT/xsANICvPA9B3/tsIr2y
DI9zNz6v5Sbc8w62rnKz+S3zVBTHAbrxp7V5y6lO2tyyzRTdhs7K8W7C/zOjEt7q
JSQEH5K3xlewxSNOb2nYB474RUgGgGVJiIlxMH2+urb6T5+R74t0JZUwUQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFOHiAwDG4Q1W5SkwNA12F7oP9gplMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNGVJREFNYmhEVmJsS1RBMERYWVh1Z18yQ21VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAFQg
CQMEAFQgGQMEAFQgMwMEAFQgUwMEAFQgYTAMAwQAVCBtAwQAVCBuAwQAVCCVAwQA
VCCXAwQBVCCyAwQAVCDRAwQBVCDWAwQAVCD0AwQAVCD4AwQAWNg+AwQAWNhaAwQA
WNhdAwQAWNh/AwQAWNjFAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQAdkFNTjkQ3
993WxkGg5vb0YJsHA/zlpMCUbBMQhqlkjKymkPU1Z226jOnLMcF0SjIdqUmisVU6
jexWwErIek4RozuPwGa85ZM8blfq753y4n9PJp5bx47pg9ZOfA1rRWFn+are9FfK
6HyPDBAPR+num83VtrMPihrQZxMrF8mQYtR5FCLE/Vxtp3ViGPtZmNO/j4e607vQ
wMTNkSWZx1EnSs5K0ZZTwO1hgdP+Mv8y9OY0MhrtHfcxUfOuJwNZ+uhcde+oYJGO
5aVLpJw0xLBFkEJxpJqCOgu5uxxnp5uXekIJn2isMLlH0OPVAYQ9f/EkkfB3W0v7
Sk5ue4RG53yI
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:46:46 2026 by rpki-client