Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EqNb5sfrlTSWHWHkFWV6sUo328Q.roa
File: EqNb5sfrlTSWHWHkFWV6sUo328Q.roa (raw, json)
Hash identifier: s0uemjZ5rxvfwn8+gwi7v9cmwqYrkIrasxKZjDV3Qg8=
Subject key identifier: 12:A3:5B:E6:C7:EB:95:34:96:1D:61:E4:15:65:7A:B1:4A:37:DB:C4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0197139F9554D7060977C676C6ABEE9A9FEA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EqNb5sfrlTSWHWHkFWV6sUo328Q.roa
Signing time: Tue 27 May 2025 21:21:54 +0000
ROA not before: Tue 27 May 2025 21:21:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16125
IP address blocks: 84.32.9.0/24 maxlen: 24
84.32.25.0/24 maxlen: 24
84.32.178.0/23 maxlen: 23
84.32.209.0/24 maxlen: 24
84.32.214.0/24 maxlen: 24
84.32.215.0/24 maxlen: 24
84.32.248.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:9f:95:54:d7:06:09:77:c6:76:c6:ab:ee:9a:9f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 27 21:21:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=12a35be6c7eb9534961d61e415657ab14a37dbc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:86:32:c5:62:b6:82:64:6b:ca:8f:2e:55:55:
5a:75:c8:7b:28:5e:41:4e:ac:d0:c4:13:33:52:ef:
7b:d8:89:28:0d:c8:01:a5:c8:3c:46:2e:45:02:af:
aa:59:e2:4e:ce:e9:a2:b8:4f:19:7a:32:0f:da:96:
4a:78:9b:23:92:fe:a9:2c:c9:20:08:f1:5c:de:5f:
53:e8:ca:ee:fb:57:f7:24:db:da:4f:cc:26:39:b7:
7c:49:bc:ab:e8:e8:72:82:9a:0e:47:17:01:3a:45:
72:38:2e:db:96:78:c3:c6:08:4f:9b:7c:cc:3b:4c:
ec:7b:a3:de:38:64:90:bf:c2:1a:8a:f1:08:15:9c:
69:78:e5:fb:04:51:5b:67:61:92:f4:3d:8c:0f:d0:
73:9c:a5:eb:39:87:9f:17:0b:16:0e:10:da:ef:66:
73:12:ba:bf:f0:e6:3b:de:3a:61:0e:88:0b:2a:ec:
32:c5:4f:6e:db:2d:9a:6a:d1:72:0f:51:d1:4a:aa:
c4:cf:3f:78:71:92:67:12:16:9c:18:c3:6d:ce:d5:
fe:dd:da:0c:1b:93:e0:a2:9e:9c:8b:d2:6b:55:e2:
2a:8b:e5:23:a1:ab:54:3f:f9:4c:b7:4f:02:53:b0:
ab:b2:db:fd:23:8f:01:5d:dd:04:34:e5:6b:ee:35:
e6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A3:5B:E6:C7:EB:95:34:96:1D:61:E4:15:65:7A:B1:4A:37:DB:C4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/EqNb5sfrlTSWHWHkFWV6sUo328Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.25.0/24
84.32.178.0/23
84.32.209.0/24
84.32.214.0/23
84.32.248.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
88:02:92:d5:fd:86:14:8b:29:0f:cf:0e:95:dd:d6:60:c8:9e:
48:4f:a0:fb:05:5b:37:3b:22:40:bd:dc:15:5b:98:2b:bf:86:
59:0c:2f:87:7a:4f:ef:61:08:04:d5:0f:26:52:49:09:e9:61:
3b:d3:8c:70:c3:30:1c:ef:0f:e3:5f:fa:bf:8b:9f:3d:19:6b:
a3:59:20:e0:2e:ea:b7:0b:6c:2b:11:72:c0:af:e1:80:41:79:
5f:38:73:0b:b8:10:e6:29:8e:22:f7:93:c5:32:54:93:96:c6:
09:46:b6:36:d7:82:c5:38:49:df:53:70:d1:b6:9f:91:ed:1f:
81:cc:62:8d:63:e7:5c:73:2e:40:6f:67:06:54:cc:d3:7a:11:
d7:ee:65:63:b5:21:43:17:4c:d5:4e:e7:bc:21:33:f1:60:3d:
b2:d6:a6:53:97:51:e6:84:19:e8:53:30:38:1b:c2:2e:27:a1:
4d:c0:52:33:c0:48:7b:ca:ac:6a:9a:2f:b3:33:7d:b9:31:21:
7e:a2:ba:24:1b:f0:b4:e8:47:34:2b:91:b5:5e:2b:df:e8:29:
1d:f8:c4:25:32:56:30:d0:37:b4:03:08:5c:30:6b:ef:dd:ab:
36:5f:43:66:b8:87:c9:88:26:42:83:25:43:fb:83:be:09:b1:
ee:c3:1c:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZcTn5VU1wYJd8Z2xqvump/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNTI3MjEyMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmEzNWJlNmM3ZWI5NTM0OTYxZDYxZTQxNTY1N2FiMTRhMzdkYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYYyxWK2gmRryo8uVVVadch7KF5B
TqzQxBMzUu972IkoDcgBpcg8Ri5FAq+qWeJOzumiuE8ZejIP2pZKeJsjkv6pLMkg
CPFc3l9T6Mru+1f3JNvaT8wmObd8Sbyr6OhygpoORxcBOkVyOC7blnjDxghPm3zM
O0zse6PeOGSQv8IaivEIFZxpeOX7BFFbZ2GS9D2MD9BznKXrOYefFwsWDhDa72Zz
Erq/8OY73jphDogLKuwyxU9u2y2aatFyD1HRSqrEzz94cZJnEhacGMNtztX+3doM
G5Pgop6ci9JrVeIqi+UjoatUP/lMt08CU7Crstv9I48BXd0ENOVr7jXmyQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBKjW+bH65U0lh1h5BVlerFKN9vEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRXFOYjVzZnJsVFNXSFdIa0ZXVjZzVW8zMjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAJAwQA
VCAZAwQBVCCyAwQAVCDRAwQBVCDWAwQAVCD4AwQAWNjFMA0GCSqGSIb3DQEBCwUA
A4IBAQCIApLV/YYUiykPzw6V3dZgyJ5IT6D7BVs3OyJAvdwVW5grv4ZZDC+Hek/v
YQgE1Q8mUkkJ6WE704xwwzAc7w/jX/q/i589GWujWSDgLuq3C2wrEXLAr+GAQXlf
OHMLuBDmKY4i95PFMlSTlsYJRrY214LFOEnfU3DRtp+R7R+BzGKNY+dccy5Ab2cG
VMzTehHX7mVjtSFDF0zVTue8ITPxYD2y1qZTl1HmhBnoUzA4G8IuJ6FNwFIzwEh7
yqxqmi+zM325MSF+orokG/C06Ec0K5G1Xivf6Ckd+MQlMlYw0De0AwhcMGvv3as2
X0NmuIfJiCZCgyVD+4O+CbHuwxyY
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:49:38 2025 by rpki-client