Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F7vkcy7Tx6h_w_vhcChGf2I3LB8.roa
File: F7vkcy7Tx6h_w_vhcChGf2I3LB8.roa (raw, json)
Hash identifier: oMymIeEcpo1bqVwDdpETBN0H0g2Nu0ZFxeEzOtyCG0g=
Subject key identifier: 17:BB:E4:73:2E:D3:C7:A8:7F:C3:FB:E1:70:28:46:7F:62:37:2C:1F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826A9A5880E5D60C2E7BDB30B4432EA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F7vkcy7Tx6h_w_vhcChGf2I3LB8.roa
Signing time: Thu 02 Jan 2025 17:53:29 +0000
ROA not before: Thu 02 Jan 2025 17:53:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 84.32.4.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.27.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.155.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.211.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
84.32.229.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.233.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.237.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.246.0/24 maxlen: 24
84.32.247.0/24 maxlen: 24
84.32.252.0/24 maxlen: 24
84.32.253.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.94.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.97.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.109.0/24 maxlen: 24
88.216.110.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:a9:a5:88:0e:5d:60:c2:e7:bd:b3:0b:44:32:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=17bbe4732ed3c7a87fc3fbe17028467f62372c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f4:a8:bd:4c:be:fa:a7:45:f4:7e:14:13:e9:
d1:e6:ef:44:2b:75:b2:56:3c:f7:7a:34:26:2a:eb:
48:5e:01:44:ac:a9:c1:97:d9:ff:77:ea:bf:52:f3:
7f:9c:d8:a7:dc:74:12:d8:7f:54:48:c6:cd:ff:35:
72:26:5a:18:c2:68:6e:91:3f:39:f2:d3:3d:4c:9a:
a0:10:32:b3:9e:d8:85:d1:d8:70:57:2a:65:6e:a3:
35:a2:7e:9f:ff:e8:4b:39:09:9a:2d:99:39:b6:14:
00:92:1e:d4:ca:18:30:68:3b:b3:fe:c9:a2:69:d4:
e0:78:39:4b:d3:c4:c0:d3:23:7e:80:26:9f:91:94:
9f:d8:ae:06:fe:6f:7e:ea:14:8a:54:13:c8:44:c9:
ad:d9:8e:b8:af:87:7d:87:7c:e0:93:a0:8a:c6:64:
d4:0c:b0:39:58:d4:c3:53:38:23:63:1d:31:3d:b2:
43:04:94:2e:1c:97:a5:78:d1:bc:3e:94:0d:07:b5:
d3:09:d5:ec:35:43:ae:40:36:26:02:18:46:bd:3b:
97:f7:bd:b7:26:79:31:45:33:bf:fe:4c:d6:7f:1d:
88:97:9f:93:87:09:16:01:2a:b3:2f:80:d1:ff:d3:
e5:ae:11:ee:2c:46:e3:31:82:5c:aa:03:73:05:5b:
12:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BB:E4:73:2E:D3:C7:A8:7F:C3:FB:E1:70:28:46:7F:62:37:2C:1F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/F7vkcy7Tx6h_w_vhcChGf2I3LB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.11.0/24
84.32.14.0/24
84.32.27.0-84.32.31.255
84.32.42.0/23
84.32.62.0/24
84.32.65.0/24
84.32.68.0/24
84.32.76.0/23
84.32.79.0/24
84.32.85.0/24
84.32.88.0-84.32.90.255
84.32.92.0-84.32.94.255
84.32.105.0/24
84.32.150.0/24
84.32.153.0/24
84.32.155.0/24
84.32.157.0-84.32.159.255
84.32.172.0/24
84.32.174.0/23
84.32.211.0-84.32.213.255
84.32.219.0/24
84.32.221.0-84.32.222.255
84.32.224.0/24
84.32.226.0/24
84.32.228.0/23
84.32.232.0/22
84.32.237.0-84.32.243.255
84.32.245.0-84.32.247.255
84.32.252.0/22
88.216.0.0/23
88.216.3.0/24
88.216.16.0/24
88.216.18.0/24
88.216.22.0/23
88.216.32.0/23
88.216.35.0/24
88.216.38.0/24
88.216.40.0/24
88.216.42.0/24
88.216.47.0/24
88.216.58.0/24
88.216.64.0/23
88.216.94.0/23
88.216.97.0/24
88.216.101.0-88.216.102.255
88.216.109.0-88.216.111.255
88.216.128.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:ed:31:16:7a:99:70:da:93:fb:ef:69:51:26:22:e6:b1:93:
1b:44:e0:4c:7f:1f:12:30:b8:3a:d3:d0:bf:35:46:e0:4b:6a:
db:72:41:8d:c6:65:0c:c2:b9:03:33:fb:d3:89:a0:bf:be:85:
45:0b:cb:a0:17:9a:3e:1e:92:5d:85:cd:f4:65:fc:94:57:a4:
9c:5e:0c:bb:78:cf:e5:e7:a9:84:4d:4f:2f:0f:49:0a:37:7f:
0b:8a:47:c4:68:f9:f0:6c:36:1b:c2:e0:65:d2:e1:ee:8c:f9:
e2:06:51:4a:86:70:85:60:3e:1b:9b:b9:8c:d7:03:40:25:6e:
f2:5d:fd:2b:9f:c2:01:a9:dd:91:5b:48:76:0a:1e:14:c5:6f:
3b:c7:24:dd:5f:22:4c:c1:1a:c2:25:3b:d6:57:5b:bd:17:d0:
fa:4e:7c:2d:fc:4f:5f:98:b6:65:fc:4c:20:57:c9:38:2f:76:
55:9b:fe:16:16:22:9f:03:80:ea:cb:ab:dc:76:c5:4e:12:4e:
09:80:89:e7:52:7c:f3:39:61:ae:25:c7:ce:47:17:81:7b:f3:
d5:3c:12:c3:82:f8:1a:1b:6a:01:6e:9c:2d:64:fe:1c:c3:88:
89:e9:1d:7a:18:73:cd:8b:69:5d:d2:ff:54:7d:0d:63:48:43:
74:f3:2c:56
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAZQoJqmliA5dYMLnvbMLRDLqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JiZTQ3MzJlZDNjN2E4N2ZjM2ZiZTE3MDI4NDY3ZjYyMzcyYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vSovUy++qdF9H4UE+nR5u9EK3Wy
Vjz3ejQmKutIXgFErKnBl9n/d+q/UvN/nNin3HQS2H9USMbN/zVyJloYwmhukT85
8tM9TJqgEDKzntiF0dhwVyplbqM1on6f/+hLOQmaLZk5thQAkh7UyhgwaDuz/smi
adTgeDlL08TA0yN+gCafkZSf2K4G/m9+6hSKVBPIRMmt2Y64r4d9h3zgk6CKxmTU
DLA5WNTDUzgjYx0xPbJDBJQuHJeleNG8PpQNB7XTCdXsNUOuQDYmAhhGvTuX9723
JnkxRTO//kzWfx2Il5+ThwkWASqzL4DR/9PlrhHuLEbjMYJcqgNzBVsSSQIDAQAB
o4IDfTCCA3kwHQYDVR0OBBYEFBe75HMu08eof8P74XAoRn9iNywfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRjd2a2N5N1R4Nmhfd192aGNDaEdmMkkzTEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkQYIKwYBBQUHAQcBAf8EggGAMIIBfDCCAXgEAgABMIIB
cAMEAFQgBAMEAFQgCwMEAFQgDjAMAwQAVCAbAwQFVCAAAwQBVCAqAwQAVCA+AwQA
VCBBAwQAVCBEAwQBVCBMAwQAVCBPAwQAVCBVMAwDBANUIFgDBABUIFowDAMEAlQg
XAMEAFQgXgMEAFQgaQMEAFQglgMEAFQgmQMEAFQgmzAMAwQAVCCdAwQFVCCAAwQA
VCCsAwQBVCCuMAwDBABUINMDBAFUINQDBABUINswDAMEAFQg3QMEAFQg3gMEAFQg
4AMEAFQg4gMEAVQg5AMEAlQg6DAMAwQAVCDtAwQCVCDwMAwDBABUIPUDBANUIPAD
BAJUIPwDBAFY2AADBABY2AMDBABY2BADBABY2BIDBAFY2BYDBAFY2CADBABY2CMD
BABY2CYDBABY2CgDBABY2CoDBABY2C8DBABY2DoDBAFY2EADBAFY2F4DBABY2GEw
DAMEAFjYZQMEAFjYZjAMAwQAWNhtAwQEWNhgAwQAWNiAMA0GCSqGSIb3DQEBCwUA
A4IBAQCO7TEWeplw2pP772lRJiLmsZMbROBMfx8SMLg609C/NUbgS2rbckGNxmUM
wrkDM/vTiaC/voVFC8ugF5o+HpJdhc30ZfyUV6ScXgy7eM/l56mETU8vD0kKN38L
ikfEaPnwbDYbwuBl0uHujPniBlFKhnCFYD4bm7mM1wNAJW7yXf0rn8IBqd2RW0h2
Ch4UxW87xyTdXyJMwRrCJTvWV1u9F9D6Tnwt/E9fmLZl/EwgV8k4L3ZVm/4WFiKf
A4Dqy6vcdsVOEk4JgInnUnzzOWGuJcfORxeBe/PVPBLDgvgaG2oBbpwtZP4cw4iJ
6R16GHPNi2ld0v9UfQ1jSEN08yxW
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:52:14 2025 by rpki-client