Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oEd7xQ9d68GVkVudEzA3fWBHZ5A.roa
File: oEd7xQ9d68GVkVudEzA3fWBHZ5A.roa (raw, json)
Hash identifier: A2rCpXbsN7K8zshL/hxHHoRYZwdhIgnAy4Y/kXaPrDI=
Subject key identifier: A0:47:7B:C5:0F:5D:EB:C1:95:91:5B:9D:13:30:37:7D:60:47:67:90
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0198713E0FAFAAE96F1FC48CB4E1A72DE650
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oEd7xQ9d68GVkVudEzA3fWBHZ5A.roa
Signing time: Sun 03 Aug 2025 18:42:29 +0000
ROA not before: Sun 03 Aug 2025 18:42:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:71:3e:0f:af:aa:e9:6f:1f:c4:8c:b4:e1:a7:2d:e6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 3 18:42:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0477bc50f5debc195915b9d1330377d60476790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:07:40:99:a4:b6:3e:7a:9e:76:a7:01:1a:53:
42:48:4a:5f:2a:31:f6:34:16:01:b3:4a:68:f4:3c:
02:01:f2:17:98:35:b7:48:d2:f0:25:fd:e9:1c:3d:
f8:b2:c2:91:51:77:e0:fc:f9:28:10:52:0a:62:0e:
83:a7:6c:ea:e2:c4:71:10:c8:6b:c2:0a:db:78:93:
be:27:fc:f9:5e:ba:3d:51:27:77:47:ae:c7:80:8d:
af:ab:9a:29:a2:39:b5:f5:d3:19:08:73:48:c8:c2:
b5:37:b8:09:4d:de:19:6e:91:c9:a9:8e:b5:dd:9b:
5e:25:c9:49:61:ec:a9:b1:dc:ee:ce:f1:19:e8:f2:
cb:bf:63:23:7b:46:e6:fc:ac:da:9e:ea:46:ed:dc:
11:92:ff:b2:b6:e6:58:05:fa:ca:6f:c1:ca:21:ca:
4b:67:ae:36:0f:47:6a:9f:25:f1:25:5c:31:62:0b:
06:2a:b6:3c:22:c8:a6:a4:60:c2:7b:63:53:05:d0:
b7:cb:aa:54:64:a9:12:6e:f2:2c:bc:88:81:a5:ba:
49:79:73:ad:cc:04:50:70:97:9e:87:ec:a2:61:d0:
84:9e:1b:fc:4a:02:4c:33:e3:e8:b7:82:1d:e4:27:
1c:67:94:b0:26:5c:ae:87:00:42:85:df:10:7c:70:
32:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:47:7B:C5:0F:5D:EB:C1:95:91:5B:9D:13:30:37:7D:60:47:67:90
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oEd7xQ9d68GVkVudEzA3fWBHZ5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
Signature Algorithm: sha256WithRSAEncryption
22:53:59:5f:03:84:e6:06:8c:07:ec:4f:34:92:fb:22:5d:93:
83:5e:84:ee:9e:fd:14:fd:c6:2e:cb:d0:38:a3:95:bd:e3:93:
7e:bb:0a:ca:57:3f:a7:1b:f1:f6:f6:00:5b:29:f2:6e:04:2b:
92:ab:09:63:15:c1:12:ac:2b:27:af:51:0a:b1:89:36:83:0c:
93:da:44:99:f7:b8:b8:7e:11:9d:44:76:86:18:b8:38:03:bf:
cc:5e:32:93:d6:21:c5:07:e4:69:75:ba:30:b3:6a:53:b2:5d:
ed:45:02:a9:29:69:cb:38:ba:52:ef:7e:d8:65:8c:92:a6:15:
2f:90:c6:8f:fe:24:0a:ec:78:3f:26:33:7c:b1:4f:d7:10:8b:
c0:46:17:42:2d:c9:8f:bf:29:86:49:f8:e7:bc:96:8c:58:39:
3a:f9:be:46:4e:6e:83:6c:dd:d7:ca:d7:f0:58:95:e9:17:47:
18:16:d9:4c:94:0d:7f:a7:18:79:81:19:52:a9:ae:61:71:87:
b0:e8:53:4e:dc:e5:ad:7a:33:58:d3:0f:e4:ef:12:4e:6e:62:
77:ae:7f:ce:33:f8:92:bc:46:9a:83:8d:c8:0f:3f:74:bd:5c:
0f:76:87:b3:18:23:df:26:80:8c:64:2e:8f:00:8a:47:b7:41:
3c:5c:b1:9b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhxPg+vqulvH8SMtOGnLeZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwODAzMTg0MjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ3N2JjNTBmNWRlYmMxOTU5MTViOWQxMzMwMzc3ZDYwNDc2NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwdAmaS2PnqedqcBGlNCSEpfKjH2
NBYBs0po9DwCAfIXmDW3SNLwJf3pHD34ssKRUXfg/PkoEFIKYg6Dp2zq4sRxEMhr
wgrbeJO+J/z5Xro9USd3R67HgI2vq5opojm19dMZCHNIyMK1N7gJTd4ZbpHJqY61
3ZteJclJYeypsdzuzvEZ6PLLv2Mje0bm/KzanupG7dwRkv+ytuZYBfrKb8HKIcpL
Z642D0dqnyXxJVwxYgsGKrY8IsimpGDCe2NTBdC3y6pUZKkSbvIsvIiBpbpJeXOt
zARQcJeeh+yiYdCEnhv8SgJMM+Pot4Id5CccZ5SwJlyuhwBChd8QfHAyAQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKBHe8UPXevBlZFbnRMwN31gR2eQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb0VkN3hROWQ2OEdWa1Z1ZEV6QTNmV0JIWjVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCA4AwQB
WNgUAwQAWNhnAwQAWNi5AwQBWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQAiU1lfA4Tm
BowH7E80kvsiXZODXoTunv0U/cYuy9A4o5W945N+uwrKVz+nG/H29gBbKfJuBCuS
qwljFcESrCsnr1EKsYk2gwyT2kSZ97i4fhGdRHaGGLg4A7/MXjKT1iHFB+Rpdbow
s2pTsl3tRQKpKWnLOLpS737YZYySphUvkMaP/iQK7Hg/JjN8sU/XEIvARhdCLcmP
vymGSfjnvJaMWDk6+b5GTm6DbN3XytfwWJXpF0cYFtlMlA1/pxh5gRlSqa5hcYew
6FNO3OWtejNY0w/k7xJObmJ3rn/OM/iSvEaag43IDz90vVwPdoezGCPfJoCMZC6P
AIpHt0E8XLGb
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:27:42 2025 by rpki-client