Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vPEH94kgss19AmfhORRRhKxa0iM.roa
File: vPEH94kgss19AmfhORRRhKxa0iM.roa (raw, json)
Hash identifier: RMdSmRLWFddwS3QhZKmGVqn3ZyOvdX3qW/TFcHsOuq4=
Subject key identifier: BC:F1:07:F7:89:20:B2:CD:7D:02:67:E1:39:14:51:84:AC:5A:D2:23
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0197A1ED1C32D50B776869A51B0409D983B8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vPEH94kgss19AmfhORRRhKxa0iM.roa
Signing time: Tue 24 Jun 2025 12:32:40 +0000
ROA not before: Tue 24 Jun 2025 12:32:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20001
IP address blocks: 88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:ed:1c:32:d5:0b:77:68:69:a5:1b:04:09:d9:83:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 24 12:32:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcf107f78920b2cd7d0267e139145184ac5ad223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:4e:5d:27:00:72:dd:26:61:05:37:15:9e:
9b:de:48:8f:2b:dc:a7:e2:3e:9d:cf:0b:bb:aa:ab:
44:65:60:eb:43:ae:bb:56:f7:d4:46:19:24:38:97:
c2:a5:45:c9:68:25:6b:2f:20:7b:1d:6d:7b:c6:93:
90:0d:92:29:6e:02:23:39:61:4d:33:cd:a8:6f:dd:
f2:93:03:65:37:20:53:31:d9:53:78:76:c1:ed:fb:
10:05:a2:53:e7:36:50:aa:db:8d:1c:11:e3:44:82:
ac:4b:1e:35:94:da:7c:43:44:77:23:6c:0d:06:50:
67:98:fc:5b:28:a5:9c:8c:a8:30:99:aa:5f:fb:ff:
b8:18:24:b0:27:0f:07:3c:7d:b5:cf:fb:26:ea:30:
13:c9:3d:4f:ba:97:52:dd:14:bc:c5:57:b4:28:c5:
d3:1a:74:bb:f4:51:8e:8f:53:dd:2b:52:bf:0d:5a:
a9:7b:05:62:42:b8:ba:ab:10:10:9e:2e:03:14:22:
3e:5b:4b:7f:f3:a1:c5:df:2b:d0:29:12:9b:ee:c7:
eb:88:a5:41:2a:e2:b1:f0:a7:6f:2e:dc:59:d8:20:
cf:e0:72:87:8f:89:d0:c3:45:cd:9b:dc:1a:83:3c:
ef:89:09:c5:cc:b3:6d:8b:89:37:15:b7:aa:00:b8:
64:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F1:07:F7:89:20:B2:CD:7D:02:67:E1:39:14:51:84:AC:5A:D2:23
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vPEH94kgss19AmfhORRRhKxa0iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.20.0/23
88.216.103.0/24
88.216.185.0/24
88.216.212.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:35:bd:ec:c6:94:49:19:11:4e:02:32:5d:a7:16:19:7b:df:
65:3a:e8:76:98:6e:a6:c5:73:ed:b2:39:bf:a4:d9:13:f7:6c:
18:f3:46:29:9e:16:ab:cb:7d:e0:60:17:89:df:29:a8:7e:a9:
1e:5c:e5:d5:f5:49:64:9a:20:3b:49:b9:19:bb:dd:0a:ba:78:
a5:11:9b:3a:e1:5d:a5:04:be:4e:c2:a3:76:88:36:68:5c:10:
17:35:7b:ce:6e:a9:a5:09:42:99:6e:b4:71:3c:da:36:02:95:
ba:a9:09:04:9f:8a:1c:00:43:6a:d9:9d:75:24:e3:c0:62:5e:
f7:7b:c1:4f:d9:97:c9:23:a1:89:b6:e0:61:63:97:fe:61:2c:
d7:d0:c8:a8:5f:01:9f:0a:c1:bb:9b:1f:28:61:7c:13:ad:67:
ec:77:d2:1c:37:16:7c:23:2e:98:ae:eb:ec:f3:bc:55:0d:70:
a8:a3:b9:59:03:de:76:d1:f6:f0:06:be:61:1b:a9:12:2e:18:
a6:09:88:14:8c:37:e7:c5:83:0e:59:82:e3:e2:e4:e0:c8:b3:
fe:9c:db:76:ef:41:0c:46:46:37:da:17:2d:fa:82:2e:fe:df:
ea:60:bd:6e:39:95:4b:07:3d:e7:5d:62:2d:a0:b8:a0:fb:c9:
c7:e0:b9:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeh7Rwy1Qt3aGmlGwQJ2YO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwNjI0MTIzMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2YxMDdmNzg5MjBiMmNkN2QwMjY3ZTEzOTE0NTE4NGFjNWFkMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYhOXScAct0mYQU3FZ6b3kiPK9yn
4j6dzwu7qqtEZWDrQ667VvfURhkkOJfCpUXJaCVrLyB7HW17xpOQDZIpbgIjOWFN
M82ob93ykwNlNyBTMdlTeHbB7fsQBaJT5zZQqtuNHBHjRIKsSx41lNp8Q0R3I2wN
BlBnmPxbKKWcjKgwmapf+/+4GCSwJw8HPH21z/sm6jATyT1PupdS3RS8xVe0KMXT
GnS79FGOj1PdK1K/DVqpewViQri6qxAQni4DFCI+W0t/86HF3yvQKRKb7sfriKVB
KuKx8KdvLtxZ2CDP4HKHj4nQw0XNm9wagzzviQnFzLNti4k3FbeqALhkkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLzxB/eJILLNfQJn4TkUUYSsWtIjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdlBFSDk0a2dzczE5QW1maE9SUlJoS3hhMGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWNgUAwQA
WNhnAwQAWNi5AwQBWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQAPNb3sxpRJGRFOAjJd
pxYZe99lOuh2mG6mxXPtsjm/pNkT92wY80Ypnhary33gYBeJ3ymofqkeXOXV9Ulk
miA7SbkZu90KunilEZs64V2lBL5OwqN2iDZoXBAXNXvObqmlCUKZbrRxPNo2ApW6
qQkEn4ocAENq2Z11JOPAYl73e8FP2ZfJI6GJtuBhY5f+YSzX0MioXwGfCsG7mx8o
YXwTrWfsd9IcNxZ8Iy6Yruvs87xVDXCoo7lZA9520fbwBr5hG6kSLhimCYgUjDfn
xYMOWYLj4uTgyLP+nNt270EMRkY32hct+oIu/t/qYL1uOZVLBz3nXWItoLig+8nH
4Llp
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:40:07 2025 by rpki-client