Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-Ltw5-4BZSzYIw-lQdLH5FNG8xc.roa
File: 1-Ltw5-4BZSzYIw-lQdLH5FNG8xc.roa (raw, json)
Hash identifier: yehXNGhyQ4sAkHFUDI+RxZftMzarpECe5rEb5iji/JA=
Subject key identifier: F8:BB:70:E7:EE:01:65:2C:D8:23:0F:A5:41:D2:C7:E4:53:46:F3:17
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019E3E82C213EF9C5636A330F16B5AF99F6C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-Ltw5-4BZSzYIw-lQdLH5FNG8xc.roa
Signing time: Tue 19 May 2026 04:33:37 +0000
ROA not before: Tue 19 May 2026 04:33:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.6.0/24 maxlen: 24
84.32.136.0/22 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:82:c2:13:ef:9c:56:36:a3:30:f1:6b:5a:f9:9f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 04:33:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f8bb70e7ee01652cd8230fa541d2c7e45346f317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ef:1d:fe:c9:e9:e0:ed:a9:80:cf:80:69:5c:
fc:65:06:ed:ef:0e:2d:d7:01:64:6f:f4:8b:46:04:
0d:da:85:c8:17:5e:5e:8c:1f:e0:5c:5b:fa:5d:d7:
7c:72:9b:6f:d7:1c:b3:21:22:ce:e2:5e:27:08:89:
41:c3:e3:37:ad:56:48:72:15:2e:ec:59:62:3f:99:
9f:f0:c5:c5:8c:b5:c1:16:65:b5:b2:94:27:28:f0:
e8:d4:82:2f:4c:e0:b8:ed:a8:26:5d:c5:28:72:44:
d8:1f:81:fe:3b:ff:a2:89:58:20:82:f0:2d:8b:1a:
25:f1:ef:d5:57:d5:70:44:b8:c3:cd:14:d9:6a:e6:
50:6f:ca:cd:be:cb:d7:d6:05:54:a0:63:dc:c8:e5:
10:cd:a7:13:06:51:81:a7:12:fc:05:13:99:2f:bd:
d8:fb:4a:ee:33:c1:2d:0b:cb:08:8a:83:6c:55:fc:
54:1a:d8:da:53:9e:6e:d9:23:8e:65:ef:ab:77:20:
1c:83:a7:c7:08:83:b4:8d:e5:10:01:1b:43:2f:bc:
eb:b1:e4:77:86:f8:71:74:7a:7f:1f:76:ac:fa:bc:
3f:73:a6:82:42:f9:f2:88:28:9f:32:ec:90:79:6e:
e0:8c:ff:91:7e:ba:0e:ff:96:98:ed:03:55:30:be:
07:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BB:70:E7:EE:01:65:2C:D8:23:0F:A5:41:D2:C7:E4:53:46:F3:17
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-Ltw5-4BZSzYIw-lQdLH5FNG8xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.136.0/22
88.216.21.0/24
88.216.98.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/24
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:97:d0:43:b1:30:c6:49:d6:bf:a1:76:a3:02:32:53:a9:78:
8a:d7:c4:13:be:55:81:20:e7:39:67:11:06:ba:60:99:09:31:
b7:56:82:8b:59:1e:fc:90:cd:e0:26:4c:01:c9:97:bd:bc:fc:
73:a1:7a:e4:00:3a:68:88:b0:9c:47:da:ef:e5:7c:cd:fe:cc:
b7:a8:23:8c:5e:3e:d5:e0:70:2e:b4:c8:61:09:4d:fa:41:60:
03:0d:8d:05:92:f7:0b:c7:da:91:03:4f:75:56:c7:78:48:35:
4a:07:f9:97:44:13:61:6b:96:c2:57:ab:15:70:54:64:2e:7d:
ce:2b:45:2c:69:cb:0c:7d:5d:5c:db:18:36:8b:ef:92:66:78:
73:98:7c:a5:a8:6d:d4:70:07:6c:56:9e:66:9f:e3:45:f9:00:
2b:cb:9b:d8:8a:2a:fe:ad:29:5d:43:36:8e:7c:e8:91:77:d2:
82:8e:c7:e6:18:46:c1:72:c7:ab:98:ae:e2:2c:c8:f4:6d:b9:
91:7b:dc:18:e4:73:ba:16:1a:80:70:22:9b:46:e9:c1:04:11:
d8:4b:c0:93:4d:1e:c5:ae:84:ad:50:31:f3:d6:fa:5c:0d:89:
14:47:13:2e:c7:1b:24:2e:66:24:3c:a7:af:ff:0d:a0:bf:0a:
f4:30:9b:40
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZ4+gsIT75xWNqMw8Wta+Z9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNTE5MDQzMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJiNzBlN2VlMDE2NTJjZDgyMzBmYTU0MWQyYzdlNDUzNDZmMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO8d/snp4O2pgM+AaVz8ZQbt7w4t
1wFkb/SLRgQN2oXIF15ejB/gXFv6Xdd8cptv1xyzISLO4l4nCIlBw+M3rVZIchUu
7FliP5mf8MXFjLXBFmW1spQnKPDo1IIvTOC47agmXcUockTYH4H+O/+iiVgggvAt
ixol8e/VV9VwRLjDzRTZauZQb8rNvsvX1gVUoGPcyOUQzacTBlGBpxL8BROZL73Y
+0ruM8EtC8sIioNsVfxUGtjaU55u2SOOZe+rdyAcg6fHCIO0jeUQARtDL7zrseR3
hvhxdHp/H3as+rw/c6aCQvnyiCifMuyQeW7gjP+RfroO/5aY7QNVML4HYQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFPi7cOfuAWUs2CMPpUHSx+RTRvMXMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1MdHc1LTRCWlN6WUl3LWxRZExINUZORzh4Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBJBggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFQgBgME
AlQgiAMEAFjYFQMEAFjYYgMEAFjYZwMEAFjYuQMEAFjY1AMEAljY+DANBgkqhkiG
9w0BAQsFAAOCAQEADZfQQ7EwxknWv6F2owIyU6l4itfEE75VgSDnOWcRBrpgmQkx
t1aCi1ke/JDN4CZMAcmXvbz8c6F65AA6aIiwnEfa7+V8zf7Mt6gjjF4+1eBwLrTI
YQlN+kFgAw2NBZL3C8fakQNPdVbHeEg1Sgf5l0QTYWuWwlerFXBUZC59zitFLGnL
DH1dXNsYNovvkmZ4c5h8paht1HAHbFaeZp/jRfkAK8ub2Ioq/q0pXUM2jnzokXfS
go7H5hhGwXLHq5iu4izI9G25kXvcGORzuhYagHAim0bpwQQR2EvAk00exa6ErVAx
89b6XA2JFEcTLscbJC5mJDynr/8NoL8K9DCbQA==
-----END CERTIFICATE-----
Generated at Mon May 25 06:42:43 2026 by rpki-client