Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-SemJbjwLiZ3XaNoPZMOF18Y55Q.roa
File: 1-SemJbjwLiZ3XaNoPZMOF18Y55Q.roa (raw, json)
Hash identifier: z13BPMB8SOiNbhJ+hXVPAtNgE7JoxWWIOEkRG8MtFyk=
Subject key identifier: F9:27:A6:25:B8:F0:2E:26:77:5D:A3:68:3D:93:0E:17:5F:18:E7:94
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0199347DFC38646A735E9794714D7C5FED04
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-SemJbjwLiZ3XaNoPZMOF18Y55Q.roa
Signing time: Wed 10 Sep 2025 16:38:15 +0000
ROA not before: Wed 10 Sep 2025 16:38:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 84.32.108.0/24 maxlen: 24
84.32.109.0/24 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:7d:fc:38:64:6a:73:5e:97:94:71:4d:7c:5f:ed:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 10 16:38:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f927a625b8f02e26775da3683d930e175f18e794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:94:24:a5:66:85:77:4c:75:ce:89:33:6c:38:
b5:0e:a3:88:95:6d:d3:f0:02:f1:43:40:13:6e:63:
02:7c:bc:ba:b1:87:68:48:5f:92:cf:f7:6d:76:96:
af:d1:29:c7:6a:72:85:0f:44:a6:0d:f8:fe:07:a6:
c0:8e:4d:dd:6b:8b:94:be:c4:44:41:5c:56:68:55:
d9:d6:b3:1a:18:6a:ee:3f:b0:ed:fc:83:11:73:64:
d8:12:79:08:53:03:4c:41:c0:63:14:2d:83:7f:71:
b5:4d:19:4f:dd:25:a9:9d:b4:c2:8a:95:43:f9:4d:
e4:19:fe:61:de:10:ef:c1:f5:ee:40:94:5e:fb:2d:
98:b7:30:b1:49:47:ad:53:6f:c6:b5:13:72:5f:de:
5f:f9:5a:c9:b1:aa:b8:eb:bc:59:e0:cf:30:fd:2a:
ea:be:0d:28:47:1f:60:7a:60:c9:70:81:b8:87:52:
e8:44:f4:06:c9:59:b9:ab:e8:ca:6e:b2:94:93:3f:
b7:9e:0a:57:da:c0:10:d6:10:86:50:ec:42:bb:8f:
12:c7:3e:5b:40:ac:91:e2:ab:0e:5a:c3:46:77:db:
47:85:5e:ba:32:18:bd:06:d9:8a:19:85:9e:8d:4b:
ae:c0:ec:92:cd:af:c9:41:da:38:f3:36:9d:a2:d2:
1f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:27:A6:25:B8:F0:2E:26:77:5D:A3:68:3D:93:0E:17:5F:18:E7:94
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-SemJbjwLiZ3XaNoPZMOF18Y55Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.108.0-84.32.110.255
84.32.176.0/24
88.216.184.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
92:3e:af:45:42:c4:d6:89:84:d5:cc:b3:f9:54:ea:98:8c:62:
9e:4e:b8:cb:e7:26:4d:e9:d1:31:f1:fb:56:b9:31:c0:dc:d8:
0d:01:6e:65:29:2a:b9:8c:77:87:8a:e6:66:af:ea:e1:7c:2e:
bc:52:e7:6d:d0:12:f5:4f:dd:c1:b6:83:8a:69:5e:71:c1:27:
8b:7c:ac:16:fb:1f:f1:25:19:d8:be:f3:b8:ba:c8:41:11:c7:
0c:56:8c:ad:f2:9f:87:d9:0f:58:fa:52:51:53:99:6d:82:14:
32:4d:00:15:e1:3b:2a:7e:30:f0:88:0b:ab:74:ab:75:e0:ec:
70:8b:78:8b:d3:16:41:36:ce:9e:98:d2:e7:01:27:b8:99:36:
48:93:8d:f3:67:38:f8:db:f6:4d:b8:ea:cc:95:cd:67:07:74:
67:8d:c7:5f:80:f4:4a:ee:91:74:b6:74:25:d9:3d:50:6d:22:
a0:af:e3:5a:7a:eb:66:dc:f6:4b:ed:22:4c:54:e9:40:e3:d4:
ca:25:7a:88:06:5b:87:5c:dd:c7:c2:b4:c0:f0:35:4a:0a:1f:
d6:e5:f3:18:5d:38:ee:a5:fe:fa:b9:0e:40:85:11:3d:96:d7:
3e:d3:60:f1:61:34:18:80:c5:b1:11:8a:1e:fa:f6:ec:a1:2f:
ec:ad:ab:ac
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZk0ffw4ZGpzXpeUcU18X+0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwOTEwMTYzODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTI3YTYyNWI4ZjAyZTI2Nzc1ZGEzNjgzZDkzMGUxNzVmMThlNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5QkpWaFd0x1zokzbDi1DqOIlW3T
8ALxQ0ATbmMCfLy6sYdoSF+Sz/dtdpav0SnHanKFD0SmDfj+B6bAjk3da4uUvsRE
QVxWaFXZ1rMaGGruP7Dt/IMRc2TYEnkIUwNMQcBjFC2Df3G1TRlP3SWpnbTCipVD
+U3kGf5h3hDvwfXuQJRe+y2YtzCxSUetU2/GtRNyX95f+VrJsaq467xZ4M8w/Srq
vg0oRx9gemDJcIG4h1LoRPQGyVm5q+jKbrKUkz+3ngpX2sAQ1hCGUOxCu48Sxz5b
QKyR4qsOWsNGd9tHhV66Mhi9BtmKGYWejUuuwOySza/JQdo48zadotIfGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPknpiW48C4md12jaD2TDhdfGOeUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1TZW1KYmp3TGlaM1hhTm9QWk1PRjE4WTU1US5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQCVCBs
AwQAVCBuAwQAVCCwAwQAWNi4AwQAWNjTMA0GCSqGSIb3DQEBCwUAA4IBAQCSPq9F
QsTWiYTVzLP5VOqYjGKeTrjL5yZN6dEx8ftWuTHA3NgNAW5lKSq5jHeHiuZmr+rh
fC68Uudt0BL1T93BtoOKaV5xwSeLfKwW+x/xJRnYvvO4ushBEccMVoyt8p+H2Q9Y
+lJRU5ltghQyTQAV4TsqfjDwiAurdKt14Oxwi3iL0xZBNs6emNLnASe4mTZIk43z
Zzj42/ZNuOrMlc1nB3RnjcdfgPRK7pF0tnQl2T1QbSKgr+Naeutm3PZL7SJMVOlA
49TKJXqIBluHXN3HwrTA8DVKCh/W5fMYXTjupf76uQ5AhRE9ltc+02DxYTQYgMWx
EYoe+vbsoS/sraus
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:22 2025 by rpki-client