Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3Unt0m558N4PAHFV-46eUwT5ANA.roa
File: 3Unt0m558N4PAHFV-46eUwT5ANA.roa (raw, json)
Hash identifier: o5N5WzEc4afHu7+xSVr74J1kdKxNQWSBssWF55iNmTE=
Subject key identifier: DD:49:ED:D2:6E:79:F0:DE:0F:00:71:55:FB:8E:9E:53:04:F9:00:D0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0198FC0C8873CB84EB378019AD3F4C3B69F9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3Unt0m558N4PAHFV-46eUwT5ANA.roa
Signing time: Sat 30 Aug 2025 17:35:36 +0000
ROA not before: Sat 30 Aug 2025 17:35:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.48.0/22 maxlen: 24
84.32.104.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.151.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.217.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.60.0/22 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.70.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 01:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:fc:0c:88:73:cb:84:eb:37:80:19:ad:3f:4c:3b:69:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 30 17:35:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd49edd26e79f0de0f007155fb8e9e5304f900d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1e:e9:57:68:d8:af:0b:fd:5e:e9:1f:1f:04:
79:94:29:3a:ca:8d:f9:05:21:47:cd:d6:68:f4:3e:
2f:de:6a:79:88:f9:4b:c1:74:ba:e1:68:fd:cf:66:
77:94:16:d9:a3:e1:2e:48:15:dd:30:40:1a:63:c8:
10:c2:ca:2e:6f:17:f5:f6:70:bd:fd:7d:0f:bd:e4:
c2:3e:5d:59:f9:1e:46:18:7b:4d:ea:99:99:53:2f:
83:da:c6:d3:22:82:9b:23:b7:53:f1:6e:75:70:13:
8e:71:bf:68:b6:73:16:0a:e6:38:11:eb:6f:13:e5:
df:4c:46:d6:f9:a9:7e:b9:8f:f5:a7:cd:e6:34:49:
c1:f0:57:52:5d:26:0f:26:10:85:d5:2c:a7:b4:a3:
01:78:67:cb:23:bf:e5:f3:75:83:a8:29:03:c5:d7:
26:e7:39:d3:74:9e:c1:87:f7:41:0b:1c:48:36:8c:
25:29:f3:7b:c6:16:0a:b3:8a:c9:37:35:e5:99:81:
34:93:a7:0d:7a:75:3f:6d:4d:60:1a:1f:d9:99:71:
6c:59:de:c6:f0:eb:2c:38:f8:d7:7a:34:c8:04:3a:
01:fd:9c:29:41:99:b7:34:0e:dd:50:37:d3:cc:0a:
75:0d:34:10:25:2c:57:82:fd:4b:6c:c0:34:b3:c4:
15:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:49:ED:D2:6E:79:F0:DE:0F:00:71:55:FB:8E:9E:53:04:F9:00:D0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3Unt0m558N4PAHFV-46eUwT5ANA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0-84.32.51.255
84.32.104.0/24
84.32.148.0/22
84.32.174.0-84.32.176.255
84.32.214.0/23
84.32.217.0/24
84.32.223.0/24
84.32.230.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.60.0/22
88.216.66.0/23
88.216.70.0/24
88.216.90.0/24
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
88.216.184.0/24
88.216.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:2d:6c:df:b2:b1:03:2e:b0:b4:ab:01:a9:70:eb:bf:09:33:
92:ab:26:b9:b7:38:d4:97:0f:57:82:15:45:a4:a3:23:1b:82:
b9:3d:e4:68:45:58:22:c4:af:83:76:11:09:f5:f6:80:d4:ac:
fe:8c:20:2c:1b:90:5a:87:ea:f2:1f:c2:79:4a:6f:22:d2:40:
62:4f:5c:f6:cd:cc:c0:e2:14:b9:50:e4:4d:da:7e:ed:8c:76:
2e:24:ed:de:3b:d9:65:ab:c0:d5:c6:e5:10:12:91:c4:50:50:
a5:b8:50:1f:7c:71:7f:9c:86:66:86:5c:4e:1f:78:13:6f:66:
2b:05:be:34:98:cb:0e:66:8e:14:86:6a:95:7e:5a:9e:f8:a2:
7d:0c:9b:69:43:73:87:1d:df:bb:d8:fe:82:b7:8b:03:ae:a0:
a1:c1:76:d7:11:fc:03:03:8a:52:86:4e:e6:a4:29:d0:39:b2:
13:ef:73:34:d0:1e:bf:ed:05:13:e0:d1:ec:4e:6c:46:0a:05:
5c:2e:3f:75:52:2e:66:1b:0b:64:96:7a:6f:65:8e:22:39:1b:
93:f4:5f:28:1d:b3:44:5c:2b:86:83:92:b4:c9:08:f4:b3:65:
f5:59:54:a2:29:45:7c:82:a1:74:ec:a8:c3:80:53:3a:14:5b:
26:bd:d4:44
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZj8DIhzy4TrN4AZrT9MO2n5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwODMwMTczNTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ5ZWRkMjZlNzlmMGRlMGYwMDcxNTVmYjhlOWU1MzA0ZjkwMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth7pV2jYrwv9XukfHwR5lCk6yo35
BSFHzdZo9D4v3mp5iPlLwXS64Wj9z2Z3lBbZo+EuSBXdMEAaY8gQwsoubxf19nC9
/X0PveTCPl1Z+R5GGHtN6pmZUy+D2sbTIoKbI7dT8W51cBOOcb9otnMWCuY4Eetv
E+XfTEbW+al+uY/1p83mNEnB8FdSXSYPJhCF1SyntKMBeGfLI7/l83WDqCkDxdcm
5znTdJ7Bh/dBCxxINowlKfN7xhYKs4rJNzXlmYE0k6cNenU/bU1gGh/ZmXFsWd7G
8OssOPjXejTIBDoB/ZwpQZm3NA7dUDfTzAp1DTQQJSxXgv1LbMA0s8QVnQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFN1J7dJuefDeDwBxVfuOnlME+QDQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM1VudDBtNTU4TjRQQUhGVi00NmVVd1Q1QU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwwDAME
AFQgBwMEAFQgCAMEAlQgFDAMAwQBVCAuAwQCVCAwAwQAVCBoAwQCVCCUMAwDBAFU
IK4DBABUILADBAFUINYDBABUINkDBABUIN8DBAFUIOYDBAJUIPQDBAFY2BYDBAFY
2CwDBAJY2DwDBAFY2EIDBABY2EYDBABY2FoDBABY2F0DBAFY2IIDBAFY2IYDBABY
2LgDBABY2NMwDQYJKoZIhvcNAQELBQADggEBAE4tbN+ysQMusLSrAalw678JM5Kr
Jrm3ONSXD1eCFUWkoyMbgrk95GhFWCLEr4N2EQn19oDUrP6MICwbkFqH6vIfwnlK
byLSQGJPXPbNzMDiFLlQ5E3afu2Mdi4k7d472WWrwNXG5RASkcRQUKW4UB98cX+c
hmaGXE4feBNvZisFvjSYyw5mjhSGapV+Wp74on0Mm2lDc4cd37vY/oK3iwOuoKHB
dtcR/AMDilKGTuakKdA5shPvczTQHr/tBRPg0exObEYKBVwuP3VSLmYbC2SWem9l
jiI5G5P0Xygds0RcK4aDkrTJCPSzZfVZVKIpRXyCoXTsqMOAUzoUWya91EQ=
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:18:37 2025 by rpki-client