Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B9MqUzkdlXc5DccXH38fbMIkYg0.roa
File: B9MqUzkdlXc5DccXH38fbMIkYg0.roa (raw, json)
Hash identifier: NT2ZFcwQlDVuY3fpF2knSWSL5VNSM776iNqraDnLcJ0=
Subject key identifier: 07:D3:2A:53:39:1D:95:77:39:0D:C7:17:1F:7F:1F:6C:C2:24:62:0D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019E3E82C308485199AC51CCA74F2D77AA2F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B9MqUzkdlXc5DccXH38fbMIkYg0.roa
Signing time: Tue 19 May 2026 04:33:37 +0000
ROA not before: Tue 19 May 2026 04:33:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:82:c3:08:48:51:99:ac:51:cc:a7:4f:2d:77:aa:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 04:33:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07d32a53391d9577390dc7171f7f1f6cc224620d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:a7:00:f3:11:62:63:fb:1d:af:49:7d:a9:
9c:16:1e:d0:c0:ed:24:27:fe:f5:7f:8c:49:7f:ff:
05:a4:f5:28:aa:63:99:f8:20:d6:7b:87:77:d1:bb:
7e:ef:81:34:cf:74:8b:2b:d0:0e:de:c2:cd:f7:d7:
1c:55:82:7e:a9:bc:78:a4:cc:44:80:75:7f:b9:6a:
3e:69:9f:df:10:f1:01:99:24:ee:00:24:8a:07:43:
a5:fc:bb:92:7a:0b:4b:b2:9c:fa:41:04:3b:5a:26:
f9:be:3d:84:42:09:2b:54:fc:0f:c6:da:f5:b6:f8:
95:b9:d3:b0:43:5e:ed:e4:91:b8:0e:ef:58:30:cf:
65:6a:bc:35:ae:f1:15:49:8c:6f:be:68:0f:81:e9:
2e:16:26:06:c6:ed:24:20:28:0b:ab:9e:3b:9c:b0:
44:a5:1d:46:3d:cf:ca:4d:3c:27:28:46:fc:4c:cd:
19:11:46:da:3a:9d:55:a0:e8:b6:a8:27:59:ed:07:
27:3e:f1:86:58:63:76:ca:52:bf:70:a3:c6:6c:e8:
6d:c6:d5:4e:7f:13:d7:ff:4d:2a:ad:29:91:1e:2f:
db:8c:19:b5:93:bc:17:a5:da:1d:38:72:39:31:1b:
f2:31:76:ef:0c:d0:b0:fc:6e:6b:94:e5:ef:58:59:
51:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D3:2A:53:39:1D:95:77:39:0D:C7:17:1F:7F:1F:6C:C2:24:62:0D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B9MqUzkdlXc5DccXH38fbMIkYg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.21.0/24
88.216.103.0/24
88.216.185.0/24
88.216.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:2c:ed:9a:43:27:0c:bf:1d:ee:a1:b0:98:9e:1d:5d:24:2e:
30:0f:97:cb:46:9f:4c:f2:f3:60:80:e0:9d:8c:52:8f:eb:15:
b8:32:0a:dd:4d:46:07:a2:74:48:b8:2c:7f:c2:f5:a1:16:c8:
aa:39:6e:99:19:1d:33:4e:75:e2:1d:9c:df:31:f9:75:0e:5c:
46:03:a9:42:4b:c2:96:07:9f:41:32:6a:a4:3d:b3:59:2f:a2:
0b:66:90:9c:ae:90:d2:76:84:48:df:2e:4f:21:f2:0f:71:6f:
2d:a8:59:1e:46:5c:a2:51:a1:0c:bd:6e:02:4a:e9:42:72:ae:
9e:7b:82:33:64:81:76:76:94:1b:f6:89:76:e1:aa:1a:db:98:
7a:2d:aa:c7:19:44:03:f0:34:f5:ad:fc:37:88:e1:a0:06:ea:
f0:75:4b:43:fd:d7:e7:14:1b:1e:49:af:44:30:3c:64:04:d5:
bc:b2:af:64:7f:86:be:c6:07:6d:55:2d:7b:84:74:c6:c8:95:
43:ab:41:75:f7:e8:51:18:0f:f2:5c:d0:30:be:22:dc:31:67:
49:fd:d8:f2:00:1b:61:82:c8:a6:32:56:02:09:19:62:3a:b1:
43:50:b1:c9:26:20:51:0a:54:9f:61:63:50:79:99:94:a2:10:
2d:0e:84:d2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4+gsMISFGZrFHMp08td6ovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNTE5MDQzMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2QzMmE1MzM5MWQ5NTc3MzkwZGM3MTcxZjdmMWY2Y2MyMjQ2MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEOnAPMRYmP7Ha9JfamcFh7QwO0k
J/71f4xJf/8FpPUoqmOZ+CDWe4d30bt+74E0z3SLK9AO3sLN99ccVYJ+qbx4pMxE
gHV/uWo+aZ/fEPEBmSTuACSKB0Ol/LuSegtLspz6QQQ7Wib5vj2EQgkrVPwPxtr1
tviVudOwQ17t5JG4Du9YMM9larw1rvEVSYxvvmgPgekuFiYGxu0kICgLq547nLBE
pR1GPc/KTTwnKEb8TM0ZEUbaOp1VoOi2qCdZ7QcnPvGGWGN2ylK/cKPGbOhtxtVO
fxPX/00qrSmRHi/bjBm1k7wXpdodOHI5MRvyMXbvDNCw/G5rlOXvWFlRUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAfTKlM5HZV3OQ3HFx9/H2zCJGINMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQjlNcVV6a2RsWGM1RGNjWEgzOGZiTUlrWWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCA4AwQA
WNgVAwQAWNhnAwQAWNi5AwQAWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQCdLO2aQycM
vx3uobCYnh1dJC4wD5fLRp9M8vNggOCdjFKP6xW4MgrdTUYHonRIuCx/wvWhFsiq
OW6ZGR0zTnXiHZzfMfl1DlxGA6lCS8KWB59BMmqkPbNZL6ILZpCcrpDSdoRI3y5P
IfIPcW8tqFkeRlyiUaEMvW4CSulCcq6ee4IzZIF2dpQb9ol24aoa25h6LarHGUQD
8DT1rfw3iOGgBurwdUtD/dfnFBseSa9EMDxkBNW8sq9kf4a+xgdtVS17hHTGyJVD
q0F19+hRGA/yXNAwviLcMWdJ/djyABthgsimMlYCCRliOrFDULHJJiBRClSfYWNQ
eZmUohAtDoTS
-----END CERTIFICATE-----
Generated at Wed Jun 3 23:21:25 2026 by rpki-client