Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SGq5d0i8iDVzptltz-kvglU9jKw.roa
File: SGq5d0i8iDVzptltz-kvglU9jKw.roa (raw, json)
Hash identifier: lKOPbE9j9HKvWnt2iDyxTIpJLzeWLNwOv52WKCmZgaI=
Subject key identifier: 48:6A:B9:77:48:BC:88:35:73:A6:D9:6D:CF:E9:2F:82:55:3D:8C:AC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0195CD215A5593B52843DE1A6D2DA35D5438
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SGq5d0i8iDVzptltz-kvglU9jKw.roa
Signing time: Tue 25 Mar 2025 11:47:49 +0000
ROA not before: Tue 25 Mar 2025 11:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 84.32.7.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.174.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
88.216.66.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cd:21:5a:55:93:b5:28:43:de:1a:6d:2d:a3:5d:54:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 25 11:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=486ab97748bc883573a6d96dcfe92f82553d8cac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a1:32:0f:07:c2:09:0a:8c:67:2a:7d:60:87:
4b:63:23:41:4c:ef:8b:b0:67:b5:3d:6a:e6:37:6c:
26:a9:91:f5:19:bd:86:85:2b:90:b8:dc:d1:60:0f:
71:db:f2:80:f2:c8:3d:9c:27:43:a7:84:0a:ae:8e:
08:c0:63:e3:3d:7e:93:68:c8:a2:8d:87:5c:e2:1f:
f9:8d:ef:df:66:de:cf:75:de:c6:6e:2e:b7:94:da:
5b:ba:90:3d:a6:d5:65:9e:ef:cc:08:56:f3:15:e7:
d1:92:27:b9:97:df:70:18:61:d0:a2:fc:75:a3:6c:
22:23:f2:e6:1b:61:4e:53:78:e2:83:fb:0c:25:6b:
f0:92:a5:e7:58:14:2e:c5:39:05:df:64:23:66:94:
de:bd:0d:fe:cd:0e:de:43:e7:12:71:53:81:38:97:
2a:8d:b4:b2:21:a1:93:7b:36:64:fc:73:e2:70:25:
71:82:5b:d6:ea:de:d0:38:4a:72:03:32:7d:15:32:
b5:0a:64:1f:46:c8:12:0f:b2:0b:31:5a:f6:1f:34:
dc:17:a9:88:eb:25:29:3d:79:f1:75:2b:7a:de:8c:
57:ae:90:1f:28:c9:38:02:e4:3a:aa:47:8b:a9:b1:
9d:9b:71:3a:a8:c4:85:23:bf:d3:22:96:fe:c6:c8:
31:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:6A:B9:77:48:BC:88:35:73:A6:D9:6D:CF:E9:2F:82:55:3D:8C:AC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SGq5d0i8iDVzptltz-kvglU9jKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0-84.32.8.255
84.32.20.0/22
84.32.46.0/23
84.32.59.0/24
84.32.148.0/22
84.32.174.0/23
84.32.214.0/23
84.32.244.0/22
88.216.22.0/23
88.216.44.0/23
88.216.66.0/23
88.216.93.0/24
88.216.130.0/23
88.216.134.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:eb:39:c6:ce:d9:bd:b0:fb:6e:6a:64:8c:12:64:53:48:40:
63:a6:97:d4:c5:eb:d2:2d:b9:c3:be:13:49:a1:02:19:f3:52:
71:86:96:12:01:73:e1:66:e6:f4:e2:8c:8a:1d:c0:fb:51:f0:
97:dc:4d:2e:8c:f0:d5:ae:33:f9:cf:de:2c:29:0a:9e:b9:97:
44:d8:0a:0d:49:bc:d8:29:79:7e:be:58:01:0d:9a:6f:52:24:
dc:71:3e:30:50:40:01:f2:ee:cd:44:2c:93:72:79:7a:85:73:
68:61:2c:8b:5c:1b:46:e9:5b:a9:6f:cf:45:a4:2b:c5:fd:54:
5d:0f:bf:bc:8f:1e:a8:e5:af:32:9b:e7:43:aa:35:36:df:00:
7a:93:1c:0c:ac:81:1e:98:87:e9:00:7b:2f:f8:80:7d:b1:e7:
f7:aa:17:4f:ab:fb:eb:cd:0f:4c:f5:1a:28:bf:7f:c2:4c:f3:
5a:3b:01:2d:8e:ba:60:fa:89:86:8f:d6:ad:b7:da:6e:31:7b:
21:71:ec:aa:4d:cb:ec:68:44:23:d7:8e:a3:bc:81:8a:92:17:
65:70:ca:79:f2:61:26:bd:aa:8b:99:97:80:51:9f:6a:16:08:
39:15:5a:4c:7f:d1:7e:36:ed:d2:8f:ca:f6:17:3b:ea:a9:26:
92:41:f9:c3
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZXNIVpVk7UoQ94abS2jXVQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMzI1MTE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODZhYjk3NzQ4YmM4ODM1NzNhNmQ5NmRjZmU5MmY4MjU1M2Q4Y2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKEyDwfCCQqMZyp9YIdLYyNBTO+L
sGe1PWrmN2wmqZH1Gb2GhSuQuNzRYA9x2/KA8sg9nCdDp4QKro4IwGPjPX6TaMii
jYdc4h/5je/fZt7Pdd7Gbi63lNpbupA9ptVlnu/MCFbzFefRkie5l99wGGHQovx1
o2wiI/LmG2FOU3jig/sMJWvwkqXnWBQuxTkF32QjZpTevQ3+zQ7eQ+cScVOBOJcq
jbSyIaGTezZk/HPicCVxglvW6t7QOEpyAzJ9FTK1CmQfRsgSD7ILMVr2HzTcF6mI
6yUpPXnxdSt63oxXrpAfKMk4AuQ6qkeLqbGdm3E6qMSFI7/TIpb+xsgxdQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFEhquXdIvIg1c6bZbc/pL4JVPYysMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU0dxNWQwaThpRFZ6cHRsdHota3ZnbFU5akt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBABUIAcD
BABUIAgDBAJUIBQDBAFUIC4DBABUIDsDBAJUIJQDBAFUIK4DBAFUINYDBAJUIPQD
BAFY2BYDBAFY2CwDBAFY2EIDBABY2F0DBAFY2IIDBAFY2IYwDQYJKoZIhvcNAQEL
BQADggEBAE7rOcbO2b2w+25qZIwSZFNIQGOml9TF69ItucO+E0mhAhnzUnGGlhIB
c+Fm5vTijIodwPtR8JfcTS6M8NWuM/nP3iwpCp65l0TYCg1JvNgpeX6+WAENmm9S
JNxxPjBQQAHy7s1ELJNyeXqFc2hhLItcG0bpW6lvz0WkK8X9VF0Pv7yPHqjlrzKb
50OqNTbfAHqTHAysgR6Yh+kAey/4gH2x5/eqF0+r++vND0z1Gii/f8JM81o7AS2O
umD6iYaP1q232m4xeyFx7KpNy+xoRCPXjqO8gYqSF2VwynnyYSa9qouZl4BRn2oW
CDkVWkx/0X427dKPyvYXO+qpJpJB+cM=
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:16:53 2025 by rpki-client