Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_QJkKfnCY_fLXy9dCbr8eKl8X-8.roa
File: _QJkKfnCY_fLXy9dCbr8eKl8X-8.roa (raw, json)
Hash identifier: /Wv1K2UKj2MhQzW30zeE6UxKUVwtXEerX+TvGD84sFg=
Subject key identifier: FD:02:64:29:F9:C2:63:F7:CB:5F:2F:5D:09:BA:FC:78:A9:7C:5F:EF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01942826BA54A7C740E07DC62B87ED3FD2CA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_QJkKfnCY_fLXy9dCbr8eKl8X-8.roa
Signing time: Thu 02 Jan 2025 17:53:34 +0000
ROA not before: Thu 02 Jan 2025 17:53:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 02:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:ba:54:a7:c7:40:e0:7d:c6:2b:87:ed:3f:d2:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 2 17:53:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd026429f9c263f7cb5f2f5d09bafc78a97c5fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:0b:ae:0f:d5:d5:d9:bf:38:02:59:6f:da:
8c:8d:8a:e1:f2:63:43:d3:00:38:ff:7a:fe:57:9e:
e8:e4:f7:a7:9d:cc:01:23:38:4b:a0:73:e4:6d:4f:
0a:70:ee:51:ca:9a:40:a6:0f:ce:8e:4b:9a:bd:b7:
f8:44:12:1d:fc:86:83:15:2e:e7:1c:68:82:d4:83:
86:00:83:6e:98:5f:b1:a3:e8:d6:60:17:a0:e1:f9:
18:83:6b:1e:1e:8c:cd:65:3e:e3:6e:3d:9a:c3:8c:
c9:c7:bb:70:30:b6:d1:fe:42:cb:00:ff:72:b7:74:
7a:87:51:d4:81:00:1c:95:6b:0e:ea:95:ea:ca:07:
c1:be:ce:00:ec:e0:18:eb:59:11:06:b8:58:53:81:
2e:d4:62:73:7a:72:1e:ec:a6:24:29:f5:62:f7:98:
ec:f0:c0:f3:90:50:9a:67:62:20:1e:16:b6:ee:c9:
44:e6:b5:83:fd:29:16:85:1a:63:2e:03:8d:d2:8a:
6e:7a:8d:4a:f9:2c:56:a2:ba:24:b0:b7:a9:9e:ff:
3b:1e:80:9f:cb:9e:05:94:e8:b5:68:a9:ca:90:d5:
5d:3f:ef:f1:c1:70:10:bb:84:80:ae:46:41:1d:d9:
2d:43:42:09:ae:50:c6:ee:2a:ba:e3:24:b7:fa:cd:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:02:64:29:F9:C2:63:F7:CB:5F:2F:5D:09:BA:FC:78:A9:7C:5F:EF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_QJkKfnCY_fLXy9dCbr8eKl8X-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.184.0/23
88.216.211.0-88.216.213.255
Signature Algorithm: sha256WithRSAEncryption
7a:39:be:a3:e5:fb:0f:41:da:44:4d:af:2d:59:fe:e7:b8:48:
ba:77:61:51:05:10:0a:94:c7:74:2f:06:27:bb:57:dc:85:91:
23:74:f9:43:dc:94:13:b4:6e:e9:65:c5:b5:70:40:fd:3d:2f:
a9:b9:3a:ba:0b:a5:a7:ec:f5:17:69:45:50:8a:66:0e:c9:74:
a6:d6:19:13:91:fb:08:a2:26:4d:5b:01:4d:69:df:5f:6c:a2:
7a:59:1c:ca:f0:f7:66:33:7b:06:1e:d3:c8:51:29:c6:b8:1f:
4a:d2:38:d8:64:b3:ba:f7:bc:fe:39:f6:55:c2:4c:64:fa:8a:
08:30:e6:a5:4a:19:9f:2c:4a:34:1d:18:31:57:bc:34:39:f9:
d1:8d:db:b4:8c:dd:c0:19:85:d6:d1:ce:53:1e:e9:49:93:cd:
41:75:4a:df:dd:89:c5:22:57:30:52:5c:5c:bb:e8:c0:c6:8c:
c3:56:7b:73:4a:ca:2e:eb:a1:76:62:10:28:1f:d5:fe:8a:0b:
89:5a:e7:8b:5d:e1:3a:f8:e6:64:9c:76:f5:9b:12:30:c8:94:
d1:c1:e7:98:88:e9:a5:bf:c3:88:ae:8a:ae:10:a5:7e:f5:fa:
51:51:70:16:90:53:51:c2:36:db:14:25:09:9a:23:a2:66:56:
d2:ff:0d:2e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQoJrpUp8dA4H3GK4ftP9LKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjUwMTAyMTc1MzM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDAyNjQyOWY5YzI2M2Y3Y2I1ZjJmNWQwOWJhZmM3OGE5N2M1ZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3QLrg/V1dm/OAJZb9qMjYrh8mND
0wA4/3r+V57o5PenncwBIzhLoHPkbU8KcO5RyppApg/Ojkuavbf4RBId/IaDFS7n
HGiC1IOGAINumF+xo+jWYBeg4fkYg2seHozNZT7jbj2aw4zJx7twMLbR/kLLAP9y
t3R6h1HUgQAclWsO6pXqygfBvs4A7OAY61kRBrhYU4Eu1GJzenIe7KYkKfVi95js
8MDzkFCaZ2IgHha27slE5rWD/SkWhRpjLgON0opueo1K+SxWoroksLepnv87HoCf
y54FlOi1aKnKkNVdP+/xwXAQu4SArkZBHdktQ0IJrlDG7iq64yS3+s1XfQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP0CZCn5wmP3y18vXQm6/HipfF/vMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX1FKa0tmbkNZX2ZMWHk5ZENicjhlS2w4WC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCA4AwQB
WNgUAwQAWNhnAwQBWNi4MAwDBABY2NMDBAFY2NQwDQYJKoZIhvcNAQELBQADggEB
AHo5vqPl+w9B2kRNry1Z/ue4SLp3YVEFEAqUx3QvBie7V9yFkSN0+UPclBO0bull
xbVwQP09L6m5OroLpafs9RdpRVCKZg7JdKbWGROR+wiiJk1bAU1p319sonpZHMrw
92YzewYe08hRKca4H0rSONhks7r3vP459lXCTGT6iggw5qVKGZ8sSjQdGDFXvDQ5
+dGN27SM3cAZhdbRzlMe6UmTzUF1St/dicUiVzBSXFy76MDGjMNWe3NKyi7roXZi
ECgf1f6KC4la54td4Tr45mScdvWbEjDIlNHB55iI6aW/w4iuiq4QpX71+lFRcBaQ
U1HCNtsUJQmaI6JmVtL/DS4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:43:17 2025 by rpki-client