Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rWz_y7cIr7oRpA_52dSGrYxAXXs.roa
File: rWz_y7cIr7oRpA_52dSGrYxAXXs.roa (raw, json)
Hash identifier: K1T1i7hbU3sRpIO3utxlrFCNGKbzXrCYZrlSPxmOLZ4=
Subject key identifier: AD:6C:FF:CB:B7:08:AF:BA:11:A4:0F:F9:D9:D4:86:AD:8C:40:5D:7B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019E3E8003A092D70B761F219369A1BACA54
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rWz_y7cIr7oRpA_52dSGrYxAXXs.roa
Signing time: Tue 19 May 2026 04:30:37 +0000
ROA not before: Tue 19 May 2026 04:30:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213896
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.98.0/24 maxlen: 24
84.32.100.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
88.216.70.0/24 maxlen: 24
88.216.74.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3e:80:03:a0:92:d7:0b:76:1f:21:93:69:a1:ba:ca:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 04:30:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad6cffcbb708afba11a40ff9d9d486ad8c405d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:55:26:64:dd:90:7e:15:40:06:42:77:3a:
d9:e1:02:0e:7a:54:42:dc:cb:fa:88:ae:70:3b:a1:
8c:4c:8a:2c:19:bd:67:e2:ec:39:1b:10:85:22:90:
97:d5:a0:ca:f4:2e:0a:b3:67:c1:41:2b:bd:d0:5d:
03:b2:16:f8:88:b1:33:0c:75:a2:ae:81:7b:57:1b:
f9:5a:c8:8c:ee:f9:88:8f:d9:17:20:61:80:be:e3:
1d:45:af:ea:ad:7a:d6:82:bd:9a:32:6d:84:34:09:
0f:5b:28:50:7c:0d:d9:71:c7:9f:b5:b9:9c:93:a2:
8f:bd:51:2b:38:81:04:cc:cc:27:1a:fa:95:32:6c:
c9:15:0d:af:7e:12:2b:a5:c0:01:c6:7d:43:5d:d1:
99:78:2f:14:51:fe:c1:f8:e5:df:80:51:50:6b:18:
bf:0e:5d:ae:56:1d:90:45:53:96:71:f4:ad:75:4d:
3f:62:6a:80:4f:68:3d:84:d8:ac:51:46:12:af:01:
4e:dc:5a:16:37:11:fc:5a:ae:d3:05:db:3d:ae:d5:
75:98:02:f2:ec:f4:e7:27:c5:b4:60:06:70:6a:af:
5d:cc:a3:a3:2f:da:66:64:6e:f4:90:74:d5:35:93:
f7:50:16:b7:dc:71:c5:5b:91:43:b2:49:a6:80:7c:
fd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6C:FF:CB:B7:08:AF:BA:11:A4:0F:F9:D9:D4:86:AD:8C:40:5D:7B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rWz_y7cIr7oRpA_52dSGrYxAXXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.59.0/24
84.32.98.0/24
84.32.100.0/24
84.32.223.0/24
88.216.36.0/24
88.216.70.0/24
88.216.74.0/24
88.216.132.0/24
88.216.211.0/24
88.216.220.0/24
Signature Algorithm: sha256WithRSAEncryption
09:56:08:5c:87:a7:17:32:3b:a9:e1:6f:c4:9a:85:6b:2f:66:
09:29:70:54:eb:7a:93:00:75:01:e0:c4:3b:cc:c1:26:3c:ff:
3c:c3:52:98:d2:7e:0f:6e:80:e9:76:81:a9:96:0f:44:07:88:
2d:94:e4:04:be:ad:1d:b5:88:d4:b3:b0:8f:8a:2b:a4:49:39:
fd:f9:09:f1:00:2f:46:5d:db:ef:3d:93:62:5d:71:93:4e:a9:
73:ff:50:d3:7b:10:fd:87:6c:4d:ef:95:53:46:bc:2a:25:64:
c9:de:f5:3e:f0:25:13:80:8a:c5:82:9e:c5:b0:f7:18:78:42:
6c:4a:73:bd:5b:ef:f1:d8:a2:26:e4:1b:8e:37:75:2a:e0:f1:
f1:02:4a:00:af:49:8a:5b:5f:1b:52:b6:7b:88:60:c7:7a:1b:
79:c5:24:49:ff:ea:f8:e6:1f:1c:5f:1c:f9:4c:83:a3:53:1f:
98:b7:4d:d4:27:9a:26:3a:ec:b9:e3:02:71:5e:9d:b5:ce:d9:
72:0c:7c:b5:41:7f:e9:dd:a1:ea:3f:a8:03:8a:b3:c7:62:99:
44:98:0f:55:7c:db:c1:b1:35:1b:5a:f6:67:af:18:e3:cf:98:
c1:66:7b:e4:41:13:bc:c0:e8:eb:c9:98:cd:bc:7c:86:63:b4:
65:fe:4c:54
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ4+gAOgktcLdh8hk2mhuspUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjYwNTE5MDQzMDM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZjZmZjYmI3MDhhZmJhMTFhNDBmZjlkOWQ0ODZhZDhjNDA1ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMpVJmTdkH4VQAZCdzrZ4QIOelRC
3Mv6iK5wO6GMTIosGb1n4uw5GxCFIpCX1aDK9C4Ks2fBQSu90F0Dshb4iLEzDHWi
roF7Vxv5WsiM7vmIj9kXIGGAvuMdRa/qrXrWgr2aMm2ENAkPWyhQfA3Zcceftbmc
k6KPvVErOIEEzMwnGvqVMmzJFQ2vfhIrpcABxn1DXdGZeC8UUf7B+OXfgFFQaxi/
Dl2uVh2QRVOWcfStdU0/YmqAT2g9hNisUUYSrwFO3FoWNxH8Wq7TBds9rtV1mALy
7PTnJ8W0YAZwaq9dzKOjL9pmZG70kHTVNZP3UBa33HHFW5FDskmmgHz9KQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK1s/8u3CK+6EaQP+dnUhq2MQF17MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcld6X3k3Y0lyN29ScEFfNTJkU0dyWXhBWFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAVCA7AwQA
VCBiAwQAVCBkAwQAVCDfAwQAWNgkAwQAWNhGAwQAWNhKAwQAWNiEAwQAWNjTAwQA
WNjcMA0GCSqGSIb3DQEBCwUAA4IBAQAJVghch6cXMjup4W/EmoVrL2YJKXBU63qT
AHUB4MQ7zMEmPP88w1KY0n4PboDpdoGplg9EB4gtlOQEvq0dtYjUs7CPiiukSTn9
+QnxAC9GXdvvPZNiXXGTTqlz/1DTexD9h2xN75VTRrwqJWTJ3vU+8CUTgIrFgp7F
sPcYeEJsSnO9W+/x2KIm5BuON3Uq4PHxAkoAr0mKW18bUrZ7iGDHeht5xSRJ/+r4
5h8cXxz5TIOjUx+Yt03UJ5omOuy54wJxXp21ztlyDHy1QX/p3aHqP6gDirPHYplE
mA9VfNvBsTUbWvZnrxjjz5jBZnvkQRO8wOjryZjNvHyGY7Rl/kxU
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:37 2026 by rpki-client