Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/1kXPsAdLa9-OG1J3wfn5gATPy_U.roa
File: 1kXPsAdLa9-OG1J3wfn5gATPy_U.roa (raw, json)
Hash identifier: QQKYOB6N/sW+PJW3hE/5yNpRMXyH3ZkUwAPZeHLCGSM=
Subject key identifier: D6:45:CF:B0:07:4B:6B:DF:8E:1B:52:77:C1:F9:F9:80:04:CF:CB:F5
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019A3439E35BABC8215CA15399F96F649E55
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/1kXPsAdLa9-OG1J3wfn5gATPy_U.roa
Signing time: Thu 30 Oct 2025 08:26:40 +0000
ROA not before: Thu 30 Oct 2025 08:26:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205886
IP address blocks: 212.134.18.0/24 maxlen: 24
212.134.47.0/24 maxlen: 24
212.134.80.0/24 maxlen: 24
212.134.109.0/24 maxlen: 24
212.134.156.0/24 maxlen: 24
212.134.179.0/24 maxlen: 24
212.134.199.0/24 maxlen: 24
212.134.232.0/24 maxlen: 24
212.135.155.0/24 maxlen: 24
212.135.158.0/24 maxlen: 24
212.135.161.0/24 maxlen: 24
212.135.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 01:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:39:e3:5b:ab:c8:21:5c:a1:53:99:f9:6f:64:9e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 30 08:26:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d645cfb0074b6bdf8e1b5277c1f9f98004cfcbf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:66:c8:ac:a0:b8:19:45:9e:3d:9f:2d:c4:
8a:c5:04:5f:ae:96:09:c8:5b:36:72:28:e6:1c:b0:
0e:ba:31:fb:6a:7c:27:3e:6b:7f:8c:83:30:01:24:
26:3c:2f:64:ed:ce:e8:83:e5:aa:dd:6f:66:ff:62:
61:8d:f9:73:ff:24:48:95:f3:9e:5b:20:51:7a:c8:
a4:a3:90:d2:16:c4:58:e1:09:05:0b:03:49:aa:bd:
85:4e:4d:ab:02:7d:55:20:ea:11:d8:63:6b:79:c4:
38:e5:d9:34:4f:95:a6:28:70:7f:95:21:2d:31:8a:
4d:3f:eb:0e:d9:7a:b7:0c:5e:10:c4:53:33:15:5e:
5e:ce:0b:08:b5:8c:08:9e:a3:60:dc:f4:5f:a5:fe:
79:e9:94:e0:8b:a1:ed:31:82:e0:04:e1:79:b5:86:
7e:86:a5:f2:af:01:fa:0d:09:51:1c:cc:51:9d:81:
3f:d0:16:7d:cb:a0:9b:02:9f:6a:37:ec:4f:d1:99:
ac:0d:b0:e8:2e:da:78:3c:76:21:39:53:f3:71:75:
7b:49:8d:c8:b2:9c:e4:5a:04:f4:d4:a4:56:cd:ae:
ac:ab:7b:24:0d:ab:3d:63:50:c9:53:63:d3:7f:78:
96:a4:9a:b2:91:c7:e1:c9:b1:96:41:6d:e2:3a:00:
15:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:45:CF:B0:07:4B:6B:DF:8E:1B:52:77:C1:F9:F9:80:04:CF:CB:F5
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/1kXPsAdLa9-OG1J3wfn5gATPy_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.18.0/24
212.134.47.0/24
212.134.80.0/24
212.134.109.0/24
212.134.156.0/24
212.134.179.0/24
212.134.199.0/24
212.134.232.0/24
212.135.155.0/24
212.135.158.0/24
212.135.161.0-212.135.162.255
Signature Algorithm: sha256WithRSAEncryption
db:5c:61:a7:5d:15:b7:b0:6f:38:0b:9c:84:bf:11:55:b7:5d:
79:2c:63:4f:24:fe:20:12:59:2f:6e:8e:63:b0:94:ff:1a:6e:
c4:24:fd:4d:59:1c:34:05:0f:c5:77:77:73:53:3b:d3:44:67:
9e:d6:a7:54:74:8c:03:14:55:85:0b:91:56:12:40:c0:4b:be:
3e:ec:17:f4:74:cc:e3:34:df:54:b0:62:8c:5c:8f:db:6d:71:
98:b8:ab:de:bb:08:ff:3d:0d:f6:7c:6f:e8:c6:86:19:b1:5b:
31:cc:ec:20:22:41:1e:a0:7d:83:b1:d3:02:89:2b:55:05:72:
30:02:1b:0b:2b:64:bc:60:46:26:42:39:91:fd:4e:43:b5:29:
63:be:69:13:22:4a:eb:22:ba:1c:8e:96:d7:0a:3e:03:bc:5b:
c2:6f:a4:92:3d:9b:63:9c:cb:61:5c:eb:1e:dd:24:1a:92:c9:
1c:a8:fa:9d:7a:60:1c:1d:3e:7a:c4:4d:d8:d9:58:44:12:53:
5f:53:40:1c:91:0c:ef:32:78:26:3b:67:2d:5a:89:05:bb:2b:
21:49:a4:c5:5c:58:c0:d4:ed:f9:b8:82:f4:f5:d9:8b:af:00:
63:64:7f:4f:f8:67:80:56:a7:aa:ef:cf:c8:d4:67:4f:33:84:
9f:ab:e8:ca
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZo0OeNbq8ghXKFTmflvZJ5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDMwMDgyNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjQ1Y2ZiMDA3NGI2YmRmOGUxYjUyNzdjMWY5Zjk4MDA0Y2ZjYmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru9myKyguBlFnj2fLcSKxQRfrpYJ
yFs2cijmHLAOujH7anwnPmt/jIMwASQmPC9k7c7og+Wq3W9m/2Jhjflz/yRIlfOe
WyBResiko5DSFsRY4QkFCwNJqr2FTk2rAn1VIOoR2GNrecQ45dk0T5WmKHB/lSEt
MYpNP+sO2Xq3DF4QxFMzFV5ezgsItYwInqNg3PRfpf556ZTgi6HtMYLgBOF5tYZ+
hqXyrwH6DQlRHMxRnYE/0BZ9y6CbAp9qN+xP0ZmsDbDoLtp4PHYhOVPzcXV7SY3I
spzkWgT01KRWza6sq3skDas9Y1DJU2PTf3iWpJqykcfhybGWQW3iOgAV2QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFNZFz7AHS2vfjhtSd8H5+YAEz8v1MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvMWtYUHNBZExhOS1PRzFKM3dmbjVnQVRQeV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQA1IYSAwQA
1IYvAwQA1IZQAwQA1IZtAwQA1IacAwQA1IazAwQA1IbHAwQA1IboAwQA1IebAwQA
1IeeMAwDBADUh6EDBADUh6IwDQYJKoZIhvcNAQELBQADggEBANtcYaddFbewbzgL
nIS/EVW3XXksY08k/iASWS9ujmOwlP8absQk/U1ZHDQFD8V3d3NTO9NEZ57Wp1R0
jAMUVYULkVYSQMBLvj7sF/R0zOM031SwYoxcj9ttcZi4q967CP89DfZ8b+jGhhmx
WzHM7CAiQR6gfYOx0wKJK1UFcjACGwsrZLxgRiZCOZH9TkO1KWO+aRMiSusiuhyO
ltcKPgO8W8JvpJI9m2Ocy2Fc6x7dJBqSyRyo+p16YBwdPnrETdjZWEQSU19TQByR
DO8yeCY7Zy1aiQW7KyFJpMVcWMDU7fm4gvT12YuvAGNkf0/4Z4BWp6rvz8jUZ08z
hJ+r6Mo=
-----END CERTIFICATE-----
Generated at Sat Nov 1 08:27:32 2025 by rpki-client