Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7iOqhxuCXEyoXmPhv7sRhk7Ib80.roa
File: 7iOqhxuCXEyoXmPhv7sRhk7Ib80.roa (raw, json)
Hash identifier: Uf1d6SlCRNc4PX/Pu/S2qwRmpC0LDZKWDL1qCMnzhbs=
Subject key identifier: EE:23:AA:87:1B:82:5C:4C:A8:5E:63:E1:BF:BB:11:86:4E:C8:6F:CD
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019A343693B2E015AA33467F5EF16223ED59
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7iOqhxuCXEyoXmPhv7sRhk7Ib80.roa
Signing time: Thu 30 Oct 2025 08:23:03 +0000
ROA not before: Thu 30 Oct 2025 08:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.134.36.0/24 maxlen: 24
212.134.56.0/23 maxlen: 24
212.134.58.0/24 maxlen: 24
212.134.83.0/24 maxlen: 24
212.134.87.0/24 maxlen: 24
212.134.89.0/24 maxlen: 24
212.134.98.0/23 maxlen: 24
212.134.104.0/23 maxlen: 24
212.134.106.0/23 maxlen: 24
212.134.110.0/23 maxlen: 24
212.134.148.0/22 maxlen: 24
212.134.188.0/22 maxlen: 24
212.134.196.0/22 maxlen: 24
212.134.212.0/22 maxlen: 24
212.134.216.0/22 maxlen: 24
212.134.228.0/22 maxlen: 24
212.134.232.0/22 maxlen: 24
212.134.248.0/22 maxlen: 24
212.135.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:36:93:b2:e0:15:aa:33:46:7f:5e:f1:62:23:ed:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 30 08:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee23aa871b825c4ca85e63e1bfbb11864ec86fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:6f:e6:3a:59:65:86:9c:84:dc:58:16:32:
aa:df:85:af:a9:33:37:e4:98:4b:c8:3a:a9:5f:00:
8c:d9:12:b7:2d:2d:f1:af:a4:92:f1:b9:d1:90:29:
af:56:c6:b0:b2:b4:b8:73:76:d6:d8:5b:3e:c0:8b:
02:10:37:c1:42:81:99:19:45:72:c8:a4:e5:13:75:
19:5b:14:c0:5a:53:ad:f5:72:11:d7:03:56:ac:8e:
2f:a3:f1:00:02:a3:96:06:0c:b5:de:cc:65:48:26:
b8:4a:eb:08:7c:cb:75:98:c9:e7:ec:98:12:68:72:
bd:53:ba:a7:c1:2a:81:86:1f:20:d4:16:c9:8b:1a:
f8:64:ce:d2:a1:91:32:2a:70:03:58:8d:94:56:9b:
b0:bd:dc:60:5d:6e:1b:f4:73:1a:f2:23:2a:43:4b:
e9:2c:09:15:00:0b:7c:0f:14:2a:db:42:74:94:b9:
77:bb:db:e7:75:7e:5f:77:c6:35:8f:5f:3d:75:de:
41:2b:c4:fb:c8:da:62:9a:db:75:b1:d2:ce:78:7c:
91:4b:a7:2d:f0:66:8c:49:d0:54:04:8c:fc:4a:b1:
21:0a:42:79:1c:fb:87:4e:55:c5:bf:29:db:fa:8e:
f1:53:7a:b3:c2:05:12:65:3a:83:35:f6:7a:5d:d0:
63:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:23:AA:87:1B:82:5C:4C:A8:5E:63:E1:BF:BB:11:86:4E:C8:6F:CD
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/7iOqhxuCXEyoXmPhv7sRhk7Ib80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.36.0/24
212.134.56.0-212.134.58.255
212.134.83.0/24
212.134.87.0/24
212.134.89.0/24
212.134.98.0/23
212.134.104.0/22
212.134.110.0/23
212.134.148.0/22
212.134.188.0/22
212.134.196.0/22
212.134.212.0-212.134.219.255
212.134.228.0-212.134.235.255
212.134.248.0/22
212.135.204.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:41:6f:79:b4:07:6b:49:bc:57:96:7a:71:ed:46:53:07:00:
31:c2:73:5f:0c:1f:8f:7b:a8:0c:d1:c8:8d:66:86:24:7d:a2:
13:ae:04:5c:1d:3e:57:7b:92:a3:12:c6:db:b2:82:85:c7:1f:
87:cf:c2:99:90:1a:09:86:bc:c9:58:af:60:2b:d7:54:fc:fc:
23:3d:4e:97:8e:00:83:58:9c:6d:e1:1e:3b:b9:27:ca:a5:0f:
65:32:b5:d7:e4:ea:0c:47:03:02:43:83:de:76:46:f8:94:b1:
89:05:fa:0b:1d:52:96:80:9a:08:c4:a9:45:73:cc:89:9f:d6:
3d:88:db:e1:0c:ff:2d:d7:fb:23:0d:00:eb:ca:a7:31:04:5c:
85:f9:0e:56:9a:6d:2a:ec:d6:41:a3:e7:c2:3c:e0:9d:bf:0f:
f6:c9:27:0d:3b:38:6e:d1:16:e0:08:33:f7:2a:9a:2b:b7:75:
2b:f6:77:1c:b3:1f:43:fb:9a:62:df:bf:2a:2f:71:fe:33:66:
98:af:c3:cb:bd:ad:f7:a0:5e:6d:ae:bc:5b:cd:47:25:57:35:
19:01:e5:9f:d1:2c:22:74:4d:a7:63:4f:25:82:04:e3:9f:fc:
b2:6f:b3:f4:f5:65:ba:e5:89:40:4f:84:46:61:75:8c:7c:88:
98:52:fd:fc
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZo0NpOy4BWqM0Z/XvFiI+1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDMwMDgyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIzYWE4NzFiODI1YzRjYTg1ZTYzZTFiZmJiMTE4NjRlYzg2ZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRxv5jpZZYachNxYFjKq34WvqTM3
5JhLyDqpXwCM2RK3LS3xr6SS8bnRkCmvVsawsrS4c3bW2Fs+wIsCEDfBQoGZGUVy
yKTlE3UZWxTAWlOt9XIR1wNWrI4vo/EAAqOWBgy13sxlSCa4SusIfMt1mMnn7JgS
aHK9U7qnwSqBhh8g1BbJixr4ZM7SoZEyKnADWI2UVpuwvdxgXW4b9HMa8iMqQ0vp
LAkVAAt8DxQq20J0lLl3u9vndX5fd8Y1j189dd5BK8T7yNpimtt1sdLOeHyRS6ct
8GaMSdBUBIz8SrEhCkJ5HPuHTlXFvynb+o7xU3qzwgUSZTqDNfZ6XdBjFwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFO4jqocbglxMqF5j4b+7EYZOyG/NMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvN2lPcWh4dUNYRXlvWG1QaHY3c1JoazdJYjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEANSGJDAM
AwQD1IY4AwQA1IY6AwQA1IZTAwQA1IZXAwQA1IZZAwQB1IZiAwQC1IZoAwQB1IZu
AwQC1IaUAwQC1Ia8AwQC1IbEMAwDBALUhtQDBALUhtgwDAMEAtSG5AMEAtSG6AME
AtSG+AMEAtSHzDANBgkqhkiG9w0BAQsFAAOCAQEAb0FvebQHa0m8V5Z6ce1GUwcA
McJzXwwfj3uoDNHIjWaGJH2iE64EXB0+V3uSoxLG27KChccfh8/CmZAaCYa8yViv
YCvXVPz8Iz1Ol44Ag1icbeEeO7knyqUPZTK11+TqDEcDAkOD3nZG+JSxiQX6Cx1S
loCaCMSpRXPMiZ/WPYjb4Qz/Ldf7Iw0A68qnMQRchfkOVpptKuzWQaPnwjzgnb8P
9sknDTs4btEW4Agz9yqaK7d1K/Z3HLMfQ/uaYt+/Ki9x/jNmmK/Dy72t96Beba68
W81HJVc1GQHln9EsInRNp2NPJYIE45/8sm+z9PVluuWJQE+ERmF1jHyImFL9/A==
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:36:11 2025 by rpki-client