Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/KiNF7OCub1GOOpTRGoOGWOJXCKg.roa
File: KiNF7OCub1GOOpTRGoOGWOJXCKg.roa (raw, json)
Hash identifier: /0NSAMWMa05jBmR8ipFaLAxKBWMnQCZsBl8vETFg0ww=
Subject key identifier: 2A:23:45:EC:E0:AE:6F:51:8E:3A:94:D1:1A:83:86:58:E2:57:08:A8
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199ECCF41B6C11129951A70E2E11802B989
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/KiNF7OCub1GOOpTRGoOGWOJXCKg.roa
Signing time: Thu 16 Oct 2025 11:37:09 +0000
ROA not before: Thu 16 Oct 2025 11:37:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 212.134.180.0/22 maxlen: 22
212.134.184.0/22 maxlen: 22
212.134.192.0/22 maxlen: 22
212.134.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:cf:41:b6:c1:11:29:95:1a:70:e2:e1:18:02:b9:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 16 11:37:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2345ece0ae6f518e3a94d11a838658e25708a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:15:46:28:f6:48:f2:ab:9c:ea:3f:51:96:6d:
b7:09:4f:f9:86:d8:22:22:59:74:bb:f2:08:ac:62:
9c:3f:66:f4:f5:7e:e2:4c:4d:56:d0:7b:0d:43:60:
f8:42:5a:e9:05:25:5d:78:c9:a5:7e:d6:2f:55:82:
f6:ca:d9:ca:ec:83:14:c1:46:ed:3a:c2:fc:1a:09:
80:2c:c5:f9:ed:ae:ad:1a:20:f6:bc:09:84:ca:3e:
a9:dc:10:d6:0b:cb:b9:02:a4:77:10:4a:99:bc:13:
59:5a:07:92:f0:34:9e:43:13:fe:d1:ad:eb:71:f6:
09:c8:e7:8c:af:16:9a:8d:d5:31:0b:35:bb:b7:a8:
98:4e:62:c5:41:19:f5:7f:1e:e6:84:0e:02:ac:34:
66:e9:cb:61:64:f2:9e:4a:b6:4e:ba:f6:fa:ce:d2:
b2:52:ec:c4:ac:4a:a3:71:d2:f6:95:13:58:f6:a4:
ec:d6:95:16:a1:b5:12:ce:56:f2:21:2a:97:62:ec:
1d:fc:a8:8a:08:8a:10:15:a0:da:87:63:1f:77:0e:
41:43:4d:37:8b:9b:6d:60:3a:ce:81:9f:b5:0b:0d:
ea:e2:b2:e9:8f:6d:85:69:6c:25:8a:c7:3d:2e:c1:
4c:e1:36:1e:90:00:d9:fa:33:01:c1:76:57:a8:ca:
88:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:23:45:EC:E0:AE:6F:51:8E:3A:94:D1:1A:83:86:58:E2:57:08:A8
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/KiNF7OCub1GOOpTRGoOGWOJXCKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.180.0-212.134.187.255
212.134.192.0/22
212.134.200.0/22
Signature Algorithm: sha256WithRSAEncryption
99:94:ab:94:df:5d:08:ec:43:8f:05:82:40:9e:b8:af:2a:40:
2a:7e:23:b3:71:bc:5d:fa:3a:41:7e:cb:24:4c:f9:fd:87:48:
5b:9a:21:79:f2:23:38:67:fb:2a:4e:31:e0:83:9c:aa:3d:37:
1f:ee:df:a2:03:26:e2:b0:03:b7:54:8c:90:9f:5e:98:1d:ec:
57:04:70:3b:f9:0a:a2:93:a2:3e:03:ba:ba:a0:f4:ae:38:dc:
d8:16:22:ff:7a:14:cf:c0:3a:fc:72:bd:7b:e1:02:a2:f7:ae:
5f:3d:7a:4b:12:ae:12:54:18:c8:4c:98:ce:8f:0e:dc:98:c8:
36:c4:7e:99:03:25:ab:90:ce:80:70:ab:3b:5b:01:cc:74:9c:
eb:2e:d7:48:10:b0:b6:e8:88:02:d8:c3:00:b1:d4:83:e3:c0:
94:82:54:3d:d2:1c:17:54:8d:eb:9e:3d:73:ff:72:3a:07:ed:
c3:1a:2f:71:ec:d6:22:8e:a8:03:a1:5f:4a:b7:9b:01:5f:9f:
00:41:bc:19:dc:27:b7:94:81:dc:24:89:23:fe:fa:d3:53:bc:
1b:d7:f6:8d:a3:da:76:2c:a0:10:7d:0b:e0:84:a5:3a:92:cc:
82:de:7d:35:97:b4:4d:1b:ff:04:1d:8b:cd:4f:da:24:a9:0f:
f1:ee:d9:f7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZnsz0G2wREplRpw4uEYArmJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDE2MTEzNzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIzNDVlY2UwYWU2ZjUxOGUzYTk0ZDExYTgzODY1OGUyNTcwOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRVGKPZI8quc6j9Rlm23CU/5htgi
Ill0u/IIrGKcP2b09X7iTE1W0HsNQ2D4QlrpBSVdeMmlftYvVYL2ytnK7IMUwUbt
OsL8GgmALMX57a6tGiD2vAmEyj6p3BDWC8u5AqR3EEqZvBNZWgeS8DSeQxP+0a3r
cfYJyOeMrxaajdUxCzW7t6iYTmLFQRn1fx7mhA4CrDRm6cthZPKeSrZOuvb6ztKy
UuzErEqjcdL2lRNY9qTs1pUWobUSzlbyISqXYuwd/KiKCIoQFaDah2Mfdw5BQ003
i5ttYDrOgZ+1Cw3q4rLpj22FaWwlisc9LsFM4TYekADZ+jMBwXZXqMqIgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCojRezgrm9RjjqU0RqDhljiVwioMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvS2lORjdPQ3ViMUdPT3BUUkdvT0dXT0pYQ0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBALUhrQD
BALUhrgDBALUhsADBALUhsgwDQYJKoZIhvcNAQELBQADggEBAJmUq5TfXQjsQ48F
gkCeuK8qQCp+I7NxvF36OkF+yyRM+f2HSFuaIXnyIzhn+ypOMeCDnKo9Nx/u36ID
JuKwA7dUjJCfXpgd7FcEcDv5CqKToj4Durqg9K443NgWIv96FM/AOvxyvXvhAqL3
rl89eksSrhJUGMhMmM6PDtyYyDbEfpkDJauQzoBwqztbAcx0nOsu10gQsLboiALY
wwCx1IPjwJSCVD3SHBdUjeuePXP/cjoH7cMaL3Hs1iKOqAOhX0q3mwFfnwBBvBnc
J7eUgdwkiSP++tNTvBvX9o2j2nYsoBB9C+CEpTqSzILefTWXtE0b/wQdi81P2iSp
D/Hu2fc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:03 2025 by rpki-client