Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ckzBLctib_Efmgj8il3awYJMS_c.roa
File: ckzBLctib_Efmgj8il3awYJMS_c.roa (raw, json)
Hash identifier: c0GOXvxIHbZb6TdUdmPPJE5Olr5etppycV38c2Bf+qM=
Subject key identifier: 72:4C:C1:2D:CB:62:6F:F1:1F:9A:08:FC:8A:5D:DA:C1:82:4C:4B:F7
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E6E649C26B64F0C894CDCBA9E0A4AF0F4
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ckzBLctib_Efmgj8il3awYJMS_c.roa
Signing time: Thu 28 May 2026 11:42:27 +0000
ROA not before: Thu 28 May 2026 11:42:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 82.108.166.0/24 maxlen: 24
82.108.201.0/24 maxlen: 24
212.134.49.0/24 maxlen: 24
212.134.140.0/24 maxlen: 24
212.134.183.0/24 maxlen: 24
212.134.185.0/24 maxlen: 24
212.134.187.0/24 maxlen: 24
212.134.200.0/24 maxlen: 24
212.134.239.0/24 maxlen: 24
212.135.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 13:49:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:64:9c:26:b6:4f:0c:89:4c:dc:ba:9e:0a:4a:f0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 28 11:42:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=724cc12dcb626ff11f9a08fc8a5ddac1824c4bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:65:89:51:4b:b5:2e:72:35:8a:ca:79:e1:a0:
96:e5:81:ab:c1:c7:1b:80:41:87:5b:3f:63:05:4b:
ff:23:7e:bd:5b:44:24:f5:22:bd:d6:4d:a9:a2:c5:
cb:6c:c8:79:b9:fc:85:2b:3c:e8:62:93:bd:7b:a5:
c3:56:00:6c:0f:a5:b3:38:d9:ff:38:7b:15:8b:bc:
03:38:fa:76:3a:c4:77:ab:eb:7d:10:e4:f6:70:ae:
55:4a:c8:b6:96:e6:c2:89:84:3e:f2:bc:1c:c6:18:
32:31:d3:78:65:9b:2e:aa:ce:bf:93:78:c3:47:ef:
60:45:bc:11:c9:05:b1:4f:70:c6:f2:32:fe:e5:a4:
3f:1e:cd:d7:1e:2e:c6:63:3a:c0:42:77:5f:20:fc:
2c:d1:0e:d0:df:9e:cb:dd:5d:f4:04:3d:de:70:83:
85:b3:6e:95:60:f8:0d:a8:f8:45:58:b8:af:1e:ba:
b6:9f:79:15:b2:f8:9e:3a:58:1b:ac:2c:ca:79:4a:
3f:26:57:4e:84:c7:ad:20:d1:e2:34:5c:0d:e0:9b:
0b:42:f7:3a:22:eb:16:ef:14:6a:8c:21:be:fc:3c:
ff:86:37:0f:39:d1:6d:a0:1d:30:56:a6:2e:00:4e:
3f:e8:11:12:f4:53:f6:92:5b:b5:f6:96:c8:13:be:
ba:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:4C:C1:2D:CB:62:6F:F1:1F:9A:08:FC:8A:5D:DA:C1:82:4C:4B:F7
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ckzBLctib_Efmgj8il3awYJMS_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.166.0/24
82.108.201.0/24
212.134.49.0/24
212.134.140.0/24
212.134.183.0/24
212.134.185.0/24
212.134.187.0/24
212.134.200.0/24
212.134.239.0/24
212.135.150.0/24
Signature Algorithm: sha256WithRSAEncryption
94:66:b2:e3:31:96:e3:bb:73:ce:17:64:9b:46:bb:0b:e9:cf:
61:80:6c:6e:68:da:7f:3b:e3:9b:94:75:73:fc:4f:66:6e:fb:
d5:6c:95:da:e3:05:9c:2b:e3:44:4f:44:7f:30:40:c0:12:37:
b5:f0:7d:6b:0c:b3:7d:c1:71:74:5d:f2:71:35:c4:45:ee:8b:
81:ef:e9:42:6d:b1:73:39:10:a8:f0:79:b3:48:27:7f:0c:55:
3e:1f:45:d7:3f:5f:b2:f3:3d:4f:cc:45:b8:02:14:ac:6f:77:
f6:fd:30:7d:a7:9d:84:98:d9:e1:fa:d0:e0:b2:ea:f9:5e:01:
5e:bd:35:bc:1c:bf:94:46:33:1b:c0:f3:2d:5d:22:39:71:2c:
a6:9f:67:57:bd:b0:c3:8c:24:68:12:d1:01:72:3e:16:be:6b:
54:5f:e8:69:04:2d:e6:2f:ba:dc:a7:db:38:ab:eb:9b:ad:b7:
4e:3a:b3:00:8d:e4:93:8d:64:e4:d6:5c:bd:90:e6:c8:a2:54:
8c:7d:f4:d4:f3:87:0b:4d:ad:0f:bc:70:84:7d:95:88:68:ea:
9e:89:17:f0:9b:21:71:73:86:13:7c:72:5b:01:85:2e:94:03:
37:a0:fc:d8:e4:f9:8c:6e:95:2e:ae:41:72:87:7b:1f:08:e2:
79:5f:f9:09
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZ5uZJwmtk8MiUzcup4KSvD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTI4MTE0MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjRjYzEyZGNiNjI2ZmYxMWY5YTA4ZmM4YTVkZGFjMTgyNGM0YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WWJUUu1LnI1isp54aCW5YGrwccb
gEGHWz9jBUv/I369W0Qk9SK91k2posXLbMh5ufyFKzzoYpO9e6XDVgBsD6WzONn/
OHsVi7wDOPp2OsR3q+t9EOT2cK5VSsi2lubCiYQ+8rwcxhgyMdN4ZZsuqs6/k3jD
R+9gRbwRyQWxT3DG8jL+5aQ/Hs3XHi7GYzrAQndfIPws0Q7Q357L3V30BD3ecIOF
s26VYPgNqPhFWLivHrq2n3kVsvieOlgbrCzKeUo/JldOhMetINHiNFwN4JsLQvc6
IusW7xRqjCG+/Dz/hjcPOdFtoB0wVqYuAE4/6BES9FP2klu19pbIE766XQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFHJMwS3LYm/xH5oI/Ipd2sGCTEv3MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvY2t6QkxjdGliX0VmbWdqOGlsM2F3WUpNU19jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUmymAwQA
UmzJAwQA1IYxAwQA1IaMAwQA1Ia3AwQA1Ia5AwQA1Ia7AwQA1IbIAwQA1IbvAwQA
1IeWMA0GCSqGSIb3DQEBCwUAA4IBAQCUZrLjMZbju3POF2SbRrsL6c9hgGxuaNp/
O+OblHVz/E9mbvvVbJXa4wWcK+NET0R/MEDAEje18H1rDLN9wXF0XfJxNcRF7ouB
7+lCbbFzORCo8HmzSCd/DFU+H0XXP1+y8z1PzEW4AhSsb3f2/TB9p52EmNnh+tDg
sur5XgFevTW8HL+URjMbwPMtXSI5cSymn2dXvbDDjCRoEtEBcj4WvmtUX+hpBC3m
L7rcp9s4q+ubrbdOOrMAjeSTjWTk1ly9kObIolSMffTU84cLTa0PvHCEfZWIaOqe
iRfwmyFxc4YTfHJbAYUulAM3oPzY5PmMbpUurkFyh3sfCOJ5X/kJ
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:32:09 2026 by rpki-client