Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/h-9i61NpzwWbP7nM05O_aqdr8Ig.roa
File: h-9i61NpzwWbP7nM05O_aqdr8Ig.roa (raw, json)
Hash identifier: J4rZ5MapIevCb0rKKOER1swfwZPnx4buU2dL6dVh9GE=
Subject key identifier: 87:EF:62:EB:53:69:CF:05:9B:3F:B9:CC:D3:93:BF:6A:A7:6B:F0:88
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019A1560E5C652808C7B738B0AFF40B725B0
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/h-9i61NpzwWbP7nM05O_aqdr8Ig.roa
Signing time: Fri 24 Oct 2025 08:41:03 +0000
ROA not before: Fri 24 Oct 2025 08:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 212.134.55.0/24 maxlen: 24
212.134.180.0/22 maxlen: 22
212.134.184.0/22 maxlen: 22
212.134.192.0/22 maxlen: 22
212.134.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 06:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:15:60:e5:c6:52:80:8c:7b:73:8b:0a:ff:40:b7:25:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 24 08:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87ef62eb5369cf059b3fb9ccd393bf6aa76bf088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:9e:58:e4:bc:dd:b2:80:2b:8a:f1:8f:34:84:
5b:42:b1:cb:55:7a:1a:f5:ae:fb:03:61:41:71:4f:
f0:6b:c5:9d:0a:d0:86:5f:fd:44:07:10:81:02:f5:
70:97:0d:41:74:4e:6b:25:45:09:b0:4b:52:20:75:
84:5f:f5:30:25:44:26:77:c5:9b:7c:69:cd:a5:b7:
e2:3d:ae:0c:2f:3b:59:1e:2e:e1:d1:89:ff:d0:97:
2b:3b:ce:bb:00:c5:4c:34:63:05:57:d6:1c:81:b6:
3c:59:43:19:42:85:c0:f8:e3:59:11:2c:73:4d:4d:
6a:82:c9:34:32:d2:10:cd:05:48:6e:f3:f5:08:3d:
c0:8b:8c:da:23:ce:d7:50:89:69:84:da:8f:21:95:
03:b8:8b:d1:5c:94:ca:6e:3f:91:be:85:66:ab:45:
3a:46:2c:05:4b:5d:80:a3:21:56:f8:09:6b:8b:fc:
91:a9:53:85:46:82:4f:bb:e2:19:97:2f:6c:56:4a:
fa:68:50:37:7e:ed:14:a4:b9:1d:f1:21:ff:18:42:
04:be:0d:94:ab:7e:36:5a:05:ff:04:65:93:e5:f5:
ff:9e:7a:fa:73:4d:88:a9:da:53:cc:98:0a:ca:30:
c8:4a:fb:23:e0:23:54:7e:4c:44:21:1e:e3:ed:dc:
96:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EF:62:EB:53:69:CF:05:9B:3F:B9:CC:D3:93:BF:6A:A7:6B:F0:88
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/h-9i61NpzwWbP7nM05O_aqdr8Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.55.0/24
212.134.180.0-212.134.187.255
212.134.192.0/22
212.134.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:cf:f9:09:d6:12:e1:4a:62:85:7d:ba:4d:74:ef:fb:0e:b0:
b4:7c:3b:f2:7b:34:b5:38:e4:f5:56:41:17:13:e4:aa:34:ce:
fc:4e:f1:75:59:c6:34:7b:5c:5c:30:2d:1d:33:5d:cb:da:8a:
f7:05:e9:c0:fe:8f:b5:e9:be:5b:aa:6a:56:75:b0:6c:45:c4:
9d:fe:40:70:7c:62:34:14:bb:0d:08:82:fc:6f:d2:e7:6c:85:
22:40:27:1b:d3:6b:0d:a7:24:ef:e6:76:69:89:fe:4e:22:ce:
3f:93:b5:54:a7:cf:6e:4f:69:13:6f:1d:7b:85:04:46:26:13:
d4:ee:3b:3a:8f:91:34:13:e9:89:04:be:b8:1b:25:c7:c2:14:
d9:ac:77:8b:ec:58:64:b1:85:fc:4c:81:ce:8e:53:bf:19:c6:
7d:72:66:90:da:f6:20:5c:f1:22:24:9e:c9:73:d2:03:98:fc:
0c:01:28:06:58:9b:bb:08:29:61:cf:0f:43:c8:e1:07:a1:f5:
70:8b:4c:54:49:31:d4:c6:19:56:2a:d9:a3:b6:be:20:de:ba:
55:27:c5:dd:9a:cc:07:a6:ff:90:9a:e7:bd:0a:82:e4:10:4f:
08:63:c2:98:87:bd:bb:d2:dc:6b:94:58:ca:9e:51:8e:0e:3b:
ce:fb:5c:4f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZoVYOXGUoCMe3OLCv9AtyWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDI0MDg0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2VmNjJlYjUzNjljZjA1OWIzZmI5Y2NkMzkzYmY2YWE3NmJmMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Z5Y5LzdsoArivGPNIRbQrHLVXoa
9a77A2FBcU/wa8WdCtCGX/1EBxCBAvVwlw1BdE5rJUUJsEtSIHWEX/UwJUQmd8Wb
fGnNpbfiPa4MLztZHi7h0Yn/0JcrO867AMVMNGMFV9YcgbY8WUMZQoXA+ONZESxz
TU1qgsk0MtIQzQVIbvP1CD3Ai4zaI87XUIlphNqPIZUDuIvRXJTKbj+RvoVmq0U6
RiwFS12AoyFW+Alri/yRqVOFRoJPu+IZly9sVkr6aFA3fu0UpLkd8SH/GEIEvg2U
q342WgX/BGWT5fX/nnr6c02IqdpTzJgKyjDISvsj4CNUfkxEIR7j7dyWgwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIfvYutTac8Fmz+5zNOTv2qna/CIMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaC05aTYxTnB6d1diUDduTTA1T19hcWRyOElnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQA1IY3MAwD
BALUhrQDBALUhrgDBALUhsADBALUhsgwDQYJKoZIhvcNAQELBQADggEBAAzP+QnW
EuFKYoV9uk107/sOsLR8O/J7NLU45PVWQRcT5Ko0zvxO8XVZxjR7XFwwLR0zXcva
ivcF6cD+j7XpvluqalZ1sGxFxJ3+QHB8YjQUuw0Igvxv0udshSJAJxvTaw2nJO/m
dmmJ/k4izj+TtVSnz25PaRNvHXuFBEYmE9TuOzqPkTQT6YkEvrgbJcfCFNmsd4vs
WGSxhfxMgc6OU78Zxn1yZpDa9iBc8SIknslz0gOY/AwBKAZYm7sIKWHPD0PI4Qeh
9XCLTFRJMdTGGVYq2aO2viDeulUnxd2azAem/5Ca570KguQQTwhjwpiHvbvS3GuU
WMqeUY4OO877XE8=
-----END CERTIFICATE-----
Generated at Wed Oct 29 15:47:57 2025 by rpki-client