Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hFm6Ujxrm-qwlRbC1eV1ofjT680.roa
File: hFm6Ujxrm-qwlRbC1eV1ofjT680.roa (raw, json)
Hash identifier: ndWwdvDsNeN4n4rcOIhyQ65TU9/1zGslkF/rEU59o7s=
Subject key identifier: 84:59:BA:52:3C:6B:9B:EA:B0:95:16:C2:D5:E5:75:A1:F8:D3:EB:CD
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DA55FA3164DDC50CD403E0F8492E575FA
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hFm6Ujxrm-qwlRbC1eV1ofjT680.roa
Signing time: Sun 19 Apr 2026 10:53:21 +0000
ROA not before: Sun 19 Apr 2026 10:53:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 212.134.132.0/24 maxlen: 24
212.134.160.0/24 maxlen: 24
212.134.245.0/24 maxlen: 24
212.134.249.0/24 maxlen: 24
212.135.22.0/24 maxlen: 24
212.135.197.0/24 maxlen: 24
212.135.198.0/24 maxlen: 24
212.135.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 13:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a5:5f:a3:16:4d:dc:50:cd:40:3e:0f:84:92:e5:75:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 19 10:53:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8459ba523c6b9beab09516c2d5e575a1f8d3ebcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:31:40:ab:04:8c:ca:62:75:c3:bd:c1:bf:42:
7a:01:ce:73:5f:bd:1f:bb:d2:80:27:bc:fc:4e:39:
80:a0:c2:e1:65:80:4b:b7:39:16:56:e0:ea:29:44:
a3:44:27:ce:18:01:85:9b:9c:7b:a4:2a:90:d6:7b:
be:2b:43:d6:8d:7d:b5:05:7b:ac:b9:f3:84:9e:1e:
86:c0:2f:c4:5f:08:49:f1:db:44:c0:cb:5a:28:2a:
2e:99:d7:6c:32:db:c9:61:41:44:1e:57:a9:ff:66:
d0:ee:25:20:46:08:5e:ad:97:f5:47:d5:ae:8a:1d:
90:7c:cd:7d:9b:6b:a6:55:1a:87:51:ea:e3:6b:3b:
ad:c1:45:5c:1c:46:13:b1:a4:a9:6c:ab:2a:90:39:
83:37:a3:8f:37:35:b0:21:b3:a0:cf:38:38:c8:f7:
60:78:26:1f:49:ea:d2:9f:b4:2b:7c:bd:cf:2b:8a:
35:c0:29:67:fb:5f:de:94:f0:08:ff:0a:59:0a:d4:
ff:58:cb:fd:54:1b:bc:1b:81:b5:33:ab:89:17:e0:
d7:85:a2:49:22:39:a3:db:ff:96:85:a3:f4:bd:8a:
15:b6:40:ec:13:b8:a6:74:60:92:8b:68:25:56:5a:
00:90:88:7e:ae:82:4f:f1:bd:b0:58:16:c3:ef:1f:
6a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:59:BA:52:3C:6B:9B:EA:B0:95:16:C2:D5:E5:75:A1:F8:D3:EB:CD
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hFm6Ujxrm-qwlRbC1eV1ofjT680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.132.0/24
212.134.160.0/24
212.134.245.0/24
212.134.249.0/24
212.135.22.0/24
212.135.197.0-212.135.198.255
212.135.255.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:a4:5a:f2:10:e6:c8:9b:40:29:cb:4e:2a:d9:f6:42:eb:a7:
ad:61:5a:06:79:10:97:31:a9:96:59:d3:87:9c:49:75:06:e0:
c2:2e:73:98:65:fe:2c:59:2b:e0:f9:ee:c1:4a:8d:a4:24:1e:
7f:20:fe:a4:85:9c:0d:e4:6b:19:55:f7:48:5a:e2:af:b8:49:
70:0e:5a:07:f4:59:fe:bb:7c:31:5d:ac:25:c7:b3:76:d5:d6:
4c:5a:12:66:d4:1d:ad:b4:d4:d0:08:2e:b1:ef:6f:57:25:bd:
0c:0b:99:32:20:55:b7:fe:56:6f:ac:63:23:00:93:51:67:17:
09:04:06:21:f0:00:d7:fd:70:cc:26:9e:46:dc:a3:25:ce:96:
42:26:a8:19:1f:9d:ca:f4:be:99:78:03:a4:07:41:5e:00:a0:
2b:00:c2:6c:ac:3e:5f:26:96:6e:dc:01:46:ff:df:48:a3:06:
5d:0a:52:b8:67:e2:6d:9e:63:1e:80:a4:4a:a5:ba:f2:b6:86:
d7:20:af:8b:ac:d4:e6:06:a8:50:d8:95:9c:c2:18:bd:7e:01:
58:ba:cb:e5:ba:4e:ee:4f:d8:1e:52:65:a2:7a:a1:4e:2a:da:
9d:be:9d:9c:6c:06:2c:4c:0f:4f:51:32:51:69:de:d1:0d:d7:
d3:66:1a:8b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ2lX6MWTdxQzUA+D4SS5XX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDE5MTA1MzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDU5YmE1MjNjNmI5YmVhYjA5NTE2YzJkNWU1NzVhMWY4ZDNlYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TFAqwSMymJ1w73Bv0J6Ac5zX70f
u9KAJ7z8TjmAoMLhZYBLtzkWVuDqKUSjRCfOGAGFm5x7pCqQ1nu+K0PWjX21BXus
ufOEnh6GwC/EXwhJ8dtEwMtaKCoumddsMtvJYUFEHlep/2bQ7iUgRgherZf1R9Wu
ih2QfM19m2umVRqHUerjazutwUVcHEYTsaSpbKsqkDmDN6OPNzWwIbOgzzg4yPdg
eCYfSerSn7QrfL3PK4o1wCln+1/elPAI/wpZCtT/WMv9VBu8G4G1M6uJF+DXhaJJ
Ijmj2/+WhaP0vYoVtkDsE7imdGCSi2glVloAkIh+roJP8b2wWBbD7x9qiwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIRZulI8a5vqsJUWwtXldaH40+vNMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaEZtNlVqeHJtLXF3bFJiQzFlVjFvZmpUNjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQA1IaEAwQA
1IagAwQA1Ib1AwQA1Ib5AwQA1IcWMAwDBADUh8UDBADUh8YDBADUh/8wDQYJKoZI
hvcNAQELBQADggEBAMOkWvIQ5sibQCnLTirZ9kLrp61hWgZ5EJcxqZZZ04ecSXUG
4MIuc5hl/ixZK+D57sFKjaQkHn8g/qSFnA3kaxlV90ha4q+4SXAOWgf0Wf67fDFd
rCXHs3bV1kxaEmbUHa201NAILrHvb1clvQwLmTIgVbf+Vm+sYyMAk1FnFwkEBiHw
ANf9cMwmnkbcoyXOlkImqBkfncr0vpl4A6QHQV4AoCsAwmysPl8mlm7cAUb/30ij
Bl0KUrhn4m2eYx6ApEqluvK2htcgr4us1OYGqFDYlZzCGL1+AVi6y+W6Tu5P2B5S
ZaJ6oU4q2p2+nZxsBixMD09RMlFp3tEN19NmGos=
-----END CERTIFICATE-----
Generated at Sun Apr 19 23:00:05 2026 by rpki-client