Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/huhbiBVsqxMIgiz-uIHEgsSrTM4.roa
File: huhbiBVsqxMIgiz-uIHEgsSrTM4.roa (raw, json)
Hash identifier: 7s/vjVmoAWdRkaI8DsNRcToX+gSqCCURRnu0kAJd83M=
Subject key identifier: 86:E8:5B:88:15:6C:AB:13:08:82:2C:FE:B8:81:C4:82:C4:AB:4C:CE
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E6A07A951E1154F5C1C34FBE69DB33B89
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/huhbiBVsqxMIgiz-uIHEgsSrTM4.roa
Signing time: Wed 27 May 2026 15:22:27 +0000
ROA not before: Wed 27 May 2026 15:22:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61112
IP address blocks: 82.109.8.0/23 maxlen: 24
212.135.32.0/20 maxlen: 24
212.135.32.0/24 maxlen: 24
212.135.33.0/24 maxlen: 24
212.135.34.0/24 maxlen: 24
212.135.35.0/24 maxlen: 24
212.135.36.0/24 maxlen: 24
212.135.37.0/24 maxlen: 24
212.135.38.0/24 maxlen: 24
212.135.39.0/24 maxlen: 24
212.135.40.0/24 maxlen: 24
212.135.41.0/24 maxlen: 24
212.135.42.0/24 maxlen: 24
212.135.43.0/24 maxlen: 24
212.135.44.0/24 maxlen: 24
212.135.45.0/24 maxlen: 24
212.135.46.0/24 maxlen: 24
212.135.47.0/24 maxlen: 24
212.135.112.0/20 maxlen: 24
212.135.112.0/24 maxlen: 24
212.135.113.0/24 maxlen: 24
212.135.114.0/24 maxlen: 24
212.135.115.0/24 maxlen: 24
212.135.116.0/24 maxlen: 24
212.135.117.0/24 maxlen: 24
212.135.118.0/24 maxlen: 24
212.135.119.0/24 maxlen: 24
212.135.120.0/24 maxlen: 24
212.135.121.0/24 maxlen: 24
212.135.122.0/24 maxlen: 24
212.135.123.0/24 maxlen: 24
212.135.124.0/24 maxlen: 24
212.135.125.0/24 maxlen: 24
212.135.126.0/24 maxlen: 24
212.135.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6a:07:a9:51:e1:15:4f:5c:1c:34:fb:e6:9d:b3:3b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 27 15:22:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=86e85b88156cab1308822cfeb881c482c4ab4cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:a2:af:aa:21:15:ca:af:9d:80:11:e6:1f:
5f:50:30:42:fa:e2:ea:45:bf:11:51:98:15:9f:2e:
16:d7:4f:99:3c:c6:53:66:f0:f8:f4:a7:fb:05:06:
63:ed:3c:c3:31:5a:d5:a2:a6:19:6f:2a:ac:b9:a6:
cc:0b:7d:aa:4f:a1:5d:56:49:c8:40:aa:55:e2:d6:
bc:82:d0:8e:e4:04:0f:09:19:72:5b:53:7f:3d:f8:
0d:d8:8c:73:64:c8:62:0b:de:1b:b4:e1:17:81:ff:
9d:0b:ed:a9:ac:6d:44:9e:ff:05:14:92:e7:d9:9e:
98:84:11:e3:01:bb:42:fc:5b:63:1d:f3:df:b5:57:
71:6d:b5:09:e6:f9:66:d3:53:4b:55:f7:4c:92:8b:
1a:fc:ec:80:11:8c:eb:32:b1:b4:6a:55:01:f9:3a:
f4:b7:23:22:62:06:fc:53:84:c2:09:af:7b:e6:71:
bd:b4:f3:ec:17:dc:53:a7:ae:20:93:1c:5a:39:f3:
e9:a9:0a:0b:75:25:cb:cc:12:06:6f:8d:46:51:90:
5d:6d:95:8c:92:85:bd:5b:2f:ac:97:66:54:3a:e8:
df:99:bb:c3:32:77:d3:f9:b3:62:be:08:d5:6c:cf:
fb:1b:da:41:d9:2c:64:29:66:64:d9:25:a9:e0:72:
8f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:E8:5B:88:15:6C:AB:13:08:82:2C:FE:B8:81:C4:82:C4:AB:4C:CE
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/huhbiBVsqxMIgiz-uIHEgsSrTM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.109.8.0/23
212.135.32.0/20
212.135.112.0/20
Signature Algorithm: sha256WithRSAEncryption
87:14:6f:59:65:ed:2b:9d:62:ae:bd:9b:8b:57:5d:60:e7:d7:
cf:74:79:95:65:37:fa:73:ce:30:56:3c:14:51:2e:46:a3:7e:
52:17:98:92:72:e7:28:e1:b3:2a:ba:bb:37:d2:fd:07:88:4f:
91:22:17:1a:34:9b:07:cb:dd:12:46:68:00:ce:61:3c:34:c3:
e2:4b:8d:0c:72:8a:78:bf:c4:8a:95:67:b4:ed:de:e7:51:a1:
39:b7:43:aa:3b:4a:40:96:ec:47:11:6b:1b:a0:c8:39:86:84:
4b:eb:4b:59:98:d6:ba:bb:ad:17:a0:d7:13:70:3e:ec:fb:01:
c3:5a:01:d7:6d:02:7f:db:96:71:68:47:cf:e3:55:3b:d6:8b:
21:09:98:3e:1e:e8:3c:48:3e:aa:78:db:62:8e:06:c7:e8:bb:
24:28:ad:e1:42:c1:53:a0:9b:96:be:c1:66:28:2b:cc:36:63:
76:0c:d0:79:5e:10:97:d7:ae:9d:28:c7:2e:8c:f6:89:71:2a:
38:4f:40:7f:48:79:ec:df:55:f7:4d:ae:d0:a5:29:3b:1c:34:
46:ba:67:d3:e3:6d:16:50:4d:14:89:ad:2d:b4:50:38:2f:29:
99:a1:3a:df:6d:ce:27:cb:5c:9e:32:40:e7:e7:23:87:7d:f6:
89:05:c0:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5qB6lR4RVPXBw0++adszuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTI3MTUyMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmU4NWI4ODE1NmNhYjEzMDg4MjJjZmViODgxYzQ4MmM0YWI0Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTmir6ohFcqvnYAR5h9fUDBC+uLq
Rb8RUZgVny4W10+ZPMZTZvD49Kf7BQZj7TzDMVrVoqYZbyqsuabMC32qT6FdVknI
QKpV4ta8gtCO5AQPCRlyW1N/PfgN2IxzZMhiC94btOEXgf+dC+2prG1Env8FFJLn
2Z6YhBHjAbtC/FtjHfPftVdxbbUJ5vlm01NLVfdMkosa/OyAEYzrMrG0alUB+Tr0
tyMiYgb8U4TCCa975nG9tPPsF9xTp64gkxxaOfPpqQoLdSXLzBIGb41GUZBdbZWM
koW9Wy+sl2ZUOujfmbvDMnfT+bNivgjVbM/7G9pB2SxkKWZk2SWp4HKPOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIboW4gVbKsTCIIs/riBxILEq0zOMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaHVoYmlCVnNxeE1JZ2l6LXVJSEVnc1NyVE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUm0IAwQE
1IcgAwQE1IdwMA0GCSqGSIb3DQEBCwUAA4IBAQCHFG9ZZe0rnWKuvZuLV11g59fP
dHmVZTf6c84wVjwUUS5Go35SF5iScuco4bMqurs30v0HiE+RIhcaNJsHy90SRmgA
zmE8NMPiS40Mcop4v8SKlWe07d7nUaE5t0OqO0pAluxHEWsboMg5hoRL60tZmNa6
u60XoNcTcD7s+wHDWgHXbQJ/25ZxaEfP41U71oshCZg+Hug8SD6qeNtijgbH6Lsk
KK3hQsFToJuWvsFmKCvMNmN2DNB5XhCX166dKMcujPaJcSo4T0B/SHns31X3Ta7Q
pSk7HDRGumfT420WUE0Uia0ttFA4LymZoTrfbc4ny1yeMkDn5yOHffaJBcBG
-----END CERTIFICATE-----
Generated at Thu Jun 4 01:15:48 2026 by rpki-client