Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ixx9bq3JYNFsd3PUYtjHa7S6nog.roa
File: ixx9bq3JYNFsd3PUYtjHa7S6nog.roa (raw, json)
Hash identifier: Fr7MHWnRU8lOG8bX1A42TNqYZKAWuhApNP7P0ACPkzU=
Subject key identifier: 8B:1C:7D:6E:AD:C9:60:D1:6C:77:73:D4:62:D8:C7:6B:B4:BA:9E:88
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DD8163DF83E3ADF2F8BDA0CCC4983DD7D
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ixx9bq3JYNFsd3PUYtjHa7S6nog.roa
Signing time: Wed 29 Apr 2026 07:13:49 +0000
ROA not before: Wed 29 Apr 2026 07:13:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199186
IP address blocks: 212.134.95.0/24 maxlen: 24
212.134.100.0/24 maxlen: 24
212.134.153.0/24 maxlen: 24
212.135.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 02 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d8:16:3d:f8:3e:3a:df:2f:8b:da:0c:cc:49:83:dd:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 29 07:13:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b1c7d6eadc960d16c7773d462d8c76bb4ba9e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:31:6f:f4:bf:4f:03:32:42:a5:6d:bf:cd:19:
01:02:af:9e:8d:ee:15:92:a0:32:50:f5:36:c9:be:
8d:cf:d7:9b:8a:e1:e0:7d:51:ea:72:42:c4:10:fb:
13:08:63:13:50:dc:62:b2:25:5d:4a:ff:0e:1d:f9:
7a:a8:09:04:a8:e8:36:93:4b:4c:7c:de:77:54:1c:
c6:f9:e5:13:b8:35:72:64:62:6a:11:9f:28:c4:79:
13:6f:4c:77:bb:e3:b5:9e:a3:9d:2e:24:ff:73:aa:
65:c5:76:d4:04:57:a1:42:04:ae:fc:32:31:0f:0c:
d6:15:bd:f5:96:7a:f6:aa:12:fd:e6:36:8b:f6:c6:
37:5a:69:49:2b:12:fb:92:1b:20:fc:5b:8f:c9:3c:
11:b6:16:0b:18:ed:a7:2f:cb:44:4a:71:7d:47:e9:
28:68:0f:21:3c:9e:17:53:38:fc:2f:f2:61:ed:d9:
b4:73:6c:0e:0e:0c:2e:ba:b7:1a:4e:72:b0:6d:e3:
98:57:e3:67:d6:28:b8:3f:79:65:d3:c2:2f:ac:ef:
62:09:4d:0a:1e:f5:e8:15:37:e4:41:0b:44:2a:19:
40:e6:ea:9d:d3:33:19:a1:52:3c:0b:1f:51:01:1f:
98:ac:c1:ef:89:b9:ed:eb:ff:5a:33:e3:5d:90:be:
88:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:1C:7D:6E:AD:C9:60:D1:6C:77:73:D4:62:D8:C7:6B:B4:BA:9E:88
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ixx9bq3JYNFsd3PUYtjHa7S6nog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.95.0/24
212.134.100.0/24
212.134.153.0/24
212.135.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:3e:8e:6e:90:32:5b:4b:83:3d:f3:f5:fd:be:fb:b9:07:54:
06:fe:a3:b0:a6:28:73:59:33:6e:46:d6:0a:57:e0:27:6d:1e:
84:e4:49:52:e4:a3:51:fb:8c:29:cc:58:25:de:18:c7:80:c6:
5d:66:e2:a6:d7:31:9b:cd:47:d9:08:95:f0:b1:bc:d7:30:43:
77:e7:79:7e:bc:98:34:54:8c:07:db:7f:c6:a5:dc:cc:93:7d:
10:db:e2:63:8d:f6:b7:69:5f:1d:e0:f3:8d:52:a5:c3:d0:01:
ca:ea:4e:c7:e6:3c:e0:3d:e1:08:28:0f:fc:02:bb:40:8b:88:
27:f0:64:01:57:69:41:90:60:1c:b8:31:59:51:72:1b:b7:14:
9b:be:cf:1a:84:a1:46:cd:ae:ae:84:34:1e:90:5f:0f:b1:ce:
45:81:5c:d7:59:77:e5:c2:81:59:76:68:34:f7:30:24:f3:0e:
e0:38:10:c9:29:14:cc:7c:70:72:7a:d6:ed:e8:ce:bb:34:fd:
6d:b1:ee:76:71:d7:36:d6:92:91:bd:0f:b3:7c:a1:96:ae:62:
e0:df:9f:f0:ba:38:50:09:c2:88:01:3c:69:46:f2:af:5b:ed:
0b:61:f4:78:c8:60:04:d8:b1:42:d5:49:6f:b8:ad:19:f2:ca:
f9:bd:d8:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3YFj34PjrfL4vaDMxJg919MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDI5MDcxMzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjFjN2Q2ZWFkYzk2MGQxNmM3NzczZDQ2MmQ4Yzc2YmI0YmE5ZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzFv9L9PAzJCpW2/zRkBAq+eje4V
kqAyUPU2yb6Nz9ebiuHgfVHqckLEEPsTCGMTUNxisiVdSv8OHfl6qAkEqOg2k0tM
fN53VBzG+eUTuDVyZGJqEZ8oxHkTb0x3u+O1nqOdLiT/c6plxXbUBFehQgSu/DIx
DwzWFb31lnr2qhL95jaL9sY3WmlJKxL7khsg/FuPyTwRthYLGO2nL8tESnF9R+ko
aA8hPJ4XUzj8L/Jh7dm0c2wODgwuurcaTnKwbeOYV+Nn1ii4P3ll08IvrO9iCU0K
HvXoFTfkQQtEKhlA5uqd0zMZoVI8Cx9RAR+YrMHvibnt6/9aM+NdkL6I3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIscfW6tyWDRbHdz1GLYx2u0up6IMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaXh4OWJxM0pZTkZzZDNQVVl0akhhN1M2bm9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1IZfAwQA
1IZkAwQA1IaZAwQA1IcQMA0GCSqGSIb3DQEBCwUAA4IBAQCaPo5ukDJbS4M98/X9
vvu5B1QG/qOwpihzWTNuRtYKV+AnbR6E5ElS5KNR+4wpzFgl3hjHgMZdZuKm1zGb
zUfZCJXwsbzXMEN353l+vJg0VIwH23/GpdzMk30Q2+Jjjfa3aV8d4PONUqXD0AHK
6k7H5jzgPeEIKA/8ArtAi4gn8GQBV2lBkGAcuDFZUXIbtxSbvs8ahKFGza6uhDQe
kF8Psc5FgVzXWXflwoFZdmg09zAk8w7gOBDJKRTMfHByetbt6M67NP1tse52cdc2
1pKRvQ+zfKGWrmLg35/wujhQCcKIATxpRvKvW+0LYfR4yGAE2LFC1UlvuK0Z8sr5
vdjs
-----END CERTIFICATE-----
Generated at Fri May 1 19:13:28 2026 by rpki-client