Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/mA8hbT8hyN-yYScyVVPL3cm01ew.roa
File: mA8hbT8hyN-yYScyVVPL3cm01ew.roa (raw, json)
Hash identifier: +mBbuYEfRGyTrtgXadUHb5Jqj7BFZsu9b/KGw+8P5T0=
Subject key identifier: 98:0F:21:6D:3F:21:C8:DF:B2:61:27:32:55:53:CB:DD:C9:B4:D5:EC
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DD967F91A431B05799E2F4CAC3225FF43
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/mA8hbT8hyN-yYScyVVPL3cm01ew.roa
Signing time: Wed 29 Apr 2026 13:22:42 +0000
ROA not before: Wed 29 Apr 2026 13:22:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32418
IP address blocks: 212.134.21.0/24 maxlen: 24
212.134.98.0/24 maxlen: 24
212.135.142.0/24 maxlen: 24
212.135.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 12:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:67:f9:1a:43:1b:05:79:9e:2f:4c:ac:32:25:ff:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 29 13:22:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=980f216d3f21c8dfb26127325553cbddc9b4d5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c4:c0:7e:e9:33:c6:8b:18:0c:00:f0:a1:ed:
2a:63:29:f8:aa:c2:d5:94:33:d2:34:9f:42:37:81:
d4:88:31:d5:3f:87:4e:38:57:cc:55:cc:32:93:b5:
02:c0:b6:a4:4c:96:43:dc:5d:8b:b2:86:c8:90:84:
f7:07:e8:c4:cf:d4:94:62:1f:b9:3f:ba:9c:97:2b:
61:46:3c:64:b1:73:7b:e6:96:30:d2:02:4c:6a:8b:
57:48:70:c0:51:9d:3f:38:2a:ce:cc:aa:b6:30:7b:
4d:ca:b3:6f:81:5c:36:49:dc:0b:5c:1b:28:de:0c:
e9:7d:d1:56:e2:54:e7:72:28:46:d8:7e:42:38:0b:
99:51:78:ac:2b:24:e5:21:8d:38:a3:ae:27:14:1d:
68:1f:62:fa:1b:ae:50:6a:e7:2f:ee:0d:ad:7b:d8:
42:4b:56:86:d3:b6:53:82:42:f9:9b:45:b6:e4:1c:
ba:3c:0d:b4:0e:20:f5:34:39:fd:20:85:9d:02:07:
27:fc:ba:b5:68:5c:eb:ad:b0:ee:a1:5c:5d:29:a0:
6f:2a:46:86:17:dc:fc:06:17:ba:ed:a1:31:f1:51:
09:cc:eb:6f:32:88:0d:73:97:61:b8:1e:5d:ef:fb:
df:f2:f1:3d:21:f0:30:1f:90:a7:dc:f2:86:c6:75:
76:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0F:21:6D:3F:21:C8:DF:B2:61:27:32:55:53:CB:DD:C9:B4:D5:EC
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/mA8hbT8hyN-yYScyVVPL3cm01ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.21.0/24
212.134.98.0/24
212.135.142.0/24
212.135.251.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:33:96:54:98:ac:a8:4b:0b:95:81:17:c4:bf:aa:8c:e0:97:
34:95:4a:c1:e6:d2:af:b6:81:24:c6:a5:99:e4:e9:ab:c7:62:
fb:e7:cf:ec:ed:fd:40:53:9c:87:29:29:f1:75:91:7e:94:2a:
8f:12:7c:29:b1:05:d9:5f:80:fe:37:af:dd:1f:50:5e:0c:01:
eb:12:4d:8e:45:a8:e7:63:8d:a9:3f:d8:81:63:4b:79:f9:19:
07:bc:30:c6:ca:cc:5d:96:1f:e7:8a:3d:0f:33:cf:36:aa:6a:
5f:d2:03:23:f0:c9:f2:14:2d:21:d7:0e:a7:28:5d:55:9e:b8:
e6:e5:b0:b3:66:a1:1f:fe:2e:ff:a8:e2:54:ab:9e:2e:44:ad:
ac:93:91:8b:80:02:9b:e2:ba:97:27:a0:b7:d8:39:fe:15:8c:
ea:51:e4:e7:54:6a:9b:9f:02:09:2d:76:a5:4a:4c:97:af:eb:
23:12:a9:91:1e:f1:3f:f6:76:80:ee:48:ee:55:de:47:37:78:
27:4b:45:5f:97:19:f5:89:f4:fc:dc:e9:2e:93:4b:01:29:48:
f6:7d:93:d7:30:55:c6:8d:3c:9d:71:a4:15:11:a3:22:ab:92:
5d:40:97:f0:91:f0:8f:7e:13:d7:30:10:fd:cb:e1:8a:e7:6d:
f0:fc:8c:1e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3ZZ/kaQxsFeZ4vTKwyJf9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDI5MTMyMjQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODBmMjE2ZDNmMjFjOGRmYjI2MTI3MzI1NTUzY2JkZGM5YjRkNWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MTAfukzxosYDADwoe0qYyn4qsLV
lDPSNJ9CN4HUiDHVP4dOOFfMVcwyk7UCwLakTJZD3F2LsobIkIT3B+jEz9SUYh+5
P7qclythRjxksXN75pYw0gJMaotXSHDAUZ0/OCrOzKq2MHtNyrNvgVw2SdwLXBso
3gzpfdFW4lTncihG2H5COAuZUXisKyTlIY04o64nFB1oH2L6G65Qaucv7g2te9hC
S1aG07ZTgkL5m0W25By6PA20DiD1NDn9IIWdAgcn/Lq1aFzrrbDuoVxdKaBvKkaG
F9z8Bhe67aEx8VEJzOtvMogNc5dhuB5d7/vf8vE9IfAwH5Cn3PKGxnV2dQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJgPIW0/IcjfsmEnMlVTy93JtNXsMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbUE4aGJUOGh5Ti15WVNjeVZWUEwzY20wMWV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1IYVAwQA
1IZiAwQA1IeOAwQA1If7MA0GCSqGSIb3DQEBCwUAA4IBAQCrM5ZUmKyoSwuVgRfE
v6qM4Jc0lUrB5tKvtoEkxqWZ5Omrx2L758/s7f1AU5yHKSnxdZF+lCqPEnwpsQXZ
X4D+N6/dH1BeDAHrEk2ORajnY42pP9iBY0t5+RkHvDDGysxdlh/nij0PM882qmpf
0gMj8MnyFC0h1w6nKF1Vnrjm5bCzZqEf/i7/qOJUq54uRK2sk5GLgAKb4rqXJ6C3
2Dn+FYzqUeTnVGqbnwIJLXalSkyXr+sjEqmRHvE/9naA7kjuVd5HN3gnS0Vflxn1
ifT83Okuk0sBKUj2fZPXMFXGjTydcaQVEaMiq5JdQJfwkfCPfhPXMBD9y+GK523w
/Iwe
-----END CERTIFICATE-----
Generated at Thu Apr 30 17:32:00 2026 by rpki-client