Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7dlLb1mQuulDFLIJIubZnzn92Y.roa
File: e7dlLb1mQuulDFLIJIubZnzn92Y.roa (raw, json)
Hash identifier: pjhxvegNUc0jD9hr5mE16h6OsbQxuTM2Z8MfFLGcvIk=
Subject key identifier: 7B:B7:65:2D:BD:66:42:EB:A5:0C:52:C8:24:8B:9B:66:7C:E7:F7:66
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 019C70249AD41C0C9B0DE795CBEE8EE9BD94
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7dlLb1mQuulDFLIJIubZnzn92Y.roa
Signing time: Wed 18 Feb 2026 09:46:12 +0000
ROA not before: Wed 18 Feb 2026 09:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
212.68.180.0/22 maxlen: 22
212.68.180.0/24 maxlen: 24
212.68.181.0/24 maxlen: 24
212.68.182.0/24 maxlen: 24
212.68.183.0/24 maxlen: 24
212.68.188.0/22 maxlen: 22
212.68.188.0/24 maxlen: 24
212.68.189.0/24 maxlen: 24
212.68.190.0/24 maxlen: 24
212.68.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Feb 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:24:9a:d4:1c:0c:9b:0d:e7:95:cb:ee:8e:e9:bd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Feb 18 09:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bb7652dbd6642eba50c52c8248b9b667ce7f766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8c:36:3f:6d:6f:2c:60:17:75:d9:71:79:ae:
1e:bd:ef:19:e0:be:7a:9c:11:18:06:b1:21:1e:fd:
bc:5c:db:18:6d:59:5a:66:c4:32:e6:67:b7:63:97:
19:9d:3f:d5:04:20:75:14:4c:0e:52:5a:0f:35:30:
62:d2:4f:f3:a1:5f:82:47:a6:0e:98:2c:bb:a7:1e:
d1:07:36:db:71:0d:58:96:96:b4:e6:ad:45:30:00:
ed:09:ff:03:52:7c:33:0b:85:d9:79:ef:ac:32:df:
40:43:39:0e:82:8f:76:f8:22:b8:ea:1f:bf:68:a0:
c8:cb:fb:41:16:e1:a0:a1:75:d4:8d:98:03:70:9c:
1b:ab:51:44:a0:18:ca:e4:e8:26:04:6d:d0:c8:03:
1c:8f:40:60:c0:2e:d0:dd:57:48:14:15:94:81:17:
fc:9f:9e:7a:ef:f2:43:6e:ab:a1:50:7c:18:5d:91:
f6:b9:0c:85:24:fe:75:97:eb:11:7b:e3:c8:38:ad:
c1:0a:50:2c:6d:0e:07:4f:7e:95:42:76:2a:56:35:
e5:88:bd:7b:08:4b:21:af:43:4b:29:f1:ea:9d:3d:
e6:3c:1c:cc:65:c7:94:3f:70:81:ae:72:bb:18:4c:
9f:e0:e7:c8:fd:cc:84:60:5a:41:40:9a:93:6a:41:
6b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B7:65:2D:BD:66:42:EB:A5:0C:52:C8:24:8B:9B:66:7C:E7:F7:66
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/e7dlLb1mQuulDFLIJIubZnzn92Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.168.0/22
212.68.180.0/22
212.68.188.0/22
Signature Algorithm: sha256WithRSAEncryption
83:ca:02:6e:65:87:ba:30:1e:53:d9:dd:dc:e2:65:09:6f:c6:
4e:f6:c5:8a:96:1e:99:24:46:0b:e8:62:0f:cf:1f:05:6a:5a:
75:6a:9b:d7:24:49:f8:71:f4:e5:71:e3:5f:f4:89:35:3e:bb:
8e:b6:49:83:48:96:70:c4:00:6a:96:29:fa:fe:35:2f:34:0c:
e2:8c:92:e3:e5:79:b1:20:a1:f1:40:51:00:2f:79:29:0c:14:
79:90:81:2e:6d:6b:55:c4:21:9e:e2:16:d3:84:1c:aa:c4:9d:
24:db:9c:89:4a:53:e5:30:6f:d4:f3:3d:7b:56:e4:19:a9:93:
25:75:27:99:d5:d9:2d:b4:b4:d9:49:6d:cd:21:1f:95:53:37:
c0:15:1f:73:f6:0d:a5:cc:b1:8d:a4:1f:5f:2b:85:80:0a:6b:
1d:32:d4:a7:06:a6:ee:8f:55:95:10:0b:51:30:f5:63:78:ad:
b1:bd:4c:f4:92:8f:90:a9:40:a6:5d:08:78:5e:84:a8:fc:ba:
c1:21:d3:3f:ef:99:1a:11:cd:f7:ea:4b:cb:cd:7e:0f:bd:97:
31:11:94:6c:a5:06:a6:63:b6:ab:b0:9c:f0:36:d5:88:fe:4b:
9f:6d:d6:c6:02:ec:fe:b8:b5:d9:11:4a:07:58:d3:ca:49:95:
cd:b6:25:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZxwJJrUHAybDeeVy+6O6b2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjYwMjE4MDk0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmI3NjUyZGJkNjY0MmViYTUwYzUyYzgyNDhiOWI2NjdjZTdmNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtow2P21vLGAXddlxea4eve8Z4L56
nBEYBrEhHv28XNsYbVlaZsQy5me3Y5cZnT/VBCB1FEwOUloPNTBi0k/zoV+CR6YO
mCy7px7RBzbbcQ1Ylpa05q1FMADtCf8DUnwzC4XZee+sMt9AQzkOgo92+CK46h+/
aKDIy/tBFuGgoXXUjZgDcJwbq1FEoBjK5OgmBG3QyAMcj0BgwC7Q3VdIFBWUgRf8
n5567/JDbquhUHwYXZH2uQyFJP51l+sRe+PIOK3BClAsbQ4HT36VQnYqVjXliL17
CEshr0NLKfHqnT3mPBzMZceUP3CBrnK7GEyf4OfI/cyEYFpBQJqTakFrFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHu3ZS29ZkLrpQxSyCSLm2Z85/dmMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvZTdkbExiMW1RdXVsREZMSUpJdWJabnpuOTJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQC1ESoAwQC
1ES0AwQC1ES8MA0GCSqGSIb3DQEBCwUAA4IBAQCDygJuZYe6MB5T2d3c4mUJb8ZO
9sWKlh6ZJEYL6GIPzx8Falp1apvXJEn4cfTlceNf9Ik1PruOtkmDSJZwxABqlin6
/jUvNAzijJLj5XmxIKHxQFEAL3kpDBR5kIEubWtVxCGe4hbThByqxJ0k25yJSlPl
MG/U8z17VuQZqZMldSeZ1dkttLTZSW3NIR+VUzfAFR9z9g2lzLGNpB9fK4WACmsd
MtSnBqbuj1WVEAtRMPVjeK2xvUz0ko+QqUCmXQh4XoSo/LrBIdM/75kaEc336kvL
zX4PvZcxEZRspQamY7arsJzwNtWI/kufbdbGAuz+uLXZEUoHWNPKSZXNtiWy
-----END CERTIFICATE-----
Generated at Sun Feb 22 14:09:14 2026 by rpki-client