Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/_oRX04Ccp7g8yn6Qn7PqMMD7qgg.roa
File: _oRX04Ccp7g8yn6Qn7PqMMD7qgg.roa (raw, json)
Hash identifier: y56xKKuiofP4Wvb2d2PYOPDkpzXNerKcJtIazDABM0Y=
Subject key identifier: FE:84:57:D3:80:9C:A7:B8:3C:CA:7E:90:9F:B3:EA:30:C0:FB:AA:08
Certificate issuer: /CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Certificate serial: 019C4CA0804DB5588A3EF177767EE44CE21D
Authority key identifier: 9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/_oRX04Ccp7g8yn6Qn7PqMMD7qgg.roa
Signing time: Wed 11 Feb 2026 12:15:12 +0000
ROA not before: Wed 11 Feb 2026 12:15:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12337
IP address blocks: 212.29.0.0/23 maxlen: 23
212.29.0.0/24 maxlen: 24
212.29.1.0/24 maxlen: 24
212.29.11.0/24 maxlen: 24
212.29.12.0/24 maxlen: 24
212.29.13.0/24 maxlen: 24
212.29.20.0/24 maxlen: 24
212.29.24.0/23 maxlen: 23
212.29.25.0/24 maxlen: 24
212.29.30.0/23 maxlen: 23
212.29.30.0/24 maxlen: 24
212.29.31.0/24 maxlen: 24
217.19.160.0/24 maxlen: 24
217.19.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4c:a0:80:4d:b5:58:8a:3e:f1:77:76:7e:e4:4c:e2:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f69bdf9bbd2a4597e26ce20bfe138624cad33dc
Validity
Not Before: Feb 11 12:15:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fe8457d3809ca7b83cca7e909fb3ea30c0fbaa08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2e:06:61:76:c4:9a:71:b7:53:80:22:b6:50:
c7:1b:dc:b3:76:eb:24:eb:22:f6:68:61:03:75:15:
ce:86:dc:e0:01:42:80:93:fd:e3:97:ad:11:cf:42:
54:55:ba:da:7e:1f:a0:f0:00:a6:2c:b4:a8:05:46:
8c:3d:62:5b:a4:77:07:84:2f:b9:dc:46:86:58:f7:
fa:ff:37:ab:e3:4e:2b:ea:fb:26:8a:8a:ae:2b:d5:
46:e7:92:a3:95:24:9d:6b:ac:a5:a6:1c:49:2e:fd:
6f:b4:f8:9c:05:3d:83:05:e1:b3:f0:00:b8:d5:6e:
5d:5c:22:96:e7:ea:c3:0f:7f:df:7e:75:76:43:a7:
cf:fd:71:4c:f8:6d:66:57:7f:e8:ec:7d:b9:55:4a:
cd:cf:d4:cf:9b:eb:eb:66:b8:12:e0:6e:62:5e:61:
69:c8:61:ce:e5:67:56:20:84:46:fb:0c:00:40:e0:
02:a7:d4:20:8b:99:75:ae:7f:1b:42:20:a3:ae:8f:
c6:27:89:f4:0b:a4:da:89:a0:ee:01:9f:5e:0a:61:
c4:13:9b:4e:b0:02:30:63:7b:57:c4:49:cc:31:89:
0b:71:25:76:5a:df:43:03:97:da:f5:a2:93:a7:ed:
8e:8e:3e:35:15:a0:b5:b8:22:6f:c3:3a:90:57:4f:
51:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:84:57:D3:80:9C:A7:B8:3C:CA:7E:90:9F:B3:EA:30:C0:FB:AA:08
X509v3 Authority Key Identifier:
keyid:9F:69:BD:F9:BB:D2:A4:59:7E:26:CE:20:BF:E1:38:62:4C:AD:33:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n2m9-bvSpFl-Js4gv-E4YkytM9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/_oRX04Ccp7g8yn6Qn7PqMMD7qgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/cdbd0a-68ec-487d-8fea-619281380bc2/1/n2m9-bvSpFl-Js4gv-E4YkytM9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.0.0/23
212.29.11.0-212.29.13.255
212.29.20.0/24
212.29.24.0/23
212.29.30.0/23
217.19.160.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:b0:5e:e7:45:11:2b:c3:ba:46:fc:71:a9:ad:a5:f7:c5:33:
cd:be:82:f3:f3:89:ec:88:61:24:16:84:85:a1:5d:30:5a:13:
9d:f6:c9:8b:f7:cb:52:fd:4f:39:3a:93:13:58:c9:3b:7f:2c:
08:65:09:ef:2a:6d:25:fd:26:fe:40:af:50:d1:03:2b:99:90:
e5:ab:c8:18:9b:2d:03:b1:96:1b:10:00:2e:40:d3:a1:b6:80:
8c:77:e2:f8:a5:80:47:41:5c:ea:b1:07:fc:35:92:97:5d:59:
c2:36:00:2a:f8:c9:ac:92:9b:71:bb:14:93:c9:e5:26:df:43:
9f:91:76:12:a4:91:bc:cc:a9:7c:a7:ce:ec:f3:38:62:f7:20:
9d:e6:c3:b3:11:56:ff:4e:50:05:df:b2:95:15:90:c2:95:36:
db:4c:2d:78:c4:aa:be:39:86:da:46:04:b0:2d:84:ac:ca:b9:
ad:67:ce:50:74:64:84:08:eb:10:ad:ef:e9:02:10:0a:8c:38:
10:05:7c:36:c9:5c:0b:4d:20:46:5c:80:8d:93:eb:d0:4e:6d:
7b:32:9c:b8:28:2f:af:4a:fb:65:14:4b:24:ca:b9:e8:be:da:
68:a8:68:38:e2:33:c8:a9:e3:09:29:0f:13:1f:09:fb:be:9d:
84:23:c5:c3
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZxMoIBNtViKPvF3dn7kTOIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNjliZGY5YmJkMmE0NTk3ZTI2Y2UyMGJmZTEzODYyNGNh
ZDMzZGMwHhcNMjYwMjExMTIxNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg0NTdkMzgwOWNhN2I4M2NjYTdlOTA5ZmIzZWEzMGMwZmJhYTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzy4GYXbEmnG3U4AitlDHG9yzdusk
6yL2aGEDdRXOhtzgAUKAk/3jl60Rz0JUVbrafh+g8ACmLLSoBUaMPWJbpHcHhC+5
3EaGWPf6/zer404r6vsmioquK9VG55KjlSSda6ylphxJLv1vtPicBT2DBeGz8AC4
1W5dXCKW5+rDD3/ffnV2Q6fP/XFM+G1mV3/o7H25VUrNz9TPm+vrZrgS4G5iXmFp
yGHO5WdWIIRG+wwAQOACp9Qgi5l1rn8bQiCjro/GJ4n0C6TaiaDuAZ9eCmHEE5tO
sAIwY3tXxEnMMYkLcSV2Wt9DA5fa9aKTp+2Ojj41FaC1uCJvwzqQV09R6QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFP6EV9OAnKe4PMp+kJ+z6jDA+6oIMB8GA1UdIwQY
MBaAFJ9pvfm70qRZfibOIL/hOGJMrTPcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEt
NjE5MjgxMzgwYmMyLzEvX29SWDA0Q2NwN2c4eW42UW43UHFNTUQ3cWdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jZGJkMGEtNjhlYy00ODdkLThmZWEtNjE5MjgxMzgwYmMy
LzEvbjJtOS1idlNwRmwtSnM0Z3YtRTRZa3l0TTl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQB1B0AMAwD
BADUHQsDBAHUHQwDBADUHRQDBAHUHRgDBAHUHR4DBAHZE6AwDQYJKoZIhvcNAQEL
BQADggEBAAuwXudFESvDukb8camtpffFM82+gvPzieyIYSQWhIWhXTBaE532yYv3
y1L9Tzk6kxNYyTt/LAhlCe8qbSX9Jv5Ar1DRAyuZkOWryBibLQOxlhsQAC5A06G2
gIx34vilgEdBXOqxB/w1kpddWcI2ACr4yaySm3G7FJPJ5SbfQ5+RdhKkkbzMqXyn
zuzzOGL3IJ3mw7MRVv9OUAXfspUVkMKVNttMLXjEqr45htpGBLAthKzKua1nzlB0
ZIQI6xCt7+kCEAqMOBAFfDbJXAtNIEZcgI2T69BObXsynLgoL69K+2UUSyTKuei+
2mioaDjiM8ip4wkpDxMfCfu+nYQjxcM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:04:50 2026 by rpki-client