Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/E-yyNbOhGJbUbMMnh_ronyjk6R0.roa
File: E-yyNbOhGJbUbMMnh_ronyjk6R0.roa (raw, json)
Hash identifier: sS8WDSORKdLVuwDZgb0WS5DWw6/XtkSCrE6NwcxpyNo=
Subject key identifier: 13:EC:B2:35:B3:A1:18:96:D4:6C:C3:27:87:FA:E8:9F:28:E4:E9:1D
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D8AA23BC24663E88315BCB0E44D097F50
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/E-yyNbOhGJbUbMMnh_ronyjk6R0.roa
Signing time: Tue 14 Apr 2026 06:16:21 +0000
ROA not before: Tue 14 Apr 2026 06:16:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 212.134.132.0/24 maxlen: 24
212.134.160.0/24 maxlen: 24
212.135.22.0/24 maxlen: 24
212.135.197.0/24 maxlen: 24
212.135.198.0/24 maxlen: 24
212.135.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:a2:3b:c2:46:63:e8:83:15:bc:b0:e4:4d:09:7f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 14 06:16:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=13ecb235b3a11896d46cc32787fae89f28e4e91d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fd:04:3a:a6:43:8f:1a:0a:6f:96:ed:40:a6:
37:e5:d0:97:4d:42:de:a6:7e:f1:a4:dd:1e:f7:8f:
dc:90:4a:9e:70:9e:c6:38:da:fe:55:ab:2c:e2:a5:
49:90:5b:4a:7f:4a:8d:24:21:d2:4e:9b:e5:1e:47:
21:57:25:92:e5:a3:a1:ee:4e:4c:0a:02:9a:36:71:
21:5e:26:60:23:f7:ef:c3:89:31:99:68:80:0d:2a:
37:89:aa:e2:71:02:60:11:79:41:6f:7b:a6:09:64:
6d:f1:8b:80:2b:56:8b:e2:f3:96:bd:75:db:1e:f6:
37:1a:be:0c:b2:36:90:51:f8:82:bf:14:6c:5a:7e:
6f:01:7c:29:a4:e5:54:da:11:5c:6c:2c:8c:2a:79:
ec:97:1b:97:bf:eb:72:85:a9:ac:51:18:10:64:32:
79:53:36:0b:66:7e:86:65:44:95:1d:3f:88:d8:aa:
f2:34:58:70:f3:4c:2a:1c:1a:88:cf:03:9c:aa:8d:
c8:34:28:17:f0:99:07:e1:6d:5c:7a:63:91:34:4a:
a4:b5:11:21:b0:24:f1:20:a4:64:b8:ab:45:1e:40:
a8:f4:11:37:8e:65:b1:34:bf:46:89:11:bc:21:48:
7c:d1:ce:ce:9e:4c:e4:1e:67:37:56:83:03:7c:2c:
34:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:EC:B2:35:B3:A1:18:96:D4:6C:C3:27:87:FA:E8:9F:28:E4:E9:1D
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/E-yyNbOhGJbUbMMnh_ronyjk6R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.132.0/24
212.134.160.0/24
212.135.22.0/24
212.135.197.0-212.135.198.255
212.135.255.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:96:53:94:31:8e:e6:02:f2:40:a1:b2:05:71:41:5f:92:6f:
8c:0f:b7:7c:ae:66:e3:1e:eb:fe:9d:70:31:ce:07:f9:9f:ff:
05:26:b6:f6:2d:0d:b3:0a:6e:75:df:c8:7f:c4:eb:99:43:39:
47:8a:98:1b:ea:0c:ca:11:fa:4b:fc:59:aa:dd:7f:98:23:51:
93:68:00:6d:f8:be:c2:89:16:66:80:3f:06:19:9d:ca:63:41:
e4:4a:9d:88:5c:70:88:e4:bb:6d:a6:3f:80:7e:11:60:f2:66:
86:22:32:6f:b3:22:2b:a2:a9:f8:a0:9a:7f:81:36:e3:f9:c8:
c0:d4:d2:8b:4e:e1:7f:ce:ac:26:32:20:dc:2e:bb:df:e6:1f:
5d:a4:24:05:18:cb:6e:62:cc:ce:05:7f:94:d8:d6:ac:2b:9f:
d4:2a:70:cf:e8:49:87:eb:7f:bc:24:84:39:dd:35:51:cc:ea:
bb:39:ef:e4:bd:92:f8:29:84:3c:64:5f:da:d3:9b:a3:e1:82:
56:d4:00:a3:ef:57:85:29:24:b8:1d:23:0b:a1:3a:67:a0:b6:
3f:90:4b:2d:95:29:bc:63:ec:35:b8:bd:ab:c5:8b:81:16:6d:
16:e2:b0:63:58:17:aa:09:67:33:dc:b2:7b:16:dc:c9:86:b8:
92:00:fe:a8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ2KojvCRmPogxW8sORNCX9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDE0MDYxNjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2VjYjIzNWIzYTExODk2ZDQ2Y2MzMjc4N2ZhZTg5ZjI4ZTRlOTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6v0EOqZDjxoKb5btQKY35dCXTULe
pn7xpN0e94/ckEqecJ7GONr+Vass4qVJkFtKf0qNJCHSTpvlHkchVyWS5aOh7k5M
CgKaNnEhXiZgI/fvw4kxmWiADSo3iaricQJgEXlBb3umCWRt8YuAK1aL4vOWvXXb
HvY3Gr4MsjaQUfiCvxRsWn5vAXwppOVU2hFcbCyMKnnslxuXv+tyhamsURgQZDJ5
UzYLZn6GZUSVHT+I2KryNFhw80wqHBqIzwOcqo3INCgX8JkH4W1cemORNEqktREh
sCTxIKRkuKtFHkCo9BE3jmWxNL9GiRG8IUh80c7OnkzkHmc3VoMDfCw0OwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBPssjWzoRiW1GzDJ4f66J8o5OkdMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvRS15eU5iT2hHSmJVYk1Nbmhfcm9ueWprNlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQA1IaEAwQA
1IagAwQA1IcWMAwDBADUh8UDBADUh8YDBADUh/8wDQYJKoZIhvcNAQELBQADggEB
AB+WU5QxjuYC8kChsgVxQV+Sb4wPt3yuZuMe6/6dcDHOB/mf/wUmtvYtDbMKbnXf
yH/E65lDOUeKmBvqDMoR+kv8Wardf5gjUZNoAG34vsKJFmaAPwYZncpjQeRKnYhc
cIjku22mP4B+EWDyZoYiMm+zIiuiqfigmn+BNuP5yMDU0otO4X/OrCYyINwuu9/m
H12kJAUYy25izM4Ff5TY1qwrn9QqcM/oSYfrf7wkhDndNVHM6rs57+S9kvgphDxk
X9rTm6PhglbUAKPvV4UpJLgdIwuhOmegtj+QSy2VKbxj7DW4vavFi4EWbRbisGNY
F6oJZzPcsnsW3MmGuJIA/qg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:51:51 2026 by rpki-client