Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HV2dMXGTNwfbDYvvnzZjCONi9GE.roa
File: HV2dMXGTNwfbDYvvnzZjCONi9GE.roa (raw, json)
Hash identifier: hiOR1bH+jpCdAnN7uagkSsvjzX6xoVP+iw9B1XXJgvQ=
Subject key identifier: 1D:5D:9D:31:71:93:37:07:DB:0D:8B:EF:9F:36:63:08:E3:62:F4:61
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D96C2CC463DB6FF6BC8AC8A221D2CFF6E
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HV2dMXGTNwfbDYvvnzZjCONi9GE.roa
Signing time: Thu 16 Apr 2026 14:47:21 +0000
ROA not before: Thu 16 Apr 2026 14:47:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 212.134.18.0/24 maxlen: 24
212.134.36.0/24 maxlen: 24
212.134.39.0/24 maxlen: 24
212.134.40.0/22 maxlen: 24
212.134.47.0/24 maxlen: 24
212.134.48.0/22 maxlen: 24
212.134.55.0/24 maxlen: 24
212.134.56.0/23 maxlen: 24
212.134.58.0/24 maxlen: 24
212.134.80.0/24 maxlen: 24
212.134.83.0/24 maxlen: 24
212.134.89.0/24 maxlen: 24
212.134.95.0/24 maxlen: 24
212.134.96.0/24 maxlen: 24
212.134.98.0/23 maxlen: 24
212.134.100.0/22 maxlen: 24
212.134.104.0/23 maxlen: 24
212.134.106.0/23 maxlen: 24
212.134.109.0/24 maxlen: 24
212.134.110.0/23 maxlen: 24
212.134.112.0/22 maxlen: 24
212.134.120.0/22 maxlen: 24
212.134.128.0/22 maxlen: 24
212.134.132.0/22 maxlen: 24
212.134.135.0/24 maxlen: 24
212.134.136.0/22 maxlen: 24
212.134.140.0/22 maxlen: 24
212.134.148.0/24 maxlen: 24
212.134.152.0/22 maxlen: 24
212.134.156.0/24 maxlen: 24
212.134.160.0/22 maxlen: 24
212.134.171.0/24 maxlen: 24
212.134.175.0/24 maxlen: 24
212.134.179.0/24 maxlen: 24
212.134.188.0/22 maxlen: 24
212.134.196.0/22 maxlen: 24
212.134.199.0/24 maxlen: 24
212.134.204.0/22 maxlen: 24
212.134.212.0/22 maxlen: 24
212.134.216.0/22 maxlen: 24
212.134.219.0/24 maxlen: 24
212.134.228.0/22 maxlen: 24
212.134.228.0/24 maxlen: 24
212.134.232.0/22 maxlen: 24
212.134.232.0/24 maxlen: 24
212.134.236.0/22 maxlen: 24
212.134.244.0/22 maxlen: 24
212.134.248.0/22 maxlen: 24
212.134.251.0/24 maxlen: 24
212.134.252.0/22 maxlen: 24
212.134.253.0/24 maxlen: 24
212.135.16.0/22 maxlen: 24
212.135.20.0/24 maxlen: 24
212.135.21.0/24 maxlen: 24
212.135.22.0/23 maxlen: 24
212.135.24.0/23 maxlen: 24
212.135.24.0/24 maxlen: 24
212.135.26.0/24 maxlen: 24
212.135.28.0/23 maxlen: 24
212.135.80.0/20 maxlen: 24
212.135.128.0/23 maxlen: 24
212.135.128.0/24 maxlen: 24
212.135.129.0/24 maxlen: 24
212.135.135.0/24 maxlen: 24
212.135.144.0/23 maxlen: 24
212.135.155.0/24 maxlen: 24
212.135.158.0/24 maxlen: 24
212.135.161.0/24 maxlen: 24
212.135.162.0/24 maxlen: 24
212.135.204.0/22 maxlen: 24
212.135.240.0/23 maxlen: 24
212.135.241.0/24 maxlen: 24
212.135.247.0/24 maxlen: 24
212.135.248.0/23 maxlen: 24
212.135.251.0/24 maxlen: 24
212.135.252.0/23 maxlen: 24
212.135.252.0/24 maxlen: 24
212.135.253.0/24 maxlen: 24
212.135.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:c2:cc:46:3d:b6:ff:6b:c8:ac:8a:22:1d:2c:ff:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 16 14:47:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1d5d9d3171933707db0d8bef9f366308e362f461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:14:0b:47:ed:c0:3f:07:bf:20:80:fd:85:eb:
56:5f:14:ef:8e:4b:90:4c:22:65:36:02:92:02:d0:
eb:5b:b6:b1:48:22:d3:98:69:da:a3:10:3c:55:46:
bd:85:4c:05:9a:3c:a4:dc:6a:11:5b:3b:de:cb:b8:
3a:39:df:fe:4a:9f:73:1f:5b:39:ad:a4:7f:4e:e1:
3d:ff:b1:d8:9e:e6:93:54:57:f5:3b:a6:c3:68:58:
33:39:63:37:c9:45:65:b2:89:5b:cb:0c:06:de:cc:
77:b4:54:b7:ad:40:87:aa:f3:15:1f:18:97:06:fe:
71:96:4c:4f:a0:7a:53:46:70:71:05:0a:8b:da:e6:
01:81:b3:05:8b:b2:06:ee:0b:c4:2d:9e:5a:09:41:
3c:0d:c5:a6:de:56:4e:27:e0:36:d6:45:a0:e3:9e:
ef:2e:70:7c:ee:c8:03:6d:62:f7:7f:ec:13:e4:d7:
e7:08:ae:42:0a:18:ac:43:0b:76:33:86:14:e5:ff:
e6:18:8a:dd:87:a9:33:82:9c:5a:32:9a:82:0a:99:
8c:1a:7f:84:64:5b:39:9a:93:a5:c3:2a:fd:84:a8:
92:1f:e5:9b:bf:91:0f:ac:31:10:0d:51:24:bb:5f:
6c:8f:46:a4:84:2b:d9:56:37:ac:3b:15:d3:c2:ba:
00:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5D:9D:31:71:93:37:07:DB:0D:8B:EF:9F:36:63:08:E3:62:F4:61
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/HV2dMXGTNwfbDYvvnzZjCONi9GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.18.0/24
212.134.36.0/24
212.134.39.0-212.134.43.255
212.134.47.0-212.134.51.255
212.134.55.0-212.134.58.255
212.134.80.0/24
212.134.83.0/24
212.134.89.0/24
212.134.95.0-212.134.96.255
212.134.98.0-212.134.107.255
212.134.109.0-212.134.115.255
212.134.120.0/22
212.134.128.0/20
212.134.148.0/24
212.134.152.0-212.134.156.255
212.134.160.0/22
212.134.171.0/24
212.134.175.0/24
212.134.179.0/24
212.134.188.0/22
212.134.196.0/22
212.134.204.0/22
212.134.212.0-212.134.219.255
212.134.228.0-212.134.239.255
212.134.244.0-212.134.255.255
212.135.16.0-212.135.26.255
212.135.28.0/23
212.135.80.0/20
212.135.128.0/23
212.135.135.0/24
212.135.144.0/23
212.135.155.0/24
212.135.158.0/24
212.135.161.0-212.135.162.255
212.135.204.0/22
212.135.240.0/23
212.135.247.0-212.135.249.255
212.135.251.0-212.135.254.255
Signature Algorithm: sha256WithRSAEncryption
09:64:d0:af:e0:e4:db:5d:8d:13:4f:55:ff:27:ce:b5:75:d5:
b1:13:93:0f:0b:46:95:6e:e3:4d:fe:6a:6c:8b:66:8a:44:c2:
9a:59:1c:10:85:07:01:c9:82:39:01:9f:b9:a9:b8:dc:18:f2:
ef:44:23:20:4e:e5:53:5f:de:98:3e:ec:96:4c:b1:1b:20:ca:
c5:1e:1f:bc:e1:79:c1:da:c7:c3:7b:4b:6b:d6:99:14:0a:cd:
b5:96:b4:a9:c6:05:00:14:6a:6a:14:25:d2:a6:ec:8e:8e:cf:
7f:97:d8:75:93:af:ca:10:49:33:e2:e8:61:eb:be:a2:63:bd:
ba:54:e1:1f:65:4e:23:09:8f:62:27:79:03:f8:2e:4d:57:a8:
76:65:b4:72:24:3d:d2:6f:77:50:fe:42:c7:4c:5a:a2:91:03:
34:64:f9:fc:c2:6a:84:93:ed:18:fb:ef:11:9b:df:47:b5:66:
18:99:d9:af:36:fe:9d:ff:d4:c2:3f:38:ee:6f:31:83:6b:c9:
c3:43:ce:1a:84:f7:5b:c5:bd:0a:c7:82:06:f4:89:3d:6e:eb:
53:ab:e0:9e:4b:b9:2e:fa:19:9a:69:cb:7a:3d:66:6a:f6:18:
7e:a4:dd:81:cd:3f:43:d4:bd:07:28:a9:12:76:c2:9e:31:4b:
d8:d7:6c:4e
-----BEGIN CERTIFICATE-----
MIIGVDCCBTygAwIBAgISAZ2WwsxGPbb/a8isiiIdLP9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDE2MTQ0NzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDVkOWQzMTcxOTMzNzA3ZGIwZDhiZWY5ZjM2NjMwOGUzNjJmNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhQLR+3APwe/IID9hetWXxTvjkuQ
TCJlNgKSAtDrW7axSCLTmGnaoxA8VUa9hUwFmjyk3GoRWzvey7g6Od/+Sp9zH1s5
raR/TuE9/7HYnuaTVFf1O6bDaFgzOWM3yUVlsolbywwG3sx3tFS3rUCHqvMVHxiX
Bv5xlkxPoHpTRnBxBQqL2uYBgbMFi7IG7gvELZ5aCUE8DcWm3lZOJ+A21kWg457v
LnB87sgDbWL3f+wT5NfnCK5CChisQwt2M4YU5f/mGIrdh6kzgpxaMpqCCpmMGn+E
ZFs5mpOlwyr9hKiSH+Wbv5EPrDEQDVEku19sj0akhCvZVjesOxXTwroAlwIDAQAB
o4IDYDCCA1wwHQYDVR0OBBYEFB1dnTFxkzcH2w2L7582YwjjYvRhMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSFYyZE1YR1ROd2ZiRFl2dm56WmpDT05pOUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdAYIKwYBBQUHAQcBAf8EggFjMIIBXzCCAVsEAgABMIIB
UwMEANSGEgMEANSGJDAMAwQA1IYnAwQC1IYoMAwDBADUhi8DBALUhjAwDAMEANSG
NwMEANSGOgMEANSGUAMEANSGUwMEANSGWTAMAwQA1IZfAwQA1IZgMAwDBAHUhmID
BALUhmgwDAMEANSGbQMEAtSGcAMEAtSGeAMEBNSGgAMEANSGlDAMAwQD1IaYAwQA
1IacAwQC1IagAwQA1IarAwQA1IavAwQA1IazAwQC1Ia8AwQC1IbEAwQC1IbMMAwD
BALUhtQDBALUhtgwDAMEAtSG5AMEBNSG4DALAwQC1Ib0AwMA1IYwDAMEBNSHEAME
ANSHGgMEAdSHHAMEBNSHUAMEAdSHgAMEANSHhwMEAdSHkAMEANSHmwMEANSHnjAM
AwQA1IehAwQA1IeiAwQC1IfMAwQB1IfwMAwDBADUh/cDBAHUh/gwDAMEANSH+wME
ANSH/jANBgkqhkiG9w0BAQsFAAOCAQEACWTQr+Dk212NE09V/yfOtXXVsROTDwtG
lW7jTf5qbItmikTCmlkcEIUHAcmCOQGfuam43Bjy70QjIE7lU1/emD7slkyxGyDK
xR4fvOF5wdrHw3tLa9aZFArNtZa0qcYFABRqahQl0qbsjo7Pf5fYdZOvyhBJM+Lo
Yeu+omO9ulThH2VOIwmPYid5A/guTVeodmW0ciQ90m93UP5Cx0xaopEDNGT5/MJq
hJPtGPvvEZvfR7VmGJnZrzb+nf/Uwj847m8xg2vJw0POGoT3W8W9CseCBvSJPW7r
U6vgnku5LvoZmmnLej1mavYYfqTdgc0/Q9S9ByipEnbCnjFL2NdsTg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:23 2026 by rpki-client