Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/I_VRFnSETpEViwUyeBQEgBKSO80.roa
File: I_VRFnSETpEViwUyeBQEgBKSO80.roa (raw, json)
Hash identifier: XgyGs2/4MPCVKuyDYbADoZSFjkgeZZviR3aIZtXPerA=
Subject key identifier: 23:F5:51:16:74:84:4E:91:15:8B:05:32:78:14:04:80:12:92:3B:CD
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D6F54BC6BCAAA4CF107DDC0D12D281D6E
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/I_VRFnSETpEViwUyeBQEgBKSO80.roa
Signing time: Wed 08 Apr 2026 23:01:57 +0000
ROA not before: Wed 08 Apr 2026 23:01:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7029
IP address blocks: 212.134.94.0/24 maxlen: 24
212.134.172.0/23 maxlen: 24
212.135.76.0/23 maxlen: 24
212.135.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6f:54:bc:6b:ca:aa:4c:f1:07:dd:c0:d1:2d:28:1d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 8 23:01:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=23f5511674844e91158b05327814048012923bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:bd:b2:ef:5b:6c:4b:7f:63:56:ff:84:79:
ae:d4:5d:92:50:2f:07:35:d6:90:7d:8a:df:d7:7c:
7f:1f:92:36:8e:eb:5c:f5:04:2f:9e:a8:4f:61:f4:
44:55:75:04:cd:67:cf:b4:dd:e9:8f:4f:a0:38:28:
05:7d:99:c5:9c:33:4a:36:13:93:f5:3a:b4:98:73:
d4:c7:2c:09:84:27:7f:ff:a2:81:71:a7:fc:10:f2:
db:84:20:0f:a7:06:05:65:e8:9d:ca:97:39:47:cd:
f9:6d:65:02:81:a0:66:9e:b7:36:70:ae:5c:f3:bf:
31:91:0d:6e:b7:b3:e7:eb:bf:ef:c9:08:c9:51:90:
19:55:5d:d4:4b:70:f4:04:25:0e:37:6b:fc:91:6e:
f1:bf:34:60:11:18:a3:d2:45:ae:c2:86:11:70:3e:
ad:79:dd:48:54:88:3d:be:16:f1:61:51:90:4e:63:
d1:71:24:1d:0c:4b:fe:81:1e:b3:f3:6b:0c:ac:16:
3c:5d:25:31:e8:3c:00:32:86:b2:4a:b3:30:2f:20:
35:75:96:11:ce:56:f9:0c:e2:7e:e0:aa:73:fd:b1:
a2:f0:d1:50:a2:03:5b:ae:35:86:17:2d:24:b4:8c:
43:df:9b:3e:ac:5f:61:d6:c4:e4:e6:17:de:4d:ea:
bf:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F5:51:16:74:84:4E:91:15:8B:05:32:78:14:04:80:12:92:3B:CD
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/I_VRFnSETpEViwUyeBQEgBKSO80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.94.0/24
212.134.172.0/23
212.135.76.0/23
212.135.175.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a8:e9:b5:e6:8a:55:3e:a3:28:34:c0:27:69:ec:61:d8:f0:
27:a7:bb:8c:1f:20:83:07:29:f4:dd:38:85:9c:ae:94:02:bc:
d5:e9:7f:19:8c:17:fc:09:b1:74:93:15:2e:8a:56:a1:b9:04:
ab:94:51:ed:6f:e5:1c:2a:aa:5e:33:ee:40:af:96:31:5c:27:
46:d4:7b:09:a2:4e:5b:f7:53:ac:93:7b:6b:d1:8b:99:7a:94:
4d:d5:1b:7b:15:ed:52:5d:b6:dd:01:f9:1d:3d:1a:5d:41:59:
c7:15:87:ad:23:10:04:c0:d3:6d:a6:58:45:e5:09:ca:b2:72:
bb:29:67:82:74:d0:6d:2d:16:47:dd:1c:c3:9e:7c:d5:da:9a:
cb:b2:a3:71:88:7e:ee:6a:52:9c:ad:f3:09:53:d5:5c:c7:7c:
22:9f:88:bc:7d:1c:8d:5b:87:0e:68:c8:f6:6c:fc:e1:b9:95:
a8:de:df:2d:84:49:5e:11:a9:27:a9:2d:64:a8:c1:f3:51:aa:
50:db:94:19:c9:bf:51:65:93:27:8f:f0:b2:8d:74:72:41:62:
86:ee:8c:9a:9b:8f:76:4f:8c:34:a2:cc:11:0b:63:4b:11:ce:
75:e1:ec:37:e3:24:b7:d5:dd:ae:94:32:25:84:d5:22:70:fc:
4e:e3:30:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1vVLxryqpM8QfdwNEtKB1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDA4MjMwMTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y1NTExNjc0ODQ0ZTkxMTU4YjA1MzI3ODE0MDQ4MDEyOTIzYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc29su9bbEt/Y1b/hHmu1F2SUC8H
NdaQfYrf13x/H5I2jutc9QQvnqhPYfREVXUEzWfPtN3pj0+gOCgFfZnFnDNKNhOT
9Tq0mHPUxywJhCd//6KBcaf8EPLbhCAPpwYFZeidypc5R835bWUCgaBmnrc2cK5c
878xkQ1ut7Pn67/vyQjJUZAZVV3US3D0BCUON2v8kW7xvzRgERij0kWuwoYRcD6t
ed1IVIg9vhbxYVGQTmPRcSQdDEv+gR6z82sMrBY8XSUx6DwAMoaySrMwLyA1dZYR
zlb5DOJ+4Kpz/bGi8NFQogNbrjWGFy0ktIxD35s+rF9h1sTk5hfeTeq/+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCP1URZ0hE6RFYsFMngUBIASkjvNMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSV9WUkZuU0VUcEVWaXdVeWVCUUVnQktTTzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1IZeAwQB
1IasAwQB1IdMAwQA1IevMA0GCSqGSIb3DQEBCwUAA4IBAQBMqOm15opVPqMoNMAn
aexh2PAnp7uMHyCDByn03TiFnK6UArzV6X8ZjBf8CbF0kxUuilahuQSrlFHtb+Uc
KqpeM+5Ar5YxXCdG1HsJok5b91Osk3tr0YuZepRN1Rt7Fe1SXbbdAfkdPRpdQVnH
FYetIxAEwNNtplhF5QnKsnK7KWeCdNBtLRZH3RzDnnzV2prLsqNxiH7ualKcrfMJ
U9Vcx3win4i8fRyNW4cOaMj2bPzhuZWo3t8thEleEaknqS1kqMHzUapQ25QZyb9R
ZZMnj/CyjXRyQWKG7oyam492T4w0oswRC2NLEc514ew34yS31d2ulDIlhNUicPxO
4zC2
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:26:06 2026 by rpki-client