Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/IkPdGDrFi2XO1bCIcN-jjaJ5i-s.roa
File: IkPdGDrFi2XO1bCIcN-jjaJ5i-s.roa (raw, json)
Hash identifier: Q7rcA5Yc6N4wz0NEaW1JOUyPi9W8bEM623PcqVwx0pY=
Subject key identifier: 22:43:DD:18:3A:C5:8B:65:CE:D5:B0:88:70:DF:A3:8D:A2:79:8B:EB
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019CA1933D4C0FE87547C36CF4EE0A9E12D4
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/IkPdGDrFi2XO1bCIcN-jjaJ5i-s.roa
Signing time: Sat 28 Feb 2026 00:08:27 +0000
ROA not before: Sat 28 Feb 2026 00:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 212.134.88.0/24 maxlen: 24
212.135.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:93:3d:4c:0f:e8:75:47:c3:6c:f4:ee:0a:9e:12:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Feb 28 00:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2243dd183ac58b65ced5b08870dfa38da2798beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:fe:1b:61:b5:a6:13:bd:4e:92:74:26:68:
4c:da:93:ff:69:36:5a:d7:e3:5a:f6:2b:35:f0:4e:
6d:54:b4:a1:15:fb:fa:b7:46:19:4a:81:b9:a3:ff:
b5:23:9e:7a:01:42:84:45:1b:66:7f:23:86:c9:6d:
99:f1:ea:88:e3:72:d3:0d:0a:8e:d8:83:91:e0:a5:
c3:b3:8e:26:8a:d4:2e:fc:ec:22:5c:b6:e5:08:15:
c7:77:4b:d6:cb:0b:d6:c3:26:fe:2d:03:5b:44:7f:
2c:78:8a:3b:22:4e:01:f4:d7:b0:61:6b:3c:e0:11:
3e:f0:c2:4e:e7:84:c3:52:01:c2:d0:ba:1b:a1:4e:
f5:a9:99:2d:a8:31:54:ed:1f:d8:08:94:a8:be:c6:
3c:0d:1b:a3:f0:3f:89:20:85:44:88:cb:38:70:bf:
d7:ec:c6:5c:7f:17:ef:82:6d:a9:29:87:80:81:4f:
4d:4f:f8:e0:17:c2:71:1a:b7:0b:5d:d2:45:e8:c7:
70:d3:d1:ba:72:8a:77:30:f4:81:75:bd:a6:19:07:
0d:de:5d:59:1c:6c:05:26:36:c4:0d:da:4b:33:2e:
c3:fb:9c:e2:c5:cc:fd:d4:c7:10:7c:30:00:ff:9e:
a6:1b:84:36:72:21:b8:3b:fa:45:93:69:23:6f:41:
83:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:43:DD:18:3A:C5:8B:65:CE:D5:B0:88:70:DF:A3:8D:A2:79:8B:EB
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/IkPdGDrFi2XO1bCIcN-jjaJ5i-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.88.0/24
212.135.192.0/22
Signature Algorithm: sha256WithRSAEncryption
46:99:6e:25:63:c6:03:3a:fb:0f:2e:80:cb:e1:4a:82:58:a5:
f0:ac:19:c1:2e:6c:ce:ad:c5:96:c7:e0:f8:c2:7b:6a:26:53:
50:a4:06:63:f1:d0:81:cf:7b:6a:62:6a:29:97:8a:2c:db:a8:
be:a5:d6:9c:bb:90:e0:de:64:4d:dc:9c:3f:ce:87:2a:56:ec:
98:1a:a6:52:db:ca:bd:a0:21:44:05:b6:cb:6b:1f:2c:2a:09:
9f:b2:56:db:b3:41:4f:12:6e:3f:71:43:5f:72:de:5c:d1:96:
33:5a:8b:6b:6c:27:72:92:b8:28:e2:68:4a:9e:e0:26:ee:22:
cb:1c:c5:ca:8a:22:b1:bf:a7:c1:95:fa:6f:00:9e:e8:a1:e0:
91:72:4c:33:77:17:34:4d:0f:6a:70:ad:39:0c:f3:0d:f7:81:
b6:e8:4c:59:b6:d7:af:43:70:e8:78:ac:b6:2e:20:ea:1e:96:
80:04:a5:a0:48:80:0f:aa:3d:26:6d:76:08:a0:20:2d:ad:b4:
ab:93:9c:f6:cc:17:a8:c3:6a:33:c2:8f:20:22:72:68:4a:28:
55:f9:f2:d7:47:85:38:0b:af:45:ef:88:f8:5f:71:b7:88:63:
d4:42:31:bf:f8:73:8f:d9:69:2a:d9:12:e8:c5:5c:6e:1a:d6:
f0:9e:60:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyhkz1MD+h1R8Ns9O4KnhLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMjI4MDAwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjQzZGQxODNhYzU4YjY1Y2VkNWIwODg3MGRmYTM4ZGEyNzk4YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlf+G2G1phO9TpJ0JmhM2pP/aTZa
1+Na9is18E5tVLShFfv6t0YZSoG5o/+1I556AUKERRtmfyOGyW2Z8eqI43LTDQqO
2IOR4KXDs44mitQu/OwiXLblCBXHd0vWywvWwyb+LQNbRH8seIo7Ik4B9NewYWs8
4BE+8MJO54TDUgHC0LoboU71qZktqDFU7R/YCJSovsY8DRuj8D+JIIVEiMs4cL/X
7MZcfxfvgm2pKYeAgU9NT/jgF8JxGrcLXdJF6Mdw09G6cop3MPSBdb2mGQcN3l1Z
HGwFJjbEDdpLMy7D+5zixcz91McQfDAA/56mG4Q2ciG4O/pFk2kjb0GDbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCJD3Rg6xYtlztWwiHDfo42ieYvrMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSWtQZEdEckZpMlhPMWJDSWNOLWpqYUo1aS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1IZYAwQC
1IfAMA0GCSqGSIb3DQEBCwUAA4IBAQBGmW4lY8YDOvsPLoDL4UqCWKXwrBnBLmzO
rcWWx+D4wntqJlNQpAZj8dCBz3tqYmopl4os26i+pdacu5Dg3mRN3Jw/zocqVuyY
GqZS28q9oCFEBbbLax8sKgmfslbbs0FPEm4/cUNfct5c0ZYzWotrbCdykrgo4mhK
nuAm7iLLHMXKiiKxv6fBlfpvAJ7ooeCRckwzdxc0TQ9qcK05DPMN94G26ExZttev
Q3DoeKy2LiDqHpaABKWgSIAPqj0mbXYIoCAtrbSrk5z2zBeow2ozwo8gInJoSihV
+fLXR4U4C69F74j4X3G3iGPUQjG/+HOP2Wkq2RLoxVxuGtbwnmCA
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:43:52 2026 by rpki-client