Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/RhWcpSZRVNM2BkRr4Asjtvrre-o.roa
File: RhWcpSZRVNM2BkRr4Asjtvrre-o.roa (raw, json)
Hash identifier: 8BxGuE4JYiO8lN5BI5FkY3ls9ogaTBML7nHD9Rnuh0g=
Subject key identifier: 46:15:9C:A5:26:51:54:D3:36:06:44:6B:E0:0B:23:B6:FA:EB:7B:EA
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019EA636D0DE38E6D512A587FFC88CCA7F11
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/RhWcpSZRVNM2BkRr4Asjtvrre-o.roa
Signing time: Mon 08 Jun 2026 07:51:10 +0000
ROA not before: Mon 08 Jun 2026 07:51:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 82.108.166.0/24 maxlen: 24
82.108.201.0/24 maxlen: 24
212.134.140.0/24 maxlen: 24
212.134.183.0/24 maxlen: 24
212.134.185.0/24 maxlen: 24
212.134.187.0/24 maxlen: 24
212.134.200.0/24 maxlen: 24
212.134.239.0/24 maxlen: 24
212.135.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:36:d0:de:38:e6:d5:12:a5:87:ff:c8:8c:ca:7f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jun 8 07:51:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=46159ca5265154d33606446be00b23b6faeb7bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:29:01:5e:f8:cf:66:f9:88:e2:fd:d1:6b:8a:
0b:7a:72:85:47:a4:49:2c:2a:9b:bb:e1:47:51:84:
0c:bf:6a:50:22:42:34:d8:4c:22:c7:04:ab:cb:c1:
e6:cc:7e:f8:21:28:61:ff:aa:84:b2:48:f0:73:13:
2c:7b:a8:5c:af:69:ed:5b:99:d9:de:0c:ef:4f:64:
a0:ba:3f:cc:26:71:b3:2c:04:66:2b:34:40:74:b7:
ee:1f:ce:f3:60:01:aa:3a:75:36:eb:4f:0c:c9:31:
16:14:29:0d:a6:f3:08:d6:85:41:69:9f:93:e8:1d:
36:2a:6f:5d:14:d9:10:82:f7:00:ae:23:85:ef:7d:
0b:0f:d9:ec:d3:42:70:12:22:ba:32:58:85:a6:24:
30:b9:bd:15:ae:05:bf:d6:ec:e4:76:c1:fd:ca:64:
c1:dd:79:df:6a:67:56:e2:d5:99:a0:99:ed:6e:9f:
b5:8e:05:0b:98:f1:56:10:fa:70:34:c0:4b:0d:8b:
86:99:42:0b:16:5b:6f:27:70:58:65:82:89:19:86:
3a:df:2f:3f:23:38:cb:40:c4:71:98:12:1a:18:0e:
3d:aa:64:65:6f:45:93:68:84:59:db:c1:6e:f5:db:
e2:24:81:7c:8f:0a:25:6a:df:cb:fc:f5:9c:c1:b9:
78:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:15:9C:A5:26:51:54:D3:36:06:44:6B:E0:0B:23:B6:FA:EB:7B:EA
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/RhWcpSZRVNM2BkRr4Asjtvrre-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.166.0/24
82.108.201.0/24
212.134.140.0/24
212.134.183.0/24
212.134.185.0/24
212.134.187.0/24
212.134.200.0/24
212.134.239.0/24
212.135.150.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:77:86:34:d4:27:5d:34:55:39:3b:75:a8:3d:c8:79:16:01:
33:5d:f6:d9:6e:47:81:99:7d:a2:ab:70:6a:d8:34:ac:e0:7a:
3b:94:59:ac:03:bc:c7:89:fd:4c:74:e8:4f:22:c5:1f:2d:a7:
3d:26:ac:38:0c:90:52:33:dd:85:26:60:e1:db:b6:72:20:e7:
3d:fa:f5:4c:eb:58:af:ab:21:94:76:c5:8e:7e:56:8a:c2:cd:
30:3b:0b:30:2c:78:13:db:ff:91:af:bc:89:8a:dd:4a:1d:50:
d3:78:11:27:6d:9f:1b:95:64:81:9f:f0:31:1a:d9:07:ca:09:
cc:8a:5b:f2:6c:37:97:99:39:9c:0b:a0:18:90:f9:1e:b4:02:
f2:4a:ee:69:05:07:11:46:56:18:c3:54:02:7b:40:83:71:af:
2c:44:be:ea:0b:01:c0:9b:18:03:e1:8a:1f:7b:6e:10:67:eb:
ab:06:0c:1f:12:c5:5f:ec:aa:46:c8:23:f7:0a:90:2f:31:a8:
2c:16:a2:64:c1:6b:41:7d:8b:41:b8:69:51:55:34:08:01:1d:
54:3d:02:2a:e3:cf:3d:1a:a0:73:03:2e:37:e7:98:ac:75:05:
71:c6:64:e4:36:4b:35:5a:3e:f7:2e:95:78:cd:e7:23:f8:c7:
46:24:be:62
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ6mNtDeOObVEqWH/8iMyn8RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNjA4MDc1MTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjE1OWNhNTI2NTE1NGQzMzYwNjQ0NmJlMDBiMjNiNmZhZWI3YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCkBXvjPZvmI4v3Ra4oLenKFR6RJ
LCqbu+FHUYQMv2pQIkI02EwixwSry8HmzH74IShh/6qEskjwcxMse6hcr2ntW5nZ
3gzvT2Sguj/MJnGzLARmKzRAdLfuH87zYAGqOnU2608MyTEWFCkNpvMI1oVBaZ+T
6B02Km9dFNkQgvcAriOF730LD9ns00JwEiK6MliFpiQwub0VrgW/1uzkdsH9ymTB
3XnfamdW4tWZoJntbp+1jgULmPFWEPpwNMBLDYuGmUILFltvJ3BYZYKJGYY63y8/
IzjLQMRxmBIaGA49qmRlb0WTaIRZ28Fu9dviJIF8jwolat/L/PWcwbl4dwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEYVnKUmUVTTNgZEa+ALI7b663vqMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvUmhXY3BTWlJWTk0yQmtScjRBc2p0dnJyZS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUmymAwQA
UmzJAwQA1IaMAwQA1Ia3AwQA1Ia5AwQA1Ia7AwQA1IbIAwQA1IbvAwQA1IeWMA0G
CSqGSIb3DQEBCwUAA4IBAQCud4Y01CddNFU5O3WoPch5FgEzXfbZbkeBmX2iq3Bq
2DSs4Ho7lFmsA7zHif1MdOhPIsUfLac9Jqw4DJBSM92FJmDh27ZyIOc9+vVM61iv
qyGUdsWOflaKws0wOwswLHgT2/+Rr7yJit1KHVDTeBEnbZ8blWSBn/AxGtkHygnM
ilvybDeXmTmcC6AYkPketALySu5pBQcRRlYYw1QCe0CDca8sRL7qCwHAmxgD4Yof
e24QZ+urBgwfEsVf7KpGyCP3CpAvMagsFqJkwWtBfYtBuGlRVTQIAR1UPQIq4889
GqBzAy4355isdQVxxmTkNks1Wj73LpV4zecj+MdGJL5i
-----END CERTIFICATE-----
Generated at Sun Jun 14 03:25:31 2026 by rpki-client