Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nI19U5iOZ39xcrUFZLV8hi_16io.roa
File: nI19U5iOZ39xcrUFZLV8hi_16io.roa (raw, json)
Hash identifier: Ubo+nROu8iAEX0Ol42BjQLfFrmC+wfyTINkaDbGEfSg=
Subject key identifier: 9C:8D:7D:53:98:8E:67:7F:71:72:B5:05:64:B5:7C:86:2F:F5:EA:2A
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019A530A6BA49B2EC5F751A3112EE52347F4
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nI19U5iOZ39xcrUFZLV8hi_16io.roa
Signing time: Wed 05 Nov 2025 08:03:03 +0000
ROA not before: Wed 05 Nov 2025 08:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 212.134.18.0/24 maxlen: 24
212.134.36.0/24 maxlen: 24
212.134.56.0/23 maxlen: 24
212.134.58.0/24 maxlen: 24
212.134.86.0/24 maxlen: 24
212.134.91.0/24 maxlen: 24
212.134.98.0/23 maxlen: 24
212.134.104.0/23 maxlen: 24
212.134.106.0/23 maxlen: 24
212.134.110.0/23 maxlen: 24
212.134.148.0/22 maxlen: 24
212.134.188.0/22 maxlen: 24
212.134.196.0/22 maxlen: 24
212.134.212.0/22 maxlen: 24
212.134.216.0/22 maxlen: 24
212.134.228.0/22 maxlen: 24
212.134.232.0/22 maxlen: 24
212.134.248.0/22 maxlen: 24
212.135.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 04:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:0a:6b:a4:9b:2e:c5:f7:51:a3:11:2e:e5:23:47:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Nov 5 08:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c8d7d53988e677f7172b50564b57c862ff5ea2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a0:ff:97:61:e0:78:2e:13:db:b0:6e:3e:09:
25:c2:bc:4a:61:c0:af:4b:1a:07:d9:02:0a:f4:a2:
51:4f:e5:76:5c:74:a1:10:9e:bf:ac:ee:8e:6a:01:
81:56:7f:91:9c:92:ae:4f:1b:89:f0:e5:48:e8:14:
3b:d0:54:f3:48:73:88:e5:47:27:f1:ab:0a:26:3e:
b7:5d:93:b0:41:eb:79:1c:6d:a7:cc:2f:bc:13:a1:
6c:f0:d0:e3:55:80:0c:44:98:e2:b0:37:11:38:80:
59:95:cb:a0:82:ed:e1:1d:c0:ab:2c:64:9c:72:55:
e7:24:21:ff:2f:ad:75:37:fd:a1:5b:04:c3:7f:02:
93:c5:42:02:ea:44:80:f4:17:2f:74:5e:2b:ec:11:
fb:ae:0f:a3:55:ff:c2:d7:3e:5f:bf:77:27:c3:af:
85:6b:dd:5f:99:95:c5:74:a3:6a:d5:55:e7:02:08:
5d:af:63:6d:05:cb:3b:4b:7e:40:54:86:ca:3c:af:
12:7e:3e:0b:2a:fe:08:b6:83:06:1a:d8:e4:32:43:
11:51:49:c0:ae:31:ff:85:13:3b:31:68:55:9a:9c:
af:3d:31:7b:3e:09:5f:49:7b:79:3c:b6:78:e2:60:
d5:9c:38:3c:71:22:6c:68:84:a6:eb:5e:01:77:c6:
2d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8D:7D:53:98:8E:67:7F:71:72:B5:05:64:B5:7C:86:2F:F5:EA:2A
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/nI19U5iOZ39xcrUFZLV8hi_16io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.18.0/24
212.134.36.0/24
212.134.56.0-212.134.58.255
212.134.86.0/24
212.134.91.0/24
212.134.98.0/23
212.134.104.0/22
212.134.110.0/23
212.134.148.0/22
212.134.188.0/22
212.134.196.0/22
212.134.212.0-212.134.219.255
212.134.228.0-212.134.235.255
212.134.248.0/22
212.135.204.0/22
Signature Algorithm: sha256WithRSAEncryption
28:f4:95:ba:59:b5:42:05:b1:4f:c9:20:e2:6e:57:74:d1:6e:
1d:ee:dc:41:f9:55:da:ab:30:20:5e:59:df:63:a3:8f:4e:e0:
1c:3d:ba:f1:fc:fa:18:af:5e:45:75:1f:aa:9c:67:61:e9:e6:
c6:2d:bb:6a:20:ad:8c:b3:f2:ed:d6:88:b5:70:e1:6e:cc:34:
4a:d9:fc:23:f4:18:ef:66:ac:7f:66:76:c8:b5:81:85:f2:55:
91:d9:5d:79:a1:44:6e:3b:1e:62:f6:f7:4c:85:d8:7a:18:25:
e5:30:8b:2a:b6:73:a6:2b:f4:81:a2:90:07:db:6d:bf:e9:be:
ce:79:c7:b3:60:8d:5d:ff:4c:43:0b:9f:50:df:53:11:b4:e2:
32:94:11:8d:41:a9:ba:b7:f9:6b:f2:53:a5:e3:a0:11:80:89:
7c:13:4e:b6:35:39:fe:84:58:ca:b7:5c:57:a8:19:f0:1f:a7:
26:1a:e7:20:e6:6a:9d:d7:9d:43:85:c6:00:28:bb:43:f8:dc:
aa:4d:c1:f3:53:03:9d:75:8a:96:40:e8:34:3e:e0:08:17:7a:
06:b8:48:46:2e:fe:c7:17:9a:d9:0e:44:c9:fb:27:98:d6:00:
02:30:b4:1a:83:23:d1:93:51:f1:46:d3:3b:b2:c7:18:bb:67:
d1:66:83:96
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZpTCmukmy7F91GjES7lI0f0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMTA1MDgwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhkN2Q1Mzk4OGU2NzdmNzE3MmI1MDU2NGI1N2M4NjJmZjVlYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KD/l2HgeC4T27BuPgklwrxKYcCv
SxoH2QIK9KJRT+V2XHShEJ6/rO6OagGBVn+RnJKuTxuJ8OVI6BQ70FTzSHOI5Ucn
8asKJj63XZOwQet5HG2nzC+8E6Fs8NDjVYAMRJjisDcROIBZlcuggu3hHcCrLGSc
clXnJCH/L611N/2hWwTDfwKTxUIC6kSA9BcvdF4r7BH7rg+jVf/C1z5fv3cnw6+F
a91fmZXFdKNq1VXnAghdr2NtBcs7S35AVIbKPK8Sfj4LKv4ItoMGGtjkMkMRUUnA
rjH/hRM7MWhVmpyvPTF7PglfSXt5PLZ44mDVnDg8cSJsaISm614Bd8YtqQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJyNfVOYjmd/cXK1BWS1fIYv9eoqMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbkkxOVU1aU9aMzl4Y3JVRlpMVjhoaV8xNmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEANSGEgME
ANSGJDAMAwQD1IY4AwQA1IY6AwQA1IZWAwQA1IZbAwQB1IZiAwQC1IZoAwQB1IZu
AwQC1IaUAwQC1Ia8AwQC1IbEMAwDBALUhtQDBALUhtgwDAMEAtSG5AMEAtSG6AME
AtSG+AMEAtSHzDANBgkqhkiG9w0BAQsFAAOCAQEAKPSVulm1QgWxT8kg4m5XdNFu
He7cQflV2qswIF5Z32Ojj07gHD268fz6GK9eRXUfqpxnYenmxi27aiCtjLPy7daI
tXDhbsw0Stn8I/QY72asf2Z2yLWBhfJVkdldeaFEbjseYvb3TIXYehgl5TCLKrZz
piv0gaKQB9ttv+m+znnHs2CNXf9MQwufUN9TEbTiMpQRjUGpurf5a/JTpeOgEYCJ
fBNOtjU5/oRYyrdcV6gZ8B+nJhrnIOZqndedQ4XGACi7Q/jcqk3B81MDnXWKlkDo
ND7gCBd6BrhIRi7+xxea2Q5EyfsnmNYAAjC0GoMj0ZNR8UbTO7LHGLtn0WaDlg==
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:37 2025 by rpki-client