Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/IiB2Ip_gTRGoGLtey3T0wEW1PVk.roa
File: IiB2Ip_gTRGoGLtey3T0wEW1PVk.roa (raw, json)
Hash identifier: Tq+XRxnu1ThRmbGiwUw9q6C8TgZ2g/E+FVDArVJteLs=
Subject key identifier: 22:20:76:22:9F:E0:4D:11:A8:18:BB:5E:CB:74:F4:C0:45:B5:3D:59
Certificate issuer: /CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Certificate serial: 019DBABB3E7D26BFDBB97C5DE1BE5CD09439
Authority key identifier: A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/IiB2Ip_gTRGoGLtey3T0wEW1PVk.roa
Signing time: Thu 23 Apr 2026 14:25:26 +0000
ROA not before: Thu 23 Apr 2026 14:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212632
IP address blocks: 212.39.32.0/21 maxlen: 21
212.39.32.0/22 maxlen: 22
212.39.32.0/24 maxlen: 24
212.39.34.0/24 maxlen: 24
212.39.63.0/24 maxlen: 24
2a12:1587::/48 maxlen: 48
2a12:1587:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:bb:3e:7d:26:bf:db:b9:7c:5d:e1:be:5c:d0:94:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Validity
Not Before: Apr 23 14:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=222076229fe04d11a818bb5ecb74f4c045b53d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:92:d5:d6:ec:38:83:55:1b:bd:f0:04:27:
d0:86:b8:26:39:11:13:a9:0e:7c:01:1b:97:ee:7d:
0b:38:96:e1:dc:63:c4:dd:e1:f8:6a:2d:52:02:fb:
2e:4f:5d:67:db:ce:dc:54:05:3c:b2:21:4e:b7:18:
0e:19:b5:fc:55:3c:28:21:a7:17:2a:0d:af:4d:7e:
79:d9:4d:53:83:81:f7:94:b9:7a:9b:e6:2e:ec:1d:
84:39:18:c0:64:fb:e8:24:8e:7c:44:29:50:6a:56:
89:1a:91:63:9d:ef:47:f0:69:0f:ca:78:7d:f5:38:
32:64:8d:96:5d:f3:3c:8f:7d:93:df:86:7b:5d:86:
2c:0e:30:92:9f:bb:fb:25:62:3e:72:35:e9:64:cc:
78:2f:20:50:e5:a3:27:6f:04:6e:fa:09:a7:57:09:
fa:fa:87:c7:8c:d1:2a:14:5f:e6:09:11:b7:75:9c:
64:78:7a:d5:f1:b1:ad:6f:b5:31:98:46:16:20:a8:
84:3a:1b:0e:5b:52:35:82:47:cc:82:ee:37:c4:51:
ad:55:cc:93:58:37:22:51:82:c5:8a:0a:61:ee:3f:
fb:ef:98:cc:d1:89:91:7e:89:38:93:fe:1f:ab:cd:
71:1d:22:94:c8:08:2e:dd:17:f5:89:a6:eb:1f:79:
e3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:20:76:22:9F:E0:4D:11:A8:18:BB:5E:CB:74:F4:C0:45:B5:3D:59
X509v3 Authority Key Identifier:
keyid:A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/IiB2Ip_gTRGoGLtey3T0wEW1PVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.32.0/21
212.39.63.0/24
IPv6:
2a12:1587::/47
Signature Algorithm: sha256WithRSAEncryption
09:00:b9:06:34:ae:07:9e:a5:20:96:89:b9:9c:b9:b6:58:b8:
46:dd:f6:6a:9d:4f:49:f8:1c:68:6d:46:b1:de:5f:4c:02:1e:
e9:04:75:b0:8b:6e:ab:30:b4:09:a5:6f:ce:2b:7c:d1:de:d4:
1e:f9:81:61:e7:30:eb:56:b7:0d:3b:c9:6b:2e:9d:14:bc:3e:
f6:cd:1c:1b:cf:19:f6:7d:e7:8b:4e:c5:46:86:72:8c:f2:14:
68:1c:f6:84:62:b2:1a:55:88:a7:94:e0:8a:90:bf:f9:56:84:
3d:2d:87:34:f0:e1:8e:17:2f:f6:03:64:91:75:65:05:c8:b8:
22:bd:c5:0a:ec:17:bb:cc:54:7d:f4:de:4f:2a:99:7a:52:51:
c6:b5:40:05:8e:a0:43:76:9e:31:ba:ab:e2:94:e0:cc:00:7f:
0e:e2:2f:70:f6:c3:e1:17:56:c9:71:34:6f:35:06:22:26:ab:
dd:67:f4:67:eb:3d:a3:e8:b2:03:e3:5e:b4:5e:1f:f7:a0:09:
9b:91:76:85:b1:90:83:77:23:71:6c:16:37:f0:35:6d:94:36:
25:56:89:c0:2b:82:e0:ae:64:c0:db:ff:42:03:c9:c4:e6:9f:
5e:69:61:95:2f:cd:81:df:a5:22:22:4b:bb:4b:43:40:5c:db:
4f:55:d4:e0
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ26uz59Jr/buXxd4b5c0JQ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRjN2JkYmM5ZDA5NzMzNmRlNjI0M2I1NTBhYjE3MzM3
NWVhMzkwHhcNMjYwNDIzMTQyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIwNzYyMjlmZTA0ZDExYTgxOGJiNWVjYjc0ZjRjMDQ1YjUzZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFGS1dbsOINVG73wBCfQhrgmORET
qQ58ARuX7n0LOJbh3GPE3eH4ai1SAvsuT11n287cVAU8siFOtxgOGbX8VTwoIacX
Kg2vTX552U1Tg4H3lLl6m+Yu7B2EORjAZPvoJI58RClQalaJGpFjne9H8GkPynh9
9TgyZI2WXfM8j32T34Z7XYYsDjCSn7v7JWI+cjXpZMx4LyBQ5aMnbwRu+gmnVwn6
+ofHjNEqFF/mCRG3dZxkeHrV8bGtb7UxmEYWIKiEOhsOW1I1gkfMgu43xFGtVcyT
WDciUYLFigph7j/775jM0YmRfok4k/4fq81xHSKUyAgu3Rf1iabrH3nj7wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCIgdiKf4E0RqBi7Xst09MBFtT1ZMB8GA1UdIwQY
MBaAFKktx728nQlzNt5iQ7VQqxczdeo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMt
OTkxYjdhZWU3NDZjLzEvSWlCMklwX2dUUkdvR0x0ZXkzVDB3RVcxUFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMtOTkxYjdhZWU3NDZj
LzEvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQD1CcgAwQA
1Cc/MA8EAgACMAkDBwEqEhWHAAAwDQYJKoZIhvcNAQELBQADggEBAAkAuQY0rgee
pSCWibmcubZYuEbd9mqdT0n4HGhtRrHeX0wCHukEdbCLbqswtAmlb84rfNHe1B75
gWHnMOtWtw07yWsunRS8PvbNHBvPGfZ954tOxUaGcozyFGgc9oRishpViKeU4IqQ
v/lWhD0thzTw4Y4XL/YDZJF1ZQXIuCK9xQrsF7vMVH303k8qmXpSUca1QAWOoEN2
njG6q+KU4MwAfw7iL3D2w+EXVslxNG81BiImq91n9GfrPaPosgPjXrReH/egCZuR
doWxkIN3I3FsFjfwNW2UNiVWicArguCuZMDb/0IDycTmn15pYZUvzYHfpSIiS7tL
Q0Bc209V1OA=
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:43 2026 by rpki-client