Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/J9L3b0lyxtZQi8vDb53r8SPXkkM.roa
File: J9L3b0lyxtZQi8vDb53r8SPXkkM.roa (raw, json)
Hash identifier: zGWVeb+1NepJ5By/4vXZ5UkQRSotvMBbx39K8GyXnmc=
Subject key identifier: 27:D2:F7:6F:49:72:C6:D6:50:8B:CB:C3:6F:9D:EB:F1:23:D7:92:43
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019E1EF252197FA592F08E7A947B1D739B39
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/J9L3b0lyxtZQi8vDb53r8SPXkkM.roa
Signing time: Wed 13 May 2026 01:27:37 +0000
ROA not before: Wed 13 May 2026 01:27:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203054
IP address blocks: 212.134.43.0/24 maxlen: 24
212.134.170.0/24 maxlen: 24
212.135.144.0/24 maxlen: 24
212.135.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:f2:52:19:7f:a5:92:f0:8e:7a:94:7b:1d:73:9b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: May 13 01:27:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=27d2f76f4972c6d6508bcbc36f9debf123d79243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ed:7c:59:76:eb:ab:fb:6d:c3:2e:65:08:a9:
00:ab:de:b4:6f:d8:d4:62:78:0f:57:2a:68:12:53:
a0:48:c7:14:79:6a:aa:4a:04:07:51:ac:82:55:f3:
08:2d:0e:9e:98:59:48:23:bf:f5:e9:8a:ae:e8:c9:
7b:6b:d2:94:e5:17:1d:36:e9:c6:33:af:2d:e9:17:
d7:ec:65:2f:ac:47:f5:6a:3f:16:1c:b1:3e:c6:32:
9d:0c:b3:00:70:7a:8e:e7:94:4b:4f:63:ec:f1:cf:
fd:dc:95:36:b4:43:b1:96:0c:3d:fd:a0:38:b3:1d:
11:6e:e6:66:19:ff:b4:68:47:cd:58:12:2e:a9:df:
c3:02:45:a5:c7:d9:18:f4:28:f9:32:7b:9c:aa:66:
cb:12:0b:36:9c:84:40:2d:7e:12:d2:1b:c9:af:62:
58:19:eb:2c:49:98:f9:36:38:31:6b:a5:93:e3:ee:
21:f0:f3:3b:03:f3:29:12:25:00:ac:5c:87:5d:ae:
06:0b:de:93:64:af:87:a4:da:c7:cb:08:b5:72:e1:
37:53:a4:7d:ec:de:44:e2:fe:da:19:6d:85:30:02:
bf:b7:23:8e:30:ff:79:01:ea:1f:8f:b5:c0:3e:a1:
c6:3c:76:f0:d0:95:aa:8b:ef:95:08:0c:56:cf:50:
2e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D2:F7:6F:49:72:C6:D6:50:8B:CB:C3:6F:9D:EB:F1:23:D7:92:43
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/J9L3b0lyxtZQi8vDb53r8SPXkkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.43.0/24
212.134.170.0/24
212.135.144.0/24
212.135.199.0/24
Signature Algorithm: sha256WithRSAEncryption
af:22:e6:d7:75:d9:8f:8b:bb:d6:87:8e:1e:86:6c:fd:0f:b5:
46:31:c7:d5:95:e8:34:3c:65:db:43:c6:54:ac:97:77:50:b1:
20:42:f2:b6:cc:d4:7f:f7:7e:8e:8d:da:7f:d6:12:c5:b4:58:
bf:52:ec:79:41:49:fe:a2:56:43:4f:d9:40:cb:c9:05:d3:f9:
05:f7:6a:7f:2e:39:7e:ca:9b:80:c7:4b:4d:f5:3d:4e:69:74:
49:75:51:00:ce:ef:f1:76:00:2b:83:44:bb:60:c2:67:6f:cd:
98:88:a0:60:2b:4a:53:16:89:16:6e:a4:ab:6f:f0:bf:6b:ec:
83:68:03:cc:20:40:b6:61:e4:46:09:a6:3f:41:c8:24:ea:13:
8d:79:25:fd:55:79:91:98:c0:1f:27:15:f7:46:2c:3b:87:4b:
fc:55:d8:2a:90:0e:70:17:00:b8:32:2e:e9:fd:8b:97:38:cd:
8d:cc:fa:80:92:c3:c2:55:22:12:59:84:9c:a0:07:5c:34:a2:
2d:7d:be:38:10:b1:e3:2b:d0:6c:d0:e2:66:ce:3c:72:4a:dd:
55:43:8d:05:05:7d:f4:a0:92:c9:8c:42:15:48:cb:d5:88:f9:
f6:68:04:25:84:93:43:d5:b3:18:93:70:0e:63:5a:21:96:5a:
0e:3e:5f:b5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4e8lIZf6WS8I56lHsdc5s5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNTEzMDEyNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QyZjc2ZjQ5NzJjNmQ2NTA4YmNiYzM2ZjlkZWJmMTIzZDc5MjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1u18WXbrq/ttwy5lCKkAq960b9jU
YngPVypoElOgSMcUeWqqSgQHUayCVfMILQ6emFlII7/16Yqu6Ml7a9KU5RcdNunG
M68t6RfX7GUvrEf1aj8WHLE+xjKdDLMAcHqO55RLT2Ps8c/93JU2tEOxlgw9/aA4
sx0RbuZmGf+0aEfNWBIuqd/DAkWlx9kY9Cj5MnucqmbLEgs2nIRALX4S0hvJr2JY
GessSZj5Njgxa6WT4+4h8PM7A/MpEiUArFyHXa4GC96TZK+HpNrHywi1cuE3U6R9
7N5E4v7aGW2FMAK/tyOOMP95Aeofj7XAPqHGPHbw0JWqi++VCAxWz1AuzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCfS929JcsbWUIvLw2+d6/Ej15JDMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvSjlMM2IwbHl4dFpRaTh2RGI1M3I4U1BYa2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1IYrAwQA
1IaqAwQA1IeQAwQA1IfHMA0GCSqGSIb3DQEBCwUAA4IBAQCvIubXddmPi7vWh44e
hmz9D7VGMcfVleg0PGXbQ8ZUrJd3ULEgQvK2zNR/936Ojdp/1hLFtFi/Uux5QUn+
olZDT9lAy8kF0/kF92p/Ljl+ypuAx0tN9T1OaXRJdVEAzu/xdgArg0S7YMJnb82Y
iKBgK0pTFokWbqSrb/C/a+yDaAPMIEC2YeRGCaY/Qcgk6hONeSX9VXmRmMAfJxX3
Riw7h0v8VdgqkA5wFwC4Mi7p/YuXOM2NzPqAksPCVSISWYScoAdcNKItfb44ELHj
K9Bs0OJmzjxySt1VQ40FBX30oJLJjEIVSMvViPn2aAQlhJND1bMYk3AOY1ohlloO
Pl+1
-----END CERTIFICATE-----
Generated at Wed May 13 05:26:04 2026 by rpki-client