Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/T3naOpGBILVhmrovtKtGJ74mkQ8.roa
File: T3naOpGBILVhmrovtKtGJ74mkQ8.roa (raw, json)
Hash identifier: +MSIJOsjBvs/bh7ZwEngUrqJdfxWvVs95axCy1wgT6A=
Subject key identifier: 4F:79:DA:3A:91:81:20:B5:61:9A:BA:2F:B4:AB:46:27:BE:26:91:0F
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DD9F510BC83014D8E4C0F0484E9FCD503
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/T3naOpGBILVhmrovtKtGJ74mkQ8.roa
Signing time: Wed 29 Apr 2026 15:56:49 +0000
ROA not before: Wed 29 Apr 2026 15:56:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 142240
IP address blocks: 212.134.50.0/24 maxlen: 24
212.134.53.0/24 maxlen: 24
212.135.18.0/24 maxlen: 24
212.135.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:f5:10:bc:83:01:4d:8e:4c:0f:04:84:e9:fc:d5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 29 15:56:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f79da3a918120b5619aba2fb4ab4627be26910f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:77:f2:45:41:c1:45:a3:c9:99:ab:a8:df:
89:cb:76:d7:40:11:5b:f0:2e:49:bb:ba:f4:9c:df:
5a:50:5f:94:3b:56:a4:19:eb:ec:45:d3:c0:eb:6e:
bf:eb:20:a4:bd:b5:f2:b9:e3:31:b6:1b:3b:9f:f6:
34:9f:42:5c:24:9b:f2:b5:28:43:31:d2:3c:00:45:
7a:95:27:a6:2d:d0:ed:62:3f:98:94:81:e2:b1:e1:
a5:ab:90:29:d8:85:83:8a:77:e0:29:c5:08:3f:24:
bb:b6:ad:ad:3c:9f:b2:21:92:e4:aa:ad:87:5c:f6:
3a:bf:41:97:59:45:1a:10:0e:ac:6c:de:ee:09:43:
77:4c:c5:df:19:e8:4b:59:40:b7:f7:71:44:01:f8:
12:73:e2:a1:09:f4:6f:b3:e1:ad:49:5a:af:cb:67:
a2:f8:c1:ab:2e:2e:3d:9b:8c:4d:58:75:7c:47:38:
5c:6a:59:c8:47:0f:74:bd:1a:23:91:13:3f:15:cc:
66:7e:d6:24:a7:29:2b:d9:5f:37:a5:0b:c7:dc:16:
c2:20:d5:4a:62:46:f4:55:78:c9:e8:80:e2:fd:de:
9d:48:aa:8f:b7:15:41:8c:04:67:98:98:ac:bd:88:
f1:85:81:14:f6:6f:9f:06:8c:1a:88:ee:f8:60:fa:
a5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:79:DA:3A:91:81:20:B5:61:9A:BA:2F:B4:AB:46:27:BE:26:91:0F
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/T3naOpGBILVhmrovtKtGJ74mkQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.50.0/24
212.134.53.0/24
212.135.18.0/24
212.135.23.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:fe:bc:3e:51:24:56:71:e1:82:89:3a:1b:8d:13:bc:71:66:
9c:55:8d:cc:3d:83:f1:35:45:4c:a7:3e:2e:34:50:d5:9b:be:
3e:9a:1c:0f:0d:9d:d2:e1:86:92:0e:9a:45:bb:71:1a:ac:db:
af:1b:85:38:3a:d1:a7:1f:34:c3:32:c2:03:66:59:79:92:49:
b3:25:5c:51:f8:4e:0e:cd:48:23:d6:49:83:90:37:be:f6:ab:
85:e1:0a:83:fa:bd:7e:fc:31:ce:fd:b8:00:fb:77:7a:fb:1c:
15:95:bb:64:e6:cd:1d:d3:e3:d4:25:ee:05:5e:cd:cb:30:89:
e8:73:ea:ff:ed:c3:db:53:67:b0:b6:a9:85:d7:5b:23:8f:7c:
3c:90:b5:7b:15:22:ee:4b:06:00:41:ab:69:17:7e:9c:75:ec:
54:17:ed:8d:0a:bb:9b:7a:20:cd:2a:60:e0:24:24:c3:3d:1d:
34:ae:bb:3c:99:ff:fd:35:54:46:03:88:59:bc:b6:6b:d9:fb:
81:ec:a5:95:e3:35:8f:8d:4f:0d:0c:70:98:aa:88:78:2c:da:
d5:35:21:03:42:e5:0d:f1:0a:10:c7:72:88:6f:d0:3e:d7:7a:
86:ec:f6:f4:99:cc:e8:4d:de:08:ec:28:4a:c5:b4:cf:7f:17:
35:05:88:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3Z9RC8gwFNjkwPBITp/NUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDI5MTU1NjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjc5ZGEzYTkxODEyMGI1NjE5YWJhMmZiNGFiNDYyN2JlMjY5MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG538kVBwUWjyZmrqN+Jy3bXQBFb
8C5Ju7r0nN9aUF+UO1akGevsRdPA626/6yCkvbXyueMxths7n/Y0n0JcJJvytShD
MdI8AEV6lSemLdDtYj+YlIHiseGlq5Ap2IWDinfgKcUIPyS7tq2tPJ+yIZLkqq2H
XPY6v0GXWUUaEA6sbN7uCUN3TMXfGehLWUC393FEAfgSc+KhCfRvs+GtSVqvy2ei
+MGrLi49m4xNWHV8RzhcalnIRw90vRojkRM/FcxmftYkpykr2V83pQvH3BbCINVK
Ykb0VXjJ6IDi/d6dSKqPtxVBjARnmJisvYjxhYEU9m+fBowaiO74YPqlBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE952jqRgSC1YZq6L7SrRie+JpEPMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvVDNuYU9wR0JJTFZobXJvdnRLdEdKNzRta1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1IYyAwQA
1IY1AwQA1IcSAwQA1IcXMA0GCSqGSIb3DQEBCwUAA4IBAQCl/rw+USRWceGCiTob
jRO8cWacVY3MPYPxNUVMpz4uNFDVm74+mhwPDZ3S4YaSDppFu3EarNuvG4U4OtGn
HzTDMsIDZll5kkmzJVxR+E4OzUgj1kmDkDe+9quF4QqD+r1+/DHO/bgA+3d6+xwV
lbtk5s0d0+PUJe4FXs3LMInoc+r/7cPbU2ewtqmF11sjj3w8kLV7FSLuSwYAQatp
F36cdexUF+2NCrubeiDNKmDgJCTDPR00rrs8mf/9NVRGA4hZvLZr2fuB7KWV4zWP
jU8NDHCYqoh4LNrVNSEDQuUN8QoQx3KIb9A+13qG7Pb0mczoTd4I7ChKxbTPfxc1
BYga
-----END CERTIFICATE-----
Generated at Wed May 13 05:57:41 2026 by rpki-client