Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/bJdPoxQv0f7bbCq1976RHMAULhU.roa
File: bJdPoxQv0f7bbCq1976RHMAULhU.roa (raw, json)
Hash identifier: hjwENSKM6vMHwDuJ+0HNpv6ccALHDEWSO2Jn2L0ll5c=
Subject key identifier: 6C:97:4F:A3:14:2F:D1:FE:DB:6C:2A:B5:F7:BE:91:1C:C0:14:2E:15
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019D1BEC0FF5F72DB80E2A05B52C8675A75F
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/bJdPoxQv0f7bbCq1976RHMAULhU.roa
Signing time: Mon 23 Mar 2026 18:19:08 +0000
ROA not before: Mon 23 Mar 2026 18:19:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56655
IP address blocks: 212.134.136.0/21 maxlen: 24
212.134.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:ec:0f:f5:f7:2d:b8:0e:2a:05:b5:2c:86:75:a7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 23 18:19:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c974fa3142fd1fedb6c2ab5f7be911cc0142e15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6c:c5:7b:58:12:e4:1d:c3:76:cb:25:83:da:
a4:7a:fb:b1:6e:ad:77:7e:06:3e:1c:9d:8e:0b:d9:
b8:ef:a5:7a:48:df:d4:60:5e:cb:7d:aa:22:f0:23:
b2:0f:b9:fd:9b:26:b5:16:39:d2:63:9b:67:ec:8b:
45:d1:0e:5a:4d:c4:61:d6:7f:16:45:10:55:30:13:
e5:7f:30:b2:72:02:5c:e2:b3:ec:6e:84:9b:76:fd:
a1:ba:eb:c7:c6:fb:dc:1b:ff:aa:dd:10:a2:19:55:
17:2e:5f:c9:0d:b6:ea:0c:0f:17:58:28:0f:bf:cb:
73:b6:a0:e0:98:44:a5:39:29:43:76:e2:b2:4b:7b:
70:d6:e3:ba:98:bf:88:22:cd:33:58:c0:fd:52:6d:
84:97:fa:6b:a4:49:71:11:70:15:29:34:3b:62:aa:
5a:f5:d0:4b:7f:40:b0:33:d4:cb:92:d6:ef:09:11:
e6:7b:7f:f7:58:f5:a9:51:a4:91:05:ee:b3:4d:21:
98:b7:06:21:1b:05:93:ed:2d:4a:ae:d7:16:d6:5f:
7e:44:f4:ef:06:fb:59:6f:6d:e8:d0:4b:bb:c4:1b:
c6:98:c8:41:59:2d:3a:5a:a0:fd:8f:3b:a7:df:dc:
f8:8f:f5:db:25:f0:c2:3a:b5:aa:68:d4:34:f9:3c:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:97:4F:A3:14:2F:D1:FE:DB:6C:2A:B5:F7:BE:91:1C:C0:14:2E:15
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/bJdPoxQv0f7bbCq1976RHMAULhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.136.0/21
212.134.232.0/21
Signature Algorithm: sha256WithRSAEncryption
88:81:f0:af:07:3e:1a:9e:7d:79:c2:a0:68:73:76:15:70:23:
4a:5d:75:c1:b6:98:1c:bf:36:c6:f8:51:a5:75:6a:48:6d:1d:
92:69:82:ff:f9:c6:19:fe:3a:b0:2d:5c:04:a6:44:f0:7c:25:
55:8c:9f:ae:ba:ee:40:68:80:bc:c9:f4:17:2a:c2:73:ed:4b:
4b:9c:e2:22:98:88:b6:cb:95:9f:94:d3:ec:70:22:bf:50:f5:
8e:6d:d4:b1:d1:46:91:2c:bb:d0:41:a7:2e:60:31:8f:7b:2b:
fe:50:ea:01:e0:40:25:09:74:f9:ff:d1:1c:e6:24:ba:73:db:
96:0e:31:21:82:26:9b:5b:4f:53:87:63:d2:95:b3:ac:eb:8e:
01:1e:4f:15:72:21:4b:4b:ad:7e:e2:ba:1c:a0:45:86:fc:dc:
f9:2c:95:19:7e:de:a3:16:25:10:64:89:68:7b:ce:a9:50:d8:
47:c1:92:16:bc:c5:0e:a5:47:63:16:38:01:f2:97:25:e9:a2:
40:45:a2:7c:89:80:b6:2a:6c:7b:6c:af:d1:25:4f:99:4f:56:
df:a9:63:7a:00:4e:ab:c9:9c:d1:fe:b2:c2:fb:5f:aa:de:35:
df:83:c1:b1:09:0b:f9:52:c6:41:77:44:c2:06:72:16:6d:5b:
e6:55:91:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0b7A/19y24DioFtSyGdadfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzIzMTgxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk3NGZhMzE0MmZkMWZlZGI2YzJhYjVmN2JlOTExY2MwMTQyZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmzFe1gS5B3Ddsslg9qkevuxbq13
fgY+HJ2OC9m476V6SN/UYF7Lfaoi8COyD7n9mya1FjnSY5tn7ItF0Q5aTcRh1n8W
RRBVMBPlfzCycgJc4rPsboSbdv2huuvHxvvcG/+q3RCiGVUXLl/JDbbqDA8XWCgP
v8tztqDgmESlOSlDduKyS3tw1uO6mL+IIs0zWMD9Um2El/prpElxEXAVKTQ7Yqpa
9dBLf0CwM9TLktbvCRHme3/3WPWpUaSRBe6zTSGYtwYhGwWT7S1KrtcW1l9+RPTv
BvtZb23o0Eu7xBvGmMhBWS06WqD9jzun39z4j/XbJfDCOrWqaNQ0+TyVjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGyXT6MUL9H+22wqtfe+kRzAFC4VMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvYkpkUG94UXYwZjdiYkNxMTk3NlJITUFVTGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1IaIAwQD
1IboMA0GCSqGSIb3DQEBCwUAA4IBAQCIgfCvBz4ann15wqBoc3YVcCNKXXXBtpgc
vzbG+FGldWpIbR2SaYL/+cYZ/jqwLVwEpkTwfCVVjJ+uuu5AaIC8yfQXKsJz7UtL
nOIimIi2y5WflNPscCK/UPWObdSx0UaRLLvQQacuYDGPeyv+UOoB4EAlCXT5/9Ec
5iS6c9uWDjEhgiabW09Th2PSlbOs644BHk8VciFLS61+4rocoEWG/Nz5LJUZft6j
FiUQZIloe86pUNhHwZIWvMUOpUdjFjgB8pcl6aJARaJ8iYC2Kmx7bK/RJU+ZT1bf
qWN6AE6ryZzR/rLC+1+q3jXfg8GxCQv5UsZBd0TCBnIWbVvmVZF7
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:09:46 2026 by rpki-client