Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fECu9Qe7ki26wTaybDKYzHkkXZk.roa
File: fECu9Qe7ki26wTaybDKYzHkkXZk.roa (raw, json)
Hash identifier: ZVB2RLE/qpkhq8m77fUGwFase5DB6OvgXNAgFD5NsnI=
Subject key identifier: 7C:40:AE:F5:07:BB:92:2D:BA:C1:36:B2:6C:32:98:CC:79:24:5D:99
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 01997B7C3D04671C413715F71397FFB5B569
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fECu9Qe7ki26wTaybDKYzHkkXZk.roa
Signing time: Wed 24 Sep 2025 11:29:23 +0000
ROA not before: Wed 24 Sep 2025 11:29:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134135
IP address blocks: 212.134.32.0/22 maxlen: 22
212.134.40.0/22 maxlen: 22
212.134.48.0/22 maxlen: 22
212.134.100.0/22 maxlen: 22
212.134.112.0/22 maxlen: 22
212.134.120.0/22 maxlen: 22
212.134.132.0/22 maxlen: 22
212.134.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:7c:3d:04:67:1c:41:37:15:f7:13:97:ff:b5:b5:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 24 11:29:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c40aef507bb922dbac136b26c3298cc79245d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6f:e9:3a:5e:9e:5b:14:5c:dc:7c:68:47:a1:
48:fb:97:aa:04:92:9e:a9:63:13:72:8c:12:98:06:
ff:8c:e1:7f:4c:33:5a:f1:88:78:95:c3:da:a0:9b:
39:f9:3a:10:ba:ed:cb:2b:a2:56:47:81:f9:8b:fa:
8e:30:90:23:7f:4e:4e:32:19:3e:de:97:3f:e6:c1:
f0:51:6b:39:9a:5f:16:20:0a:0f:d2:91:6f:44:2f:
15:a6:9b:3c:81:82:3f:a6:ab:39:5f:9b:52:cd:68:
ab:c7:2d:e2:07:6b:3c:78:da:6a:82:b3:3b:3e:26:
7a:af:73:f8:7a:ea:14:74:7f:db:47:32:0c:78:4d:
ab:eb:02:0e:7d:07:da:31:d6:46:fc:17:3a:1b:76:
aa:9a:0d:96:07:26:9f:34:84:82:0c:0e:e4:06:13:
07:69:57:88:61:63:5b:51:d2:0f:3b:87:46:52:78:
f5:0d:ad:ba:49:86:91:31:f8:a0:21:11:76:c9:98:
76:12:75:86:b0:08:c0:24:1e:13:1a:9d:a3:ff:90:
a9:16:d7:6a:47:88:af:6f:3e:53:0c:0b:66:2c:68:
35:68:c6:db:87:22:26:27:41:40:da:d0:b7:53:38:
95:21:3d:d9:52:de:a8:bf:a5:52:45:fa:38:f6:88:
82:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:40:AE:F5:07:BB:92:2D:BA:C1:36:B2:6C:32:98:CC:79:24:5D:99
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fECu9Qe7ki26wTaybDKYzHkkXZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.32.0/22
212.134.40.0/22
212.134.48.0/22
212.134.100.0/22
212.134.112.0/22
212.134.120.0/22
212.134.132.0/22
212.134.140.0/22
Signature Algorithm: sha256WithRSAEncryption
95:02:f7:64:50:35:a1:cc:bc:56:c5:07:ca:f9:e8:42:1b:ac:
f7:fb:e8:7e:52:be:ad:18:83:90:72:cf:99:38:88:db:40:69:
4d:fc:c2:cf:bf:09:b1:44:cc:5e:c9:7c:a0:84:ee:7f:14:16:
1f:33:47:7e:a4:a7:8c:bc:ef:1f:5e:70:84:b9:a1:aa:31:cb:
fb:35:b0:a3:65:32:9e:9d:19:51:27:04:35:f4:99:97:4c:bc:
52:98:db:3f:bf:93:ad:6b:5f:5a:09:64:4f:9f:8d:3f:79:ee:
45:c3:3b:e1:99:89:f5:11:2f:db:11:c3:26:00:2b:a2:aa:07:
74:77:a4:84:d0:83:fb:00:55:20:2b:3c:fd:68:26:27:f2:86:
c9:3d:95:31:35:fd:a8:6c:66:55:1f:08:41:6c:9e:81:11:a8:
f0:e0:4e:ce:c5:7b:7a:1c:0d:16:2f:dc:20:ec:2c:b7:b9:a9:
5c:df:44:72:58:8c:f2:f8:cc:25:9b:f3:54:8d:ab:ef:b7:2a:
59:48:d5:ae:7d:c2:83:a8:f5:7f:02:02:5e:05:5d:02:98:0b:
7c:37:b6:23:4a:05:e2:64:9f:6c:1c:98:f9:f1:d7:b2:da:dc:
99:8b:40:79:02:ff:58:34:2e:c2:a1:1c:41:f9:dd:4c:af:81:
a8:92:5c:5f
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZl7fD0EZxxBNxX3E5f/tbVpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTI0MTEyOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQwYWVmNTA3YmI5MjJkYmFjMTM2YjI2YzMyOThjYzc5MjQ1ZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm/pOl6eWxRc3HxoR6FI+5eqBJKe
qWMTcowSmAb/jOF/TDNa8Yh4lcPaoJs5+ToQuu3LK6JWR4H5i/qOMJAjf05OMhk+
3pc/5sHwUWs5ml8WIAoP0pFvRC8Vpps8gYI/pqs5X5tSzWirxy3iB2s8eNpqgrM7
PiZ6r3P4euoUdH/bRzIMeE2r6wIOfQfaMdZG/Bc6G3aqmg2WByafNISCDA7kBhMH
aVeIYWNbUdIPO4dGUnj1Da26SYaRMfigIRF2yZh2EnWGsAjAJB4TGp2j/5CpFtdq
R4ivbz5TDAtmLGg1aMbbhyImJ0FA2tC3UziVIT3ZUt6ov6VSRfo49oiChQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHxArvUHu5ItusE2smwymMx5JF2ZMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvZkVDdTlRZTdraTI2d1RheWJES1l6SGtrWFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQC1IYgAwQC
1IYoAwQC1IYwAwQC1IZkAwQC1IZwAwQC1IZ4AwQC1IaEAwQC1IaMMA0GCSqGSIb3
DQEBCwUAA4IBAQCVAvdkUDWhzLxWxQfK+ehCG6z3++h+Ur6tGIOQcs+ZOIjbQGlN
/MLPvwmxRMxeyXyghO5/FBYfM0d+pKeMvO8fXnCEuaGqMcv7NbCjZTKenRlRJwQ1
9JmXTLxSmNs/v5Ota19aCWRPn40/ee5FwzvhmYn1ES/bEcMmACuiqgd0d6SE0IP7
AFUgKzz9aCYn8obJPZUxNf2obGZVHwhBbJ6BEajw4E7OxXt6HA0WL9wg7Cy3ualc
30RyWIzy+Mwlm/NUjavvtypZSNWufcKDqPV/AgJeBV0CmAt8N7YjSgXiZJ9sHJj5
8dey2tyZi0B5Av9YNC7CoRxB+d1Mr4Goklxf
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:04:34 2025 by rpki-client