Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hzqA1Hd_CrTvuQgBT3QDkxwrIQ0.roa
File: hzqA1Hd_CrTvuQgBT3QDkxwrIQ0.roa (raw, json)
Hash identifier: beCZT3LVgcp9spHIzMT3raTQGFHLxg3Gq5etZzSrPk8=
Subject key identifier: 87:3A:80:D4:77:7F:0A:B4:EF:B9:08:01:4F:74:03:93:1C:2B:21:0D
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DD165DE4E0C146D0D0028EC35F3CEC3E4
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hzqA1Hd_CrTvuQgBT3QDkxwrIQ0.roa
Signing time: Tue 28 Apr 2026 00:03:27 +0000
ROA not before: Tue 28 Apr 2026 00:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58325
IP address blocks: 212.134.220.0/22 maxlen: 22
212.135.130.0/23 maxlen: 24
212.135.132.0/23 maxlen: 24
212.135.136.0/23 maxlen: 24
212.135.138.0/23 maxlen: 24
212.135.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d1:65:de:4e:0c:14:6d:0d:00:28:ec:35:f3:ce:c3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 28 00:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=873a80d4777f0ab4efb908014f7403931c2b210d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6d:2a:95:20:18:70:dd:ec:2d:a7:73:2d:bc:
a4:8f:83:8d:80:02:f7:6c:a6:eb:46:d4:4f:34:45:
d3:c4:15:f7:3a:8d:1f:da:4b:52:e7:b9:cf:64:ab:
b6:48:14:11:b5:b5:4a:e5:02:f3:0f:8c:0b:ee:bc:
66:74:95:ea:4d:5f:1a:b3:69:32:a6:76:cb:20:d0:
f2:33:d6:73:af:2c:80:e2:e5:9b:6a:db:ce:d0:ce:
7d:86:b1:6e:46:b9:92:fb:ea:f1:18:83:4b:e5:1a:
19:3d:f6:ea:e4:57:6a:8f:d5:f5:07:d6:df:91:bb:
73:d8:19:4d:76:ef:47:b8:60:10:cd:a5:98:b7:c3:
68:d8:78:fb:9e:04:00:5b:31:72:3e:95:23:b6:06:
b4:29:5d:30:5c:c7:10:8f:e7:5d:64:74:54:95:1d:
65:a3:8d:47:3f:b4:9a:c7:a7:c3:33:54:c0:e6:cf:
80:54:c1:b4:8a:37:24:e0:d4:cd:f8:21:72:bf:69:
ac:40:9f:f1:ae:63:3c:64:f5:1d:e7:8e:94:30:bd:
39:ce:de:0e:39:98:46:36:20:c8:9c:9e:29:71:39:
e5:19:e3:0a:54:14:88:b8:3c:90:56:17:2a:95:25:
a7:8d:7a:14:2b:ee:e3:c0:65:a2:26:54:5d:aa:8a:
15:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:3A:80:D4:77:7F:0A:B4:EF:B9:08:01:4F:74:03:93:1C:2B:21:0D
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/hzqA1Hd_CrTvuQgBT3QDkxwrIQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.220.0/22
212.135.130.0-212.135.133.255
212.135.136.0/22
212.135.146.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e4:bf:27:70:a1:18:db:39:38:e6:86:c9:1b:6f:fc:e9:c9:
bd:5c:e2:f8:b5:56:8c:eb:d5:0b:44:c8:5a:40:9c:99:8b:6a:
9b:58:c2:0a:01:55:87:db:27:10:94:27:98:46:81:cf:57:c6:
9b:54:03:85:f8:56:07:a5:f4:44:8e:57:f1:9e:1e:0b:b1:53:
cf:63:63:42:5f:44:55:00:99:0e:5e:ed:eb:62:8e:e8:68:3f:
bb:60:67:bc:87:39:db:ab:b3:85:74:94:e6:27:76:96:55:f0:
70:4d:ab:c1:3d:6a:35:97:90:f7:86:0f:fc:79:2f:db:94:80:
8b:5a:88:5c:68:e7:c1:ad:cf:79:f7:0f:1c:21:8e:a3:18:3d:
ac:d3:38:98:4e:34:b3:8a:eb:a0:75:cc:b1:fe:d9:49:f1:3d:
a0:20:26:23:df:3b:16:f5:0d:99:3c:1a:c9:f6:59:56:73:a3:
22:cb:97:23:af:bb:e3:73:98:47:4c:3e:5d:6b:95:cd:f5:33:
fa:4d:b3:25:13:e6:80:0c:e5:83:3b:70:8d:ba:12:52:a1:67:
9b:6e:ce:63:85:13:a8:e7:d0:62:ba:7d:8b:4d:71:5f:f2:44:
b9:9f:64:db:64:98:a8:73:d7:65:5d:82:d4:30:a0:ad:af:91:
7b:bd:01:81
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ3RZd5ODBRtDQAo7DXzzsPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDI4MDAwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzNhODBkNDc3N2YwYWI0ZWZiOTA4MDE0Zjc0MDM5MzFjMmIyMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW0qlSAYcN3sLadzLbykj4ONgAL3
bKbrRtRPNEXTxBX3Oo0f2ktS57nPZKu2SBQRtbVK5QLzD4wL7rxmdJXqTV8as2ky
pnbLINDyM9ZzryyA4uWbatvO0M59hrFuRrmS++rxGINL5RoZPfbq5Fdqj9X1B9bf
kbtz2BlNdu9HuGAQzaWYt8No2Hj7ngQAWzFyPpUjtga0KV0wXMcQj+ddZHRUlR1l
o41HP7Sax6fDM1TA5s+AVMG0ijck4NTN+CFyv2msQJ/xrmM8ZPUd546UML05zt4O
OZhGNiDInJ4pcTnlGeMKVBSIuDyQVhcqlSWnjXoUK+7jwGWiJlRdqooVWQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIc6gNR3fwq077kIAU90A5McKyENMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaHpxQTFIZF9DclR2dVFnQlQzUURreHdySVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQC1IbcMAwD
BAHUh4IDBAHUh4QDBALUh4gDBAHUh5IwDQYJKoZIhvcNAQELBQADggEBAE7kvydw
oRjbOTjmhskbb/zpyb1c4vi1Vozr1QtEyFpAnJmLaptYwgoBVYfbJxCUJ5hGgc9X
xptUA4X4Vgel9ESOV/GeHguxU89jY0JfRFUAmQ5e7etijuhoP7tgZ7yHOdurs4V0
lOYndpZV8HBNq8E9ajWXkPeGD/x5L9uUgItaiFxo58Gtz3n3DxwhjqMYPazTOJhO
NLOK66B1zLH+2UnxPaAgJiPfOxb1DZk8Gsn2WVZzoyLLlyOvu+NzmEdMPl1rlc31
M/pNsyUT5oAM5YM7cI26ElKhZ5tuzmOFE6jn0GK6fYtNcV/yRLmfZNtkmKhz12Vd
gtQwoK2vkXu9AYE=
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:05 2026 by rpki-client