Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/kEJXDEm4c1r6zqX3cnVR1HqDk5c.roa
File: kEJXDEm4c1r6zqX3cnVR1HqDk5c.roa (raw, json)
Hash identifier: rs0nesPxqZj92t8kelWVCXs82PbRLYNkaFYAvLZ4o8o=
Subject key identifier: 90:42:57:0C:49:B8:73:5A:FA:CE:A5:F7:72:75:51:D4:7A:83:93:97
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 01997588CE8017B9682AAB1029B2033407AA
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/kEJXDEm4c1r6zqX3cnVR1HqDk5c.roa
Signing time: Tue 23 Sep 2025 07:45:23 +0000
ROA not before: Tue 23 Sep 2025 07:45:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 212.134.128.0/22 maxlen: 22
212.134.136.0/22 maxlen: 22
212.134.144.0/22 maxlen: 22
212.134.152.0/22 maxlen: 22
212.134.160.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:88:ce:80:17:b9:68:2a:ab:10:29:b2:03:34:07:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 23 07:45:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9042570c49b8735afacea5f7727551d47a839397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:72:25:3b:05:30:71:62:af:99:70:31:34:
e8:ab:55:67:54:6c:8d:f5:2a:01:38:c7:0c:a2:a3:
71:b1:2e:ce:0a:0c:ef:c2:ac:3c:ad:c6:93:5c:ae:
71:04:cd:b5:a3:b1:ab:cb:5d:b1:8e:97:38:7c:27:
8b:66:7c:ae:db:e9:2f:4d:4a:21:8c:12:71:6f:66:
eb:b0:3f:93:b8:a5:06:cf:df:51:d3:0b:5b:de:27:
b9:62:d7:73:51:36:57:6e:46:24:22:f7:ea:40:7c:
da:2d:d3:b6:6a:92:32:a1:d2:08:03:5b:10:7f:38:
a2:08:a4:1b:b6:66:91:3d:44:8e:78:2d:94:d8:f6:
11:f0:3c:c3:18:47:7b:ae:a5:e8:59:2d:5e:45:0f:
61:25:3e:a2:eb:95:89:b6:20:74:b4:d3:b5:6b:e3:
e0:05:b3:7a:af:f8:af:da:13:3a:1e:0d:e8:34:6a:
7c:10:51:b2:18:6a:2f:f2:9d:dc:e0:5a:c6:78:05:
44:e4:36:7e:8d:7a:e2:e9:79:28:1e:e9:93:55:f3:
dd:bf:c8:e3:01:52:2e:10:9d:f8:77:0b:a8:55:be:
2e:32:a3:1b:7e:3f:1e:7c:ab:23:d2:10:74:6b:8f:
82:19:bf:97:5d:36:5c:bb:14:50:6a:c3:9c:30:8b:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:42:57:0C:49:B8:73:5A:FA:CE:A5:F7:72:75:51:D4:7A:83:93:97
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/kEJXDEm4c1r6zqX3cnVR1HqDk5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.128.0/22
212.134.136.0/22
212.134.144.0/22
212.134.152.0/22
212.134.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:b9:bb:60:4a:51:7d:2c:da:07:2a:d0:45:8b:35:2d:a3:83:
2e:ff:c2:32:df:df:5b:34:7d:63:70:f9:bd:31:ad:55:66:8c:
c6:24:b1:d6:a9:e1:d0:30:7c:94:6d:d8:88:e7:f0:0d:58:57:
bc:c5:96:79:e0:04:d9:0e:c6:0f:ba:a6:c9:60:29:6a:46:d8:
c9:13:c6:ac:99:ae:a7:12:91:bc:f0:26:3a:04:1e:05:73:65:
a9:ca:80:da:4e:92:99:37:0c:3b:3a:0b:56:3d:e2:f2:cd:f6:
97:e2:83:48:0f:c3:ca:f8:29:c7:71:eb:a8:4c:64:ac:24:18:
75:a3:b5:2e:76:d4:b8:c7:33:bd:9c:f5:f6:5e:b9:66:81:4d:
27:df:d5:fc:50:c6:d0:58:39:16:9d:94:74:98:54:00:ff:d8:
3b:34:ba:5d:1a:92:67:0c:67:7d:c0:c0:1d:e3:ee:09:e2:d5:
2c:b0:78:54:4b:51:4c:fa:09:c8:90:58:da:5e:c8:a4:19:a7:
a7:59:38:d4:93:b5:4c:0f:f1:e6:c2:ea:65:ee:4d:2c:9a:af:
de:24:20:4b:de:c4:36:ec:e6:9a:fe:8a:29:f9:b3:0b:51:23:
d4:f7:8e:84:42:a3:03:cb:02:58:e7:03:e5:77:16:60:c2:0d:
fd:56:10:40
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZl1iM6AF7loKqsQKbIDNAeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTIzMDc0NTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDQyNTcwYzQ5Yjg3MzVhZmFjZWE1Zjc3Mjc1NTFkNDdhODM5Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2dyJTsFMHFir5lwMTToq1VnVGyN
9SoBOMcMoqNxsS7OCgzvwqw8rcaTXK5xBM21o7Gry12xjpc4fCeLZnyu2+kvTUoh
jBJxb2brsD+TuKUGz99R0wtb3ie5YtdzUTZXbkYkIvfqQHzaLdO2apIyodIIA1sQ
fziiCKQbtmaRPUSOeC2U2PYR8DzDGEd7rqXoWS1eRQ9hJT6i65WJtiB0tNO1a+Pg
BbN6r/iv2hM6Hg3oNGp8EFGyGGov8p3c4FrGeAVE5DZ+jXri6XkoHumTVfPdv8jj
AVIuEJ34dwuoVb4uMqMbfj8efKsj0hB0a4+CGb+XXTZcuxRQasOcMIvcEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJBCVwxJuHNa+s6l93J1UdR6g5OXMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEva0VKWERFbTRjMXI2enFYM2NuVlIxSHFEazVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQC1IaAAwQC
1IaIAwQC1IaQAwQC1IaYAwQC1IagMA0GCSqGSIb3DQEBCwUAA4IBAQBMubtgSlF9
LNoHKtBFizUto4Mu/8Iy399bNH1jcPm9Ma1VZozGJLHWqeHQMHyUbdiI5/ANWFe8
xZZ54ATZDsYPuqbJYClqRtjJE8asma6nEpG88CY6BB4Fc2WpyoDaTpKZNww7OgtW
PeLyzfaX4oNID8PK+CnHceuoTGSsJBh1o7UudtS4xzO9nPX2XrlmgU0n39X8UMbQ
WDkWnZR0mFQA/9g7NLpdGpJnDGd9wMAd4+4J4tUssHhUS1FM+gnIkFjaXsikGaen
WTjUk7VMD/Hmwupl7k0smq/eJCBL3sQ27Oaa/oop+bMLUSPU946EQqMDywJY5wPl
dxZgwg39VhBA
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:19 2025 by rpki-client