Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/n7hBEfz4uLSwtRLLNi_bTtkcj54.roa
File: n7hBEfz4uLSwtRLLNi_bTtkcj54.roa (raw, json)
Hash identifier: hLssrACcMPNdioDH7yE4ZkwOYP4WjmZtpzWZcaH8hMc=
Subject key identifier: 9F:B8:41:11:FC:F8:B8:B4:B0:B5:12:CB:36:2F:DB:4E:D9:1C:8F:9E
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019DDE502D4A8635B49221D187687AF15C16
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/n7hBEfz4uLSwtRLLNi_bTtkcj54.roa
Signing time: Thu 30 Apr 2026 12:14:49 +0000
ROA not before: Thu 30 Apr 2026 12:14:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399955
IP address blocks: 212.134.46.0/24 maxlen: 24
212.134.52.0/24 maxlen: 24
212.134.54.0/24 maxlen: 24
212.134.94.0/24 maxlen: 24
212.134.124.0/22 maxlen: 24
212.134.164.0/22 maxlen: 24
212.134.172.0/23 maxlen: 24
212.134.208.0/22 maxlen: 24
212.134.224.0/22 maxlen: 24
212.135.76.0/23 maxlen: 24
212.135.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:50:2d:4a:86:35:b4:92:21:d1:87:68:7a:f1:5c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Apr 30 12:14:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fb84111fcf8b8b4b0b512cb362fdb4ed91c8f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:55:9a:ba:72:20:14:09:ce:00:b3:78:8b:47:
15:73:91:b6:66:f4:b1:4c:61:0d:0b:ec:cd:d5:66:
10:46:18:c1:80:fb:2d:16:4a:56:45:37:54:9b:86:
a9:11:55:35:7a:b4:58:24:1e:be:a0:36:40:31:2b:
9c:b2:3e:40:f9:0f:d0:53:53:98:db:b0:26:71:56:
2a:b7:d2:e1:cd:cc:df:f5:27:b5:5d:24:4a:af:5d:
6c:11:da:65:3a:80:38:7d:0c:6a:f8:6f:d1:51:62:
30:22:54:06:85:7b:40:53:36:f3:c1:54:4e:66:e3:
80:89:81:34:bb:39:34:bd:af:71:65:ad:85:ca:69:
3b:a6:eb:fb:a6:10:0d:16:1b:c6:41:af:3a:3c:bd:
b2:78:7d:f5:af:20:d5:f4:40:31:63:b1:13:93:ad:
14:54:2c:0e:7e:98:8f:65:fc:0c:65:84:8a:40:c2:
66:23:7d:cf:9c:8a:79:65:55:b5:22:2d:b3:64:d2:
2c:af:25:c7:50:22:4d:b3:0d:1c:49:86:34:c3:f8:
0e:d9:cc:50:47:84:41:e0:c4:6d:55:52:03:58:07:
66:c2:1d:50:dd:da:fe:ec:87:be:c3:d5:b6:90:d5:
09:75:51:30:2e:a7:a6:52:7b:5b:0a:12:36:be:21:
5c:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B8:41:11:FC:F8:B8:B4:B0:B5:12:CB:36:2F:DB:4E:D9:1C:8F:9E
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/n7hBEfz4uLSwtRLLNi_bTtkcj54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.46.0/24
212.134.52.0/24
212.134.54.0/24
212.134.94.0/24
212.134.124.0/22
212.134.164.0/22
212.134.172.0/23
212.134.208.0/22
212.134.224.0/22
212.135.76.0/23
212.135.175.0/24
Signature Algorithm: sha256WithRSAEncryption
30:a0:fa:cf:50:2b:97:12:43:ad:a9:9e:21:5e:b4:5d:b4:61:
3c:cc:6b:c7:6f:2a:f6:a3:4e:15:a0:a6:80:68:a1:5a:db:94:
1a:9c:76:61:29:37:02:a4:e8:98:d2:f1:1c:f6:88:82:f0:d9:
b7:0c:f2:0d:20:34:39:90:64:01:61:68:9e:05:fd:aa:73:3b:
64:d4:77:8e:13:58:cb:86:08:e2:ad:79:75:6b:26:76:25:f3:
2d:6c:9e:27:c9:6b:52:9c:84:1a:c2:fa:c2:21:cf:b8:64:3d:
69:d4:f1:bc:5a:90:ac:62:fb:9a:c3:ae:8e:80:6a:6c:32:0a:
a3:e4:a3:88:0b:a4:51:7d:19:97:66:36:f6:79:fe:2a:ae:54:
29:fe:b7:72:b8:86:18:88:76:23:43:49:07:c9:8d:41:41:01:
28:ca:cb:ac:72:4a:4a:1d:83:8d:9c:ce:4b:56:8e:f6:ef:9f:
d0:c9:45:9f:f6:c9:06:88:dc:3e:29:66:c9:c6:db:99:ff:7d:
06:9c:37:5a:ec:0e:de:c4:97:c1:2c:c2:e2:38:28:b6:eb:95:
c5:37:a9:aa:dc:ab:33:84:0f:f0:44:88:22:2e:f0:2f:f0:cf:
0d:df:4d:62:bf:18:bc:1f:5d:08:bd:9a:b3:c2:31:9d:a8:c7:
de:b7:c4:7d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ3eUC1KhjW0kiHRh2h68VwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwNDMwMTIxNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI4NDExMWZjZjhiOGI0YjBiNTEyY2IzNjJmZGI0ZWQ5MWM4ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlWaunIgFAnOALN4i0cVc5G2ZvSx
TGENC+zN1WYQRhjBgPstFkpWRTdUm4apEVU1erRYJB6+oDZAMSucsj5A+Q/QU1OY
27AmcVYqt9Lhzczf9Se1XSRKr11sEdplOoA4fQxq+G/RUWIwIlQGhXtAUzbzwVRO
ZuOAiYE0uzk0va9xZa2Fymk7puv7phANFhvGQa86PL2yeH31ryDV9EAxY7ETk60U
VCwOfpiPZfwMZYSKQMJmI33PnIp5ZVW1Ii2zZNIsryXHUCJNsw0cSYY0w/gO2cxQ
R4RB4MRtVVIDWAdmwh1Q3dr+7Ie+w9W2kNUJdVEwLqemUntbChI2viFciwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJ+4QRH8+Li0sLUSyzYv207ZHI+eMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvbjdoQkVmejR1TFN3dFJMTE5pX2JUdGtjajU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQA1IYuAwQA
1IY0AwQA1IY2AwQA1IZeAwQC1IZ8AwQC1IakAwQB1IasAwQC1IbQAwQC1IbgAwQB
1IdMAwQA1IevMA0GCSqGSIb3DQEBCwUAA4IBAQAwoPrPUCuXEkOtqZ4hXrRdtGE8
zGvHbyr2o04VoKaAaKFa25QanHZhKTcCpOiY0vEc9oiC8Nm3DPINIDQ5kGQBYWie
Bf2qcztk1HeOE1jLhgjirXl1ayZ2JfMtbJ4nyWtSnIQawvrCIc+4ZD1p1PG8WpCs
Yvuaw66OgGpsMgqj5KOIC6RRfRmXZjb2ef4qrlQp/rdyuIYYiHYjQ0kHyY1BQQEo
ysusckpKHYONnM5LVo7275/QyUWf9skGiNw+KWbJxtuZ/30GnDda7A7exJfBLMLi
OCi265XFN6mq3KszhA/wRIgiLvAv8M8N301ivxi8H10IvZqzwjGdqMfet8R9
-----END CERTIFICATE-----
Generated at Wed May 13 00:31:08 2026 by rpki-client