Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/a-k-PpKc_hbf1tf8ym45DzWV9JI.roa
File: a-k-PpKc_hbf1tf8ym45DzWV9JI.roa (raw, json)
Hash identifier: CGjB95jiiaCzW7zL6nSnhujYT7ypy6568fnCUOok1Hk=
Subject key identifier: 6B:E9:3E:3E:92:9C:FE:16:DF:D6:D7:FC:CA:6E:39:0F:35:95:F4:92
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 019883EC056955831684F08BFBCB8BD3A246
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/a-k-PpKc_hbf1tf8ym45DzWV9JI.roa
Signing time: Thu 07 Aug 2025 09:45:39 +0000
ROA not before: Thu 07 Aug 2025 09:45:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 212.68.164.0/22 maxlen: 22
212.68.164.0/24 maxlen: 24
212.68.165.0/24 maxlen: 24
212.68.166.0/24 maxlen: 24
212.68.167.0/24 maxlen: 24
212.68.168.0/22 maxlen: 22
212.68.168.0/24 maxlen: 24
212.68.169.0/24 maxlen: 24
212.68.170.0/24 maxlen: 24
212.68.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:ec:05:69:55:83:16:84:f0:8b:fb:cb:8b:d3:a2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Aug 7 09:45:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6be93e3e929cfe16dfd6d7fcca6e390f3595f492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d7:bb:b9:71:f5:9d:8f:df:0b:2a:b6:3b:11:
a3:66:5e:5d:dd:aa:ec:ec:6b:53:a1:0c:16:b6:a5:
b6:b8:af:51:e7:10:d7:7a:09:9d:25:3e:41:62:18:
ca:4a:46:ed:19:fa:b0:fb:de:80:dc:58:ef:3f:a0:
15:87:c8:7e:15:43:28:3f:b6:9c:88:b5:26:5d:3c:
01:c6:c4:eb:d7:ca:10:dd:08:f1:fa:3d:a5:ed:af:
9b:e7:7a:6a:de:f0:d4:8b:32:6a:a6:e5:a6:b5:4f:
7b:7d:bb:01:94:75:4a:d5:a9:f3:1d:f8:04:3b:87:
06:79:03:f2:19:ab:d6:5e:51:f8:91:b7:1f:b0:db:
12:8b:4b:20:8d:1f:cc:ef:6f:36:7f:b6:b8:50:9a:
a8:41:42:2f:e7:d2:88:b9:dc:3e:fd:bc:bf:30:34:
7f:13:f5:e9:6a:8d:47:76:63:8a:c2:ba:55:71:56:
bf:b6:d8:39:c0:fc:8b:73:62:36:9f:4c:57:33:f6:
a0:1b:05:af:61:31:1d:e2:b4:3f:af:9a:22:26:26:
c3:17:2e:a2:8e:c1:09:3d:95:dd:74:d5:24:b7:a7:
19:ac:af:83:8a:2a:46:b6:16:0f:74:75:4a:c6:9a:
62:9a:8c:02:94:1a:29:e5:aa:18:62:36:61:21:fc:
00:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E9:3E:3E:92:9C:FE:16:DF:D6:D7:FC:CA:6E:39:0F:35:95:F4:92
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/a-k-PpKc_hbf1tf8ym45DzWV9JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.164.0-212.68.171.255
Signature Algorithm: sha256WithRSAEncryption
0c:a4:d8:11:59:2e:ea:62:b1:6f:d6:bd:fe:22:b2:30:e0:9a:
b4:ea:1e:e3:89:8e:66:7e:1b:46:ad:69:3f:ed:d5:4c:e6:d2:
72:19:a0:13:f5:92:90:b1:06:df:0a:c5:1e:79:9d:ad:a8:09:
ad:9f:c2:c5:0e:e2:71:10:9a:3f:ff:02:5c:0c:3c:01:43:2c:
91:a9:a9:2e:04:55:76:b1:80:23:49:a1:d1:f6:21:7d:5a:0f:
a4:7b:95:5c:6b:7f:b4:11:5a:bc:59:72:24:41:d9:3c:23:e1:
e1:7b:23:1d:be:52:4f:46:58:05:bd:ac:64:cc:7c:13:20:33:
8d:50:b2:64:66:99:42:9f:0b:e2:7c:3f:a1:a5:64:e7:f3:25:
c6:11:97:f9:15:2b:85:97:57:1e:96:72:c6:23:c1:f6:39:b3:
70:07:fc:ff:dd:c5:08:47:2f:4f:53:c2:77:85:ed:bb:77:b3:
b4:49:82:df:1f:c7:2f:7e:a3:5c:b2:b3:66:81:bf:b9:16:fa:
d7:07:4e:4c:4e:2d:50:1c:e5:7a:d4:0e:f8:08:4c:f0:3b:01:
5e:a6:0d:10:a4:c0:eb:47:ea:38:0f:24:fe:bb:86:39:ba:31:
0d:6f:ec:b9:ad:ef:07:9c:3a:fb:8c:09:24:cc:d4:7f:6c:56:
2e:f2:ac:2c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZiD7AVpVYMWhPCL+8uL06JGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjUwODA3MDk0NTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmU5M2UzZTkyOWNmZTE2ZGZkNmQ3ZmNjYTZlMzkwZjM1OTVmNDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0te7uXH1nY/fCyq2OxGjZl5d3ars
7GtToQwWtqW2uK9R5xDXegmdJT5BYhjKSkbtGfqw+96A3FjvP6AVh8h+FUMoP7ac
iLUmXTwBxsTr18oQ3Qjx+j2l7a+b53pq3vDUizJqpuWmtU97fbsBlHVK1anzHfgE
O4cGeQPyGavWXlH4kbcfsNsSi0sgjR/M7282f7a4UJqoQUIv59KIudw+/by/MDR/
E/Xpao1HdmOKwrpVcVa/ttg5wPyLc2I2n0xXM/agGwWvYTEd4rQ/r5oiJibDFy6i
jsEJPZXddNUkt6cZrK+DiipGthYPdHVKxppimowClBop5aoYYjZhIfwA2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGvpPj6SnP4W39bX/MpuOQ81lfSSMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvYS1rLVBwS2NfaGJmMXRmOHltNDVEeldWOUpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALURKQD
BALURKgwDQYJKoZIhvcNAQELBQADggEBAAyk2BFZLupisW/Wvf4isjDgmrTqHuOJ
jmZ+G0ataT/t1Uzm0nIZoBP1kpCxBt8KxR55na2oCa2fwsUO4nEQmj//AlwMPAFD
LJGpqS4EVXaxgCNJodH2IX1aD6R7lVxrf7QRWrxZciRB2Twj4eF7Ix2+Uk9GWAW9
rGTMfBMgM41QsmRmmUKfC+J8P6GlZOfzJcYRl/kVK4WXVx6WcsYjwfY5s3AH/P/d
xQhHL09TwneF7bt3s7RJgt8fxy9+o1yys2aBv7kW+tcHTkxOLVAc5XrUDvgITPA7
AV6mDRCkwOtH6jgPJP67hjm6MQ1v7Lmt7wecOvuMCSTM1H9sVi7yrCw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:06 2025 by rpki-client