Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/23igjR7vHBgzFQlOPo7NkfYmI4s.roa
File: 23igjR7vHBgzFQlOPo7NkfYmI4s.roa (raw, json)
Hash identifier: BnQXt4WxKOARSn7ITHS8qaT+NQWQYJCePex2qID7OTI=
Subject key identifier: DB:78:A0:8D:1E:EF:1C:18:33:15:09:4E:3E:8E:CD:91:F6:26:23:8B
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B800525DEDAF32523A65FFDB5351
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/23igjR7vHBgzFQlOPo7NkfYmI4s.roa
Signing time: Thu 09 Apr 2026 14:08:31 +0000
ROA not before: Thu 09 Apr 2026 14:08:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396599
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b8:00:52:5d:ed:af:32:52:3a:65:ff:db:53:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db78a08d1eef1c183315094e3e8ecd91f626238b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:33:be:aa:e5:d9:36:80:3f:05:58:24:34:
74:22:09:a1:49:78:01:4b:6d:c6:c6:f9:77:bf:ce:
21:79:c8:c5:a5:88:ed:85:51:e2:a4:a6:22:e4:28:
a1:36:fc:c0:a0:09:cd:ef:13:78:8c:51:f2:01:9f:
7d:d3:d5:62:5d:48:d1:c2:a3:f4:b6:8f:b8:cc:04:
72:98:93:ff:32:30:da:f9:d2:b3:ea:ca:e0:a0:a7:
b5:9a:5f:95:5e:ec:f0:2d:02:64:1b:15:ec:de:ad:
57:9e:f1:1c:47:c1:93:bf:28:f6:5b:02:f1:6c:91:
f2:13:ee:53:58:34:f5:1c:1d:13:4c:91:26:a5:ba:
2a:8f:67:df:9a:b8:9f:7b:9a:e8:54:c7:0f:e9:77:
03:fd:9e:01:fc:05:97:67:39:8c:0e:33:77:fa:a5:
75:17:ca:c6:84:49:53:71:50:ba:5d:08:11:d8:58:
b0:ea:85:d0:e2:12:38:fc:76:5c:2a:b4:0b:01:53:
b4:34:70:a4:48:f2:fd:81:75:4b:bc:d8:f8:72:50:
d6:52:11:59:39:9d:6e:7f:9f:7b:5a:37:6c:02:29:
52:f2:0a:9e:98:65:45:c9:09:9e:67:c8:f2:8b:f8:
9d:16:b3:21:c6:b1:a6:64:27:9a:8f:4a:ab:6b:4c:
b1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:78:A0:8D:1E:EF:1C:18:33:15:09:4E:3E:8E:CD:91:F6:26:23:8B
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/23igjR7vHBgzFQlOPo7NkfYmI4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
7c:5f:b3:60:f5:8f:2e:ac:20:75:1d:9b:b4:72:b0:06:cd:f3:
6f:95:63:7d:2d:dc:93:99:af:df:9e:f9:e3:da:1d:22:32:7a:
2e:31:6b:06:f9:9c:d3:30:cd:ca:ca:04:8e:23:91:aa:ac:99:
16:4c:2a:c1:52:42:21:d9:9e:e8:db:d4:7f:17:fb:3e:4d:56:
21:f2:fb:23:bb:82:94:1d:b3:57:56:c0:ef:41:83:17:83:b4:
c8:d6:2a:8d:96:a9:25:54:cf:9b:ca:24:85:d6:a2:75:7d:53:
0b:32:0a:f1:1f:6d:fc:10:ee:62:e4:49:f3:85:09:89:3b:7a:
5b:87:08:58:e2:6e:ae:60:0c:55:55:41:8c:68:5c:63:38:df:
19:9e:b3:ee:5e:06:e9:f9:9c:81:19:9b:dd:5f:db:00:a5:f6:
15:32:33:5e:b2:da:30:50:98:20:5d:a0:6b:c0:26:98:59:2d:
d9:d5:2b:48:17:52:0e:02:01:62:51:1a:ce:8b:ad:0b:da:60:
e7:2c:b1:c5:84:e0:79:c0:bc:43:d9:ea:60:ea:8b:8e:33:8e:
dc:e4:3a:71:86:1b:52:6f:10:a9:80:8f:1f:c1:f6:07:27:3c:
c3:07:9e:cc:d7:ba:60:09:87:ae:e4:dc:5b:5c:3e:ec:0e:c5:
79:56:97:7b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrgAUl3trzJSOmX/21NRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc4YTA4ZDFlZWYxYzE4MzMxNTA5NGUzZThlY2Q5MWY2MjYyMzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuggzvqrl2TaAPwVYJDR0IgmhSXgB
S23Gxvl3v84hecjFpYjthVHipKYi5CihNvzAoAnN7xN4jFHyAZ9909ViXUjRwqP0
to+4zARymJP/MjDa+dKz6srgoKe1ml+VXuzwLQJkGxXs3q1XnvEcR8GTvyj2WwLx
bJHyE+5TWDT1HB0TTJEmpboqj2ffmrife5roVMcP6XcD/Z4B/AWXZzmMDjN3+qV1
F8rGhElTcVC6XQgR2Fiw6oXQ4hI4/HZcKrQLAVO0NHCkSPL9gXVLvNj4clDWUhFZ
OZ1uf597WjdsAilS8gqemGVFyQmeZ8jyi/idFrMhxrGmZCeaj0qra0yxrwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNt4oI0e7xwYMxUJTj6OzZH2JiOLMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvMjNpZ2pSN3ZIQmd6RlFsT1BvN05rZlltSTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAHxfs2D1jy6s
IHUdm7RysAbN82+VY30t3JOZr9+e+ePaHSIyei4xawb5nNMwzcrKBI4jkaqsmRZM
KsFSQiHZnujb1H8X+z5NViHy+yO7gpQds1dWwO9BgxeDtMjWKo2WqSVUz5vKJIXW
onV9UwsyCvEfbfwQ7mLkSfOFCYk7eluHCFjibq5gDFVVQYxoXGM43xmes+5eBun5
nIEZm91f2wCl9hUyM16y2jBQmCBdoGvAJphZLdnVK0gXUg4CAWJRGs6LrQvaYOcs
scWE4HnAvEPZ6mDqi44zjtzkOnGGG1JvEKmAjx/B9gcnPMMHnszXumAJh67k3Ftc
PuwOxXlWl3s=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:35 2026 by rpki-client