Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4yBYGeLdEBZ4myy3s1u5S0ViuFQ.roa
File: 4yBYGeLdEBZ4myy3s1u5S0ViuFQ.roa (raw, json)
Hash identifier: wlDHuegV4M7JtBlGuKpD3qL/HeCX+JOyclV5W47KbME=
Subject key identifier: E3:20:58:19:E2:DD:10:16:78:9B:2C:B7:B3:5B:B9:4B:45:62:B8:54
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D729291E23D4A737EE7CB16B5E0CC2BF9
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4yBYGeLdEBZ4myy3s1u5S0ViuFQ.roa
Signing time: Thu 09 Apr 2026 14:08:21 +0000
ROA not before: Thu 09 Apr 2026 14:08:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20172
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:91:e2:3d:4a:73:7e:e7:cb:16:b5:e0:cc:2b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e3205819e2dd1016789b2cb7b35bb94b4562b854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:62:68:b2:e2:9a:78:99:bf:05:1a:a3:18:63:
24:48:8e:1f:89:ca:86:51:58:de:8e:14:f4:dc:0b:
80:bf:d1:27:bf:e1:c2:09:28:58:cf:aa:38:f8:62:
40:f1:d2:cd:eb:0d:c8:bd:47:28:55:30:b6:44:df:
78:76:1c:3a:a6:5f:f9:9a:4a:b3:49:a8:3c:9b:6b:
6f:af:79:30:9f:7e:3b:f4:40:02:2c:7b:13:1e:f3:
7d:c0:7d:3c:c1:18:62:9b:c9:97:bf:8f:ea:64:c1:
6f:79:5b:c5:48:a0:24:9d:03:63:d4:26:74:0a:5a:
59:3e:c6:8a:f6:05:da:c8:9a:c4:36:c0:b4:05:8a:
80:d0:2d:ed:17:80:70:eb:35:66:ae:1c:66:10:9f:
0f:ec:22:08:83:0c:5e:03:4e:8b:cf:c7:b1:29:92:
de:5b:7a:2c:fa:35:37:5a:b4:2d:d5:c9:49:0c:dc:
f8:b3:83:0a:c7:67:17:9a:95:77:5d:64:35:91:90:
85:8b:19:b9:08:98:e1:e4:81:2c:ac:9a:ad:31:c7:
12:fc:aa:8e:15:51:d4:d3:29:6e:9b:4a:9e:47:e8:
77:4e:06:35:ef:57:10:41:7c:0f:a8:db:9a:72:4b:
ea:06:8e:fc:13:e2:60:6b:24:8b:33:ed:7d:07:d7:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:20:58:19:E2:DD:10:16:78:9B:2C:B7:B3:5B:B9:4B:45:62:B8:54
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4yBYGeLdEBZ4myy3s1u5S0ViuFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
59:c5:69:2e:88:c9:e6:8c:9f:41:19:f0:23:97:ba:b2:68:02:
97:43:be:f9:50:5d:54:96:0c:40:d8:dd:e7:6b:24:61:ee:f4:
9f:60:da:42:d6:d1:a8:fe:b5:a6:7f:f8:ee:a7:22:5e:3e:20:
94:9d:97:1a:b0:4e:8e:3f:71:e2:a2:03:3c:d3:cb:71:fb:6d:
10:21:46:3a:90:67:8c:eb:5f:d9:16:f9:5e:be:73:32:1c:ff:
c7:67:45:f9:7a:33:69:eb:d5:5d:96:22:54:10:86:f7:57:1a:
05:34:98:47:df:4c:e3:9b:5a:37:b0:68:f2:b8:f3:c1:60:4b:
dc:3c:b7:cc:d2:93:ba:a1:26:4b:d3:6e:44:1a:32:ab:51:e4:
5d:78:a7:e9:29:a3:94:f4:8e:94:0f:72:15:3b:b1:73:7b:20:
60:df:d5:31:b2:30:a9:97:f9:1b:44:4e:e1:42:6a:ca:e3:fa:
aa:46:1b:a7:ed:47:64:4c:11:cf:be:07:c6:56:11:59:3e:cb:
40:6e:f2:15:24:24:4a:ef:f4:da:d1:ea:fe:d7:63:4d:8e:83:
85:fa:9b:ff:20:33:79:43:43:59:d1:e3:58:d7:3c:ce:39:73:
49:93:f9:9c:26:92:d4:8d:45:36:69:b1:42:d4:19:17:07:bc:
92:bb:89:68
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykpHiPUpzfufLFrXgzCv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzIwNTgxOWUyZGQxMDE2Nzg5YjJjYjdiMzViYjk0YjQ1NjJiODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmJosuKaeJm/BRqjGGMkSI4ficqG
UVjejhT03AuAv9Env+HCCShYz6o4+GJA8dLN6w3IvUcoVTC2RN94dhw6pl/5mkqz
Sag8m2tvr3kwn3479EACLHsTHvN9wH08wRhim8mXv4/qZMFveVvFSKAknQNj1CZ0
ClpZPsaK9gXayJrENsC0BYqA0C3tF4Bw6zVmrhxmEJ8P7CIIgwxeA06Lz8exKZLe
W3os+jU3WrQt1clJDNz4s4MKx2cXmpV3XWQ1kZCFixm5CJjh5IEsrJqtMccS/KqO
FVHU0ylum0qeR+h3TgY171cQQXwPqNuackvqBo78E+JgaySLM+19B9dsSQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOMgWBni3RAWeJsst7NbuUtFYrhUMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvNHlCWUdlTGRFQlo0bXl5M3MxdTVTMFZpdUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAFnFaS6IyeaM
n0EZ8COXurJoApdDvvlQXVSWDEDY3edrJGHu9J9g2kLW0aj+taZ/+O6nIl4+IJSd
lxqwTo4/ceKiAzzTy3H7bRAhRjqQZ4zrX9kW+V6+czIc/8dnRfl6M2nr1V2WIlQQ
hvdXGgU0mEffTOObWjewaPK488FgS9w8t8zSk7qhJkvTbkQaMqtR5F14p+kpo5T0
jpQPchU7sXN7IGDf1TGyMKmX+RtETuFCasrj+qpGG6ftR2RMEc++B8ZWEVk+y0Bu
8hUkJErv9NrR6v7XY02Og4X6m/8gM3lDQ1nR41jXPM45c0mT+ZwmktSNRTZpsULU
GRcHvJK7iWg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:18 2026 by rpki-client