Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4z8JEMfiXaqvrm7yt9KIPxtOPnU.roa
File: 4z8JEMfiXaqvrm7yt9KIPxtOPnU.roa (raw, json)
Hash identifier: cMhWlP7XqSLd4ZcT4dszlWegJbw2ugfV8HgpPfo0UVM=
Subject key identifier: E3:3F:09:10:C7:E2:5D:AA:AF:AE:6E:F2:B7:D2:88:3F:1B:4E:3E:75
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292CB413148E2E046B66BD3E144F474
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4z8JEMfiXaqvrm7yt9KIPxtOPnU.roa
Signing time: Thu 09 Apr 2026 14:08:36 +0000
ROA not before: Thu 09 Apr 2026 14:08:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397212
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:cb:41:31:48:e2:e0:46:b6:6b:d3:e1:44:f4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e33f0910c7e25daaafae6ef2b7d2883f1b4e3e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:61:37:39:c4:00:56:2e:b6:80:da:c7:3b:e6:
68:55:6e:06:31:73:c4:bb:b0:f3:a6:c3:ca:d7:32:
ec:10:3d:db:ff:3d:e5:95:89:e0:6b:f2:5c:7e:d8:
3d:4d:60:7c:cb:b5:dd:94:9b:fc:c1:a4:ce:0f:92:
7b:bb:fc:4d:db:3f:07:f0:57:89:00:de:b8:09:e0:
bb:f6:3a:12:63:9d:5a:fc:d8:6d:69:c5:21:e2:56:
52:61:c7:85:c0:6b:fd:c1:a9:7f:8b:fb:78:50:ff:
e4:b7:e7:93:28:74:f6:56:2e:36:e2:bc:55:fa:95:
d5:ff:fe:06:f2:56:b4:47:2c:56:bd:39:6b:16:cc:
8a:a6:19:3c:25:e4:ee:89:01:b8:62:93:06:3d:38:
5b:df:19:e0:ca:5e:25:f4:c3:ee:76:e2:9b:d9:55:
76:d2:95:57:3d:e7:62:d3:5f:b2:95:f5:3e:10:d8:
40:de:d2:81:1d:39:06:99:67:30:30:22:4f:14:7a:
e6:60:65:af:1d:70:27:a7:17:92:62:01:79:f2:98:
6d:a8:91:9a:94:14:8b:6a:24:26:f2:76:37:56:85:
18:89:2f:d6:7a:98:3e:5e:5f:1e:8d:04:5a:98:9d:
66:e1:bb:00:cc:ed:29:10:a2:c1:e2:65:1b:ea:97:
08:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3F:09:10:C7:E2:5D:AA:AF:AE:6E:F2:B7:D2:88:3F:1B:4E:3E:75
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/4z8JEMfiXaqvrm7yt9KIPxtOPnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
3b:50:1d:0f:37:95:a6:d8:1f:4e:fe:a9:c0:6c:c7:fa:fc:5f:
db:2f:d2:73:92:6e:53:8c:95:c6:af:ef:e2:bf:a4:2f:59:76:
f9:08:89:a9:65:64:eb:e5:86:2b:64:45:2c:bc:3c:6f:67:14:
b2:d4:6b:12:b6:c5:56:64:86:6c:d0:58:98:10:2e:1c:2a:c4:
79:07:3a:18:57:ea:23:99:0b:75:d2:ec:97:00:ad:7a:04:a8:
26:1e:97:0d:75:34:e5:60:d5:35:d6:da:08:4a:3c:18:db:46:
cf:c3:e2:df:ec:1e:d2:21:32:5b:06:38:23:6b:60:43:e3:bf:
83:21:0f:ea:b5:5a:7d:ae:82:3c:7d:25:73:bf:99:74:bc:85:
93:ef:1e:14:ce:69:1b:8d:a5:02:8d:88:bf:ca:da:a5:45:2b:
82:fe:4d:da:4d:07:b7:10:b7:1c:66:4f:b8:0e:1e:7c:4b:9e:
bd:00:e1:6b:9c:e9:03:54:7a:09:c7:ea:c0:f7:15:de:29:41:
94:3e:e7:5d:22:32:9d:8b:b9:58:24:1d:17:cc:5a:69:61:bd:
39:56:0c:97:ca:dc:e5:29:7f:f9:13:dd:86:32:a3:d8:33:22:
b1:aa:ad:7e:97:46:9f:b4:0e:52:c2:1e:88:23:41:1b:ba:42:
96:f2:79:e7
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykstBMUji4Ea2a9PhRPR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzNmMDkxMGM3ZTI1ZGFhYWZhZTZlZjJiN2QyODgzZjFiNGUzZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GE3OcQAVi62gNrHO+ZoVW4GMXPE
u7DzpsPK1zLsED3b/z3llYnga/Jcftg9TWB8y7XdlJv8waTOD5J7u/xN2z8H8FeJ
AN64CeC79joSY51a/NhtacUh4lZSYceFwGv9wal/i/t4UP/kt+eTKHT2Vi424rxV
+pXV//4G8la0RyxWvTlrFsyKphk8JeTuiQG4YpMGPThb3xngyl4l9MPuduKb2VV2
0pVXPedi01+ylfU+ENhA3tKBHTkGmWcwMCJPFHrmYGWvHXAnpxeSYgF58phtqJGa
lBSLaiQm8nY3VoUYiS/Wepg+Xl8ejQRamJ1m4bsAzO0pEKLB4mUb6pcIrQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOM/CRDH4l2qr65u8rfSiD8bTj51MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvNHo4SkVNZmlYYXF2cm03eXQ5S0lQeHRPUG5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBADtQHQ83labY
H07+qcBsx/r8X9sv0nOSblOMlcav7+K/pC9ZdvkIiallZOvlhitkRSy8PG9nFLLU
axK2xVZkhmzQWJgQLhwqxHkHOhhX6iOZC3XS7JcArXoEqCYelw11NOVg1TXW2ghK
PBjbRs/D4t/sHtIhMlsGOCNrYEPjv4MhD+q1Wn2ugjx9JXO/mXS8hZPvHhTOaRuN
pQKNiL/K2qVFK4L+TdpNB7cQtxxmT7gOHnxLnr0A4Wuc6QNUegnH6sD3Fd4pQZQ+
510iMp2LuVgkHRfMWmlhvTlWDJfK3OUpf/kT3YYyo9gzIrGqrX6XRp+0DlLCHogj
QRu6Qpbyeec=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:39 2026 by rpki-client