Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/5mW0kZ2adnCG_YG6lrjMQQijQzI.roa
File: 5mW0kZ2adnCG_YG6lrjMQQijQzI.roa (raw, json)
Hash identifier: SO0twDgWqbAb+/S5WNB+V5+B175JZ33fyFSIwiCiCbY=
Subject key identifier: E6:65:B4:91:9D:9A:76:70:86:FD:81:BA:96:B8:CC:41:08:A3:43:32
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C5277A628A3BDB6B5C55D3E3BAC4
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/5mW0kZ2adnCG_YG6lrjMQQijQzI.roa
Signing time: Thu 09 Apr 2026 14:08:34 +0000
ROA not before: Thu 09 Apr 2026 14:08:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397195
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c5:27:7a:62:8a:3b:db:6b:5c:55:d3:e3:ba:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e665b4919d9a767086fd81ba96b8cc4108a34332
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1b:5e:88:31:86:db:c0:77:18:e4:82:5d:80:
d2:a2:21:ef:06:be:1d:c8:9a:5c:66:2a:c5:f5:26:
67:2c:4e:7a:ef:40:8c:2b:a0:f8:2b:5c:78:e0:9a:
06:a2:4e:09:eb:57:2d:d1:40:d7:df:0c:77:69:04:
b0:59:0a:19:33:80:bb:3f:99:a8:7d:04:16:8e:99:
45:53:eb:b8:6a:b8:7f:9e:56:ca:67:1c:8d:58:d9:
9b:ce:7c:ee:f7:7c:6f:5f:96:15:95:c4:29:8c:30:
ac:e3:28:10:ea:db:dd:70:5f:64:da:8b:72:3f:ac:
0b:eb:55:cb:88:4f:61:e1:ec:d8:f0:18:9f:36:98:
cf:6d:dc:5c:7d:94:fd:55:69:7e:8a:51:af:b7:79:
b9:fe:76:1d:b5:f7:4c:9f:ed:41:4d:26:47:37:c0:
48:43:34:a9:bd:23:c7:35:72:b8:3e:6c:08:cb:d7:
9b:3c:83:e4:76:e1:b5:ba:76:00:4a:3b:a3:22:85:
e0:cf:6e:22:ce:99:84:7f:4f:e4:b2:43:9a:e0:ed:
98:9e:05:25:3f:7c:35:1d:1b:e5:03:02:aa:b9:1c:
29:f3:97:6a:b3:31:95:78:77:0d:f4:65:e3:c2:43:
f1:ce:4d:de:21:03:57:a4:5f:36:a5:ef:af:79:61:
39:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:65:B4:91:9D:9A:76:70:86:FD:81:BA:96:B8:CC:41:08:A3:43:32
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/5mW0kZ2adnCG_YG6lrjMQQijQzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
21:4d:0a:9f:e2:1f:60:48:b0:25:a9:b4:8a:55:e3:36:03:6e:
0b:9c:ea:36:14:a8:ed:19:d9:b3:c1:7e:c4:68:b9:e9:94:c1:
7c:76:f1:35:3b:29:4d:e0:da:bc:54:6f:0b:1c:21:79:c5:67:
b7:fc:d5:51:6d:2c:a2:c7:7b:da:42:d2:ae:27:01:07:1d:51:
14:cc:2f:ed:44:a1:11:aa:5e:3d:7a:d1:f4:3e:b6:ea:24:ca:
85:df:21:4b:1f:e7:07:d9:04:a9:6e:91:ee:66:26:dd:2f:89:
54:e8:d2:cc:4f:e9:86:dd:af:3b:0b:7c:e2:73:fc:b3:3a:be:
2b:37:a3:49:97:0a:b7:7b:cf:23:c7:d0:60:d0:83:80:ee:dc:
35:9a:55:ec:89:ca:7a:15:cc:bb:f2:a9:73:41:74:9e:af:ac:
22:0c:df:92:98:4d:a5:31:06:07:36:4d:16:83:e8:b3:4e:9f:
f9:91:d1:85:28:e2:0f:ef:b1:58:11:a0:3f:42:ac:ff:1d:7f:
dc:eb:31:4d:dd:4c:f3:46:f9:17:31:99:f2:9e:96:36:59:30:
17:33:14:29:8f:46:fe:d5:51:75:9a:06:a3:0d:50:59:47:29:
2a:b6:f7:23:fc:17:28:c4:70:92:45:9f:bc:11:11:c6:1f:2b:
0f:87:55:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksUnemKKO9trXFXT47rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY1YjQ5MTlkOWE3NjcwODZmZDgxYmE5NmI4Y2M0MTA4YTM0MzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxteiDGG28B3GOSCXYDSoiHvBr4d
yJpcZirF9SZnLE5670CMK6D4K1x44JoGok4J61ct0UDX3wx3aQSwWQoZM4C7P5mo
fQQWjplFU+u4arh/nlbKZxyNWNmbznzu93xvX5YVlcQpjDCs4ygQ6tvdcF9k2oty
P6wL61XLiE9h4ezY8BifNpjPbdxcfZT9VWl+ilGvt3m5/nYdtfdMn+1BTSZHN8BI
QzSpvSPHNXK4PmwIy9ebPIPkduG1unYASjujIoXgz24izpmEf0/kskOa4O2YngUl
P3w1HRvlAwKquRwp85dqszGVeHcN9GXjwkPxzk3eIQNXpF82pe+veWE5XQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOZltJGdmnZwhv2Bupa4zEEIo0MyMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvNW1XMGtaMmFkbkNHX1lHNmxyak1RUWlqUXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBACFNCp/iH2BI
sCWptIpV4zYDbguc6jYUqO0Z2bPBfsRouemUwXx28TU7KU3g2rxUbwscIXnFZ7f8
1VFtLKLHe9pC0q4nAQcdURTML+1EoRGqXj160fQ+tuokyoXfIUsf5wfZBKluke5m
Jt0viVTo0sxP6YbdrzsLfOJz/LM6vis3o0mXCrd7zyPH0GDQg4Du3DWaVeyJynoV
zLvyqXNBdJ6vrCIM35KYTaUxBgc2TRaD6LNOn/mR0YUo4g/vsVgRoD9CrP8df9zr
MU3dTPNG+RcxmfKeljZZMBczFCmPRv7VUXWaBqMNUFlHKSq29yP8FyjEcJJFn7wR
EcYfKw+HVdg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:26 2026 by rpki-client