Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/7PdHKz4IKNpnLg9p1h-Crt936II.roa
File: 7PdHKz4IKNpnLg9p1h-Crt936II.roa (raw, json)
Hash identifier: RQ3PTjK9/uDmb+m1dztzOKrQBUrMCmGFzp/d1VVTR7o=
Subject key identifier: EC:F7:47:2B:3E:08:28:DA:67:2E:0F:69:D6:1F:82:AE:DF:77:E8:82
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A40BFF1400C3BF2DE840AC13D7A4
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/7PdHKz4IKNpnLg9p1h-Crt936II.roa
Signing time: Thu 09 Apr 2026 14:08:26 +0000
ROA not before: Thu 09 Apr 2026 14:08:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396551
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a4:0b:ff:14:00:c3:bf:2d:e8:40:ac:13:d7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ecf7472b3e0828da672e0f69d61f82aedf77e882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0e:ea:f3:05:d9:a7:14:6c:18:f4:bc:53:d5:
2f:5f:ac:6a:8e:61:3a:f6:0c:25:d3:1c:7e:2b:27:
8d:eb:a3:99:4e:6f:54:c3:10:30:47:7c:9e:62:7a:
2c:32:9c:e8:b9:00:ae:6b:77:9e:4f:5a:6c:16:6c:
69:58:ac:2d:c3:4d:8f:bd:1c:fe:64:5f:0f:94:26:
1d:a8:de:62:2d:eb:cb:c4:05:10:75:81:b4:de:b2:
2b:ab:20:58:bd:cd:13:f6:22:43:f8:98:9d:e9:69:
f3:50:51:27:fd:8e:bf:ac:82:39:13:27:07:27:da:
c1:f3:ee:a0:29:69:3b:50:49:23:8d:f6:f6:d7:70:
2a:f4:d3:99:90:1b:87:17:9b:3c:5d:15:7a:1a:5c:
ca:81:6e:97:24:69:6b:ab:b2:0e:3b:fe:b0:a7:79:
33:a7:5a:18:ec:07:9e:68:fa:a5:f3:99:83:9c:1a:
84:b4:e5:9f:57:27:b8:50:11:79:05:27:65:9c:ef:
a7:b1:2e:fc:f6:68:3d:56:55:2e:a0:52:64:af:d7:
bc:00:b8:21:51:ad:5f:fc:88:85:8f:a9:f4:be:d5:
55:2e:a6:e4:6b:1f:e5:77:3b:46:7c:51:b7:21:9d:
cb:41:c6:52:3f:00:6d:25:0b:ba:36:a2:fd:98:a8:
ce:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F7:47:2B:3E:08:28:DA:67:2E:0F:69:D6:1F:82:AE:DF:77:E8:82
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/7PdHKz4IKNpnLg9p1h-Crt936II.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
79:b2:79:a5:48:24:93:02:4d:d6:47:ac:a7:ea:fc:8c:70:33:
0c:59:33:f9:7d:6a:44:ca:10:3d:4f:5d:96:38:31:34:c9:b0:
5b:8d:f4:f6:18:de:c4:bf:e3:0a:43:9c:4b:8d:6f:17:ba:a3:
bb:dc:3c:d2:b6:75:7c:f1:5c:a2:1b:2e:de:b5:69:e7:16:c7:
50:79:d6:ec:ba:85:45:94:59:4b:d4:dd:92:7e:6e:f1:5c:7c:
3b:75:20:2e:a5:d5:08:26:a1:8a:1c:85:d6:7f:f5:12:6c:91:
33:e5:3c:33:4e:ad:24:1b:4d:21:a3:fd:07:b4:91:cd:52:14:
2b:8a:68:a7:fa:2f:2f:1c:2a:61:a4:c3:05:71:54:1d:52:b6:
7b:9f:07:33:46:14:e3:45:5e:91:bd:8f:61:86:6c:ab:11:c2:
4a:43:19:bc:34:2f:7f:30:a9:16:53:b1:8a:7a:98:6f:6b:7d:
8f:82:a3:a7:56:61:01:9a:f6:8b:37:8a:d9:49:2d:83:7a:6b:
41:27:38:1e:fa:93:59:48:64:7f:45:e8:05:69:6a:ba:9b:9e:
d9:2c:63:55:ef:77:57:eb:7e:1f:0a:5d:ee:ad:e6:54:b9:ad:
f2:6e:64:9c:43:70:78:82:05:14:31:6c:ad:49:b4:9b:fa:ab:
18:84:a2:f6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqQL/xQAw78t6ECsE9ekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Y3NDcyYjNlMDgyOGRhNjcyZTBmNjlkNjFmODJhZWRmNzdlODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg7q8wXZpxRsGPS8U9UvX6xqjmE6
9gwl0xx+KyeN66OZTm9UwxAwR3yeYnosMpzouQCua3eeT1psFmxpWKwtw02PvRz+
ZF8PlCYdqN5iLevLxAUQdYG03rIrqyBYvc0T9iJD+Jid6WnzUFEn/Y6/rII5EycH
J9rB8+6gKWk7UEkjjfb213Aq9NOZkBuHF5s8XRV6GlzKgW6XJGlrq7IOO/6wp3kz
p1oY7AeeaPql85mDnBqEtOWfVye4UBF5BSdlnO+nsS789mg9VlUuoFJkr9e8ALgh
Ua1f/IiFj6n0vtVVLqbkax/ldztGfFG3IZ3LQcZSPwBtJQu6NqL9mKjOFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOz3Rys+CCjaZy4PadYfgq7fd+iCMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvN1BkSEt6NElLTnBuTGc5cDFoLUNydDkzNklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAHmyeaVIJJMC
TdZHrKfq/IxwMwxZM/l9akTKED1PXZY4MTTJsFuN9PYY3sS/4wpDnEuNbxe6o7vc
PNK2dXzxXKIbLt61aecWx1B51uy6hUWUWUvU3ZJ+bvFcfDt1IC6l1QgmoYochdZ/
9RJskTPlPDNOrSQbTSGj/Qe0kc1SFCuKaKf6Ly8cKmGkwwVxVB1StnufBzNGFONF
XpG9j2GGbKsRwkpDGbw0L38wqRZTsYp6mG9rfY+Co6dWYQGa9os3itlJLYN6a0En
OB76k1lIZH9F6AVparqbntksY1Xvd1frfh8KXe6t5lS5rfJuZJxDcHiCBRQxbK1J
tJv6qxiEovY=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:17:51 2026 by rpki-client