Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/8AdeXwODd0iHhETkzq-Jgn-9DGc.roa
File: 8AdeXwODd0iHhETkzq-Jgn-9DGc.roa (raw, json)
Hash identifier: eLNcFcJTVyklNVKj7VY/JOFtmO8zWjMsSDmUvj4v74c=
Subject key identifier: F0:07:5E:5F:03:83:77:48:87:84:44:E4:CE:AF:89:82:7F:BD:0C:67
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292AF1C71270316A516CB339BB7E905
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/8AdeXwODd0iHhETkzq-Jgn-9DGc.roa
Signing time: Thu 09 Apr 2026 14:08:28 +0000
ROA not before: Thu 09 Apr 2026 14:08:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396581
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:af:1c:71:27:03:16:a5:16:cb:33:9b:b7:e9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f0075e5f03837748878444e4ceaf89827fbd0c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:80:5b:a7:14:e7:b1:11:91:d1:fd:78:5e:
2f:8b:8c:cf:75:8b:5b:12:66:2c:b5:ab:73:35:f0:
dd:a4:45:ff:02:ab:5f:a9:a5:57:30:ad:99:57:f2:
8a:4e:a0:df:85:3a:b0:a8:a7:c9:67:df:c6:17:c0:
94:ad:ac:92:34:bd:3b:82:fe:f5:46:c4:bd:e1:ff:
ee:66:ab:48:9c:ee:2b:63:84:2d:56:95:3a:3d:2c:
73:89:af:76:6d:98:46:f0:bd:6b:95:83:cf:5a:17:
fa:ec:1c:cb:0f:76:f1:97:a7:c0:d7:ab:cd:03:1f:
78:38:bc:91:d6:70:64:a3:e7:32:9b:86:98:6e:d7:
0a:ef:56:4c:a8:e2:e9:9c:44:83:2f:00:89:ab:ed:
d0:c3:e1:03:ea:20:a2:c5:55:9c:4a:65:fa:31:31:
41:ee:59:35:36:cc:d3:36:3d:65:1e:40:97:81:22:
c5:38:0e:6f:8b:bc:4b:33:44:c0:c4:b5:fe:09:56:
fe:f5:e9:59:8f:09:01:14:70:8c:2a:e5:36:23:2b:
d1:1d:b9:f2:bc:f7:36:64:1d:34:fa:40:12:c0:07:
bb:f5:46:46:33:8d:ab:d5:86:ae:47:11:fa:cc:d4:
91:40:6a:04:5b:66:44:74:20:7e:bc:d9:c5:c8:6b:
a6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:07:5E:5F:03:83:77:48:87:84:44:E4:CE:AF:89:82:7F:BD:0C:67
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/8AdeXwODd0iHhETkzq-Jgn-9DGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
54:8e:94:4c:f7:25:d5:d8:88:e2:cb:95:e7:6b:e7:a6:c9:be:
e9:25:22:d5:d0:61:17:5f:66:d1:4f:8e:65:4e:98:5b:58:7f:
7d:98:d5:55:a8:a7:c6:05:c9:9e:a7:3f:60:90:75:7b:9e:80:
b8:27:0c:03:a2:8f:ef:a4:6b:78:b1:07:97:b6:08:6f:01:7f:
44:f0:32:e4:34:f7:90:5e:d6:ae:b2:ca:ef:96:a5:d9:de:3a:
77:37:3b:29:ff:81:f3:4e:2e:d3:38:ca:df:20:c4:0f:b8:95:
ea:1c:59:4e:0a:74:b8:d3:1a:1e:b1:6a:1f:46:d8:ba:73:61:
3a:34:77:23:40:85:b6:fc:b7:45:f2:35:06:7e:58:72:1c:04:
1d:83:b8:c2:1f:45:6c:a1:c2:b0:cc:0f:6e:d9:a2:21:37:23:
a5:ea:58:ab:21:bc:6d:7c:bd:db:ef:42:9f:29:ae:4d:fb:0d:
5f:45:3a:12:3d:3b:b2:ee:13:7c:b6:8c:13:46:86:4b:27:8b:
63:59:6a:11:d2:51:f3:64:00:f0:a8:60:1e:a4:55:a0:75:1d:
f7:4d:97:8a:22:a2:a1:4e:41:86:d4:aa:9a:f6:7f:85:fc:7d:
db:3b:30:af:c7:e8:1b:2b:ee:23:72:f1:92:fa:a1:d0:37:9a:
14:8a:27:52
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykq8ccScDFqUWyzObt+kFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDA3NWU1ZjAzODM3NzQ4ODc4NDQ0ZTRjZWFmODk4MjdmYmQwYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuqAW6cU57ERkdH9eF4vi4zPdYtb
EmYstatzNfDdpEX/AqtfqaVXMK2ZV/KKTqDfhTqwqKfJZ9/GF8CUraySNL07gv71
RsS94f/uZqtInO4rY4QtVpU6PSxzia92bZhG8L1rlYPPWhf67BzLD3bxl6fA16vN
Ax94OLyR1nBko+cym4aYbtcK71ZMqOLpnESDLwCJq+3Qw+ED6iCixVWcSmX6MTFB
7lk1NszTNj1lHkCXgSLFOA5vi7xLM0TAxLX+CVb+9elZjwkBFHCMKuU2IyvRHbny
vPc2ZB00+kASwAe79UZGM42r1YauRxH6zNSRQGoEW2ZEdCB+vNnFyGumbQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPAHXl8Dg3dIh4RE5M6viYJ/vQxnMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvOEFkZVh3T0RkMGlIaEVUa3pxLUpnbi05REdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAFSOlEz3JdXY
iOLLledr56bJvuklItXQYRdfZtFPjmVOmFtYf32Y1VWop8YFyZ6nP2CQdXuegLgn
DAOij++ka3ixB5e2CG8Bf0TwMuQ095Be1q6yyu+WpdneOnc3Oyn/gfNOLtM4yt8g
xA+4leocWU4KdLjTGh6xah9G2LpzYTo0dyNAhbb8t0XyNQZ+WHIcBB2DuMIfRWyh
wrDMD27ZoiE3I6XqWKshvG18vdvvQp8prk37DV9FOhI9O7LuE3y2jBNGhksni2NZ
ahHSUfNkAPCoYB6kVaB1HfdNl4oioqFOQYbUqpr2f4X8fds7MK/H6Bsr7iNy8ZL6
odA3mhSKJ1I=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:11 2026 by rpki-client