Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CovujN_8EO40_HAzr4k9uu83HzQ.roa
File: CovujN_8EO40_HAzr4k9uu83HzQ.roa (raw, json)
Hash identifier: 2zmQ8uouGkKw2eb1W3x/0TyJqF12PZserStmvwRSAgc=
Subject key identifier: 0A:8B:EE:8C:DF:FC:10:EE:34:FC:70:33:AF:89:3D:BA:EF:37:1F:34
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292BB2E2D0884D66CCBF95E063E6D7E
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CovujN_8EO40_HAzr4k9uu83HzQ.roa
Signing time: Thu 09 Apr 2026 14:08:31 +0000
ROA not before: Thu 09 Apr 2026 14:08:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396605
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:bb:2e:2d:08:84:d6:6c:cb:f9:5e:06:3e:6d:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a8bee8cdffc10ee34fc7033af893dbaef371f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:44:34:02:47:a0:d9:d9:cc:f9:79:22:49:40:
9d:06:43:c1:85:51:c4:24:57:fa:c8:f8:b8:65:ae:
f4:22:13:85:d6:03:4e:65:5a:6f:ee:ff:65:2c:8f:
96:93:44:03:33:68:f5:7b:43:ed:34:44:3b:9b:f3:
9c:9b:5e:eb:94:b5:e5:e8:c2:aa:94:cc:86:96:e5:
f2:76:22:a8:86:67:37:38:2b:00:35:c2:d6:68:26:
ce:c9:e5:97:50:99:23:0c:5f:83:41:4a:f2:57:17:
6f:02:95:15:7b:a2:7a:c7:28:a8:67:55:be:80:87:
fa:80:58:cf:14:17:a0:94:30:c1:6e:45:aa:07:aa:
2f:24:e1:f5:aa:00:78:72:a6:21:08:0b:d1:88:61:
e8:00:98:42:b8:5e:ac:ae:4c:5a:32:fb:4c:76:96:
67:c6:23:87:77:9e:8f:14:5e:0d:dc:43:46:fd:8a:
ad:41:32:81:06:de:c6:1f:69:40:c1:1c:b6:ea:11:
1f:76:62:6b:cf:23:53:7b:70:66:fc:a4:37:3e:4f:
46:d1:ab:bc:35:96:b4:af:00:46:dc:e7:06:0f:3f:
44:46:48:94:6c:7b:7a:ec:63:54:26:9a:e3:68:1e:
0c:68:66:7d:10:98:3e:ec:e6:a9:44:be:65:a3:8d:
4d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:8B:EE:8C:DF:FC:10:EE:34:FC:70:33:AF:89:3D:BA:EF:37:1F:34
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CovujN_8EO40_HAzr4k9uu83HzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
6b:9c:7d:fb:cf:31:e3:ff:75:f5:de:ca:1e:50:27:be:ec:8a:
79:93:55:60:33:fc:47:a7:d1:08:09:3a:70:32:73:6e:3f:8e:
3b:67:42:3b:3c:f9:f3:4b:a1:f1:20:91:40:d6:fb:26:21:ac:
25:7b:51:34:a5:79:fc:a5:af:80:65:1d:08:3f:3b:d2:ad:79:
0c:b4:21:ed:00:1e:dc:3f:ea:fc:70:a4:fe:dd:f8:7b:da:58:
0f:41:f9:50:21:d4:93:83:b4:24:9c:56:1e:56:94:44:60:4f:
7d:6f:61:2f:31:08:a0:ae:7e:bf:3a:11:f5:5d:14:4c:e7:0c:
0b:a9:a8:2d:a8:f6:4f:af:ac:aa:b1:f6:1e:3d:86:e0:b2:6e:
1b:eb:0d:c1:46:a3:04:a6:6a:ac:be:91:bf:69:cc:ff:37:86:
92:0c:2f:5a:98:bf:bb:7e:26:ed:14:d2:b4:05:47:4c:8f:90:
da:4e:c7:c1:ce:dc:2c:07:c4:d0:f9:83:7d:ca:2f:74:7c:7f:
45:66:8b:4a:10:3c:6e:a2:9a:ae:12:da:92:c0:0f:2b:45:a4:
5d:53:89:ab:8a:db:bc:0e:3a:5f:de:e3:2f:25:d5:c2:46:7f:
d9:3c:51:f4:97:d8:86:9f:fb:33:de:2e:66:a1:be:37:b3:a0:
a7:b3:1e:49
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrsuLQiE1mzL+V4GPm1+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYThiZWU4Y2RmZmMxMGVlMzRmYzcwMzNhZjg5M2RiYWVmMzcxZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkQ0Akeg2dnM+XkiSUCdBkPBhVHE
JFf6yPi4Za70IhOF1gNOZVpv7v9lLI+Wk0QDM2j1e0PtNEQ7m/Ocm17rlLXl6MKq
lMyGluXydiKohmc3OCsANcLWaCbOyeWXUJkjDF+DQUryVxdvApUVe6J6xyioZ1W+
gIf6gFjPFBeglDDBbkWqB6ovJOH1qgB4cqYhCAvRiGHoAJhCuF6srkxaMvtMdpZn
xiOHd56PFF4N3ENG/YqtQTKBBt7GH2lAwRy26hEfdmJrzyNTe3Bm/KQ3Pk9G0au8
NZa0rwBG3OcGDz9ERkiUbHt67GNUJprjaB4MaGZ9EJg+7OapRL5lo41NoQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAqL7ozf/BDuNPxwM6+JPbrvNx80MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvQ292dWpOXzhFTzQwX0hBenI0azl1dTgzSHpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAGucffvPMeP/
dfXeyh5QJ77sinmTVWAz/Een0QgJOnAyc24/jjtnQjs8+fNLofEgkUDW+yYhrCV7
UTSlefylr4BlHQg/O9KteQy0Ie0AHtw/6vxwpP7d+HvaWA9B+VAh1JODtCScVh5W
lERgT31vYS8xCKCufr86EfVdFEznDAupqC2o9k+vrKqx9h49huCybhvrDcFGowSm
aqy+kb9pzP83hpIML1qYv7t+Ju0U0rQFR0yPkNpOx8HO3CwHxND5g33KL3R8f0Vm
i0oQPG6imq4S2pLADytFpF1TiauK27wOOl/e4y8l1cJGf9k8UfSX2Iaf+zPeLmah
vjezoKezHkk=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:19:49 2026 by rpki-client