Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/EGMYICSx82nvf8HVZVCHaJkb-4Y.roa
File: EGMYICSx82nvf8HVZVCHaJkb-4Y.roa (raw, json)
Hash identifier: q6EVXtSldh1B907v2uFCLfXVNAhlPgKlzubNgGyF07s=
Subject key identifier: 10:63:18:20:24:B1:F3:69:EF:7F:C1:D5:65:50:87:68:99:1B:FB:86
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C73A7FC15CD5961C4970D9209466
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/EGMYICSx82nvf8HVZVCHaJkb-4Y.roa
Signing time: Thu 09 Apr 2026 14:08:35 +0000
ROA not before: Thu 09 Apr 2026 14:08:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397201
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c7:3a:7f:c1:5c:d5:96:1c:49:70:d9:20:94:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1063182024b1f369ef7fc1d565508768991bfb86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:36:30:26:31:93:86:41:c5:df:00:74:62:29:
60:00:d7:d6:02:89:49:36:6c:75:92:70:b4:e8:6d:
32:c5:1d:00:3f:b0:54:8e:4f:71:d7:43:bc:77:e8:
8d:62:63:e1:04:cf:8c:8e:7e:0b:3b:16:c6:c9:4d:
77:76:fe:f5:02:0a:a4:f6:26:8f:f8:dd:c8:fb:ee:
21:f6:4e:ad:19:b6:66:32:52:cc:71:84:e6:50:89:
49:a3:ed:9b:20:75:63:fe:1a:26:74:4e:17:fd:ee:
47:b0:ed:ba:6c:55:26:9c:38:79:df:52:a7:01:24:
f9:ee:f0:ed:d5:da:52:42:69:39:ee:b3:9a:58:fe:
7b:ef:7c:c5:1f:35:62:cc:6a:b6:54:79:16:1e:cf:
1a:42:df:ea:6f:91:9e:8b:ea:ba:45:ab:fd:b8:c1:
a8:36:c0:26:de:ec:0d:99:67:97:01:b7:1b:fb:81:
dc:02:ac:48:02:e4:83:e3:7f:ea:d5:b1:1d:d4:98:
44:e2:7c:65:7e:58:d7:12:b2:01:63:cf:4e:df:56:
cb:24:26:e3:e6:82:0c:c8:34:a0:8d:af:9a:6c:9a:
f6:28:e8:c6:79:f2:c0:70:6e:d8:d6:c1:41:c6:b3:
97:90:a3:3c:c4:d5:a4:f5:0d:ae:e0:af:a9:22:37:
f8:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:63:18:20:24:B1:F3:69:EF:7F:C1:D5:65:50:87:68:99:1B:FB:86
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/EGMYICSx82nvf8HVZVCHaJkb-4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
71:3f:66:b9:b7:5f:bf:c5:6a:92:17:78:40:26:ed:d4:58:7e:
83:86:d6:c0:a1:31:86:62:ab:f7:f1:30:79:e5:9a:b5:fb:00:
0a:18:3f:b2:5f:04:72:c8:6c:85:42:e0:10:ad:8e:e0:13:86:
a8:8c:41:a2:6f:c8:ad:e6:14:13:f1:76:a3:fa:a0:e5:25:14:
32:d0:20:0d:57:33:ca:8f:a9:a8:83:d4:8a:43:73:a4:13:a9:
6d:48:7a:f9:28:28:be:34:0d:69:29:7d:d4:56:be:b4:b5:0c:
ec:88:cc:01:04:01:a1:5f:30:91:6a:cf:77:de:0f:9f:33:43:
e7:2a:f3:9a:d3:56:1f:ad:fb:b9:cc:7d:f7:ef:3a:18:ea:60:
72:df:36:11:c2:c0:00:f6:7d:6b:f1:00:c4:b6:37:6d:c7:9e:
d5:da:5e:b7:b6:6a:ee:db:d4:0e:86:de:a9:0c:2e:52:0a:53:
43:1e:74:41:1d:b9:58:d0:02:f4:b2:95:b1:f9:ba:65:b9:d8:
5f:b5:72:87:c4:4b:cd:8b:8a:83:01:76:21:8c:11:ee:a5:fd:
5f:46:ea:4c:a3:42:f0:e7:ff:40:6b:56:b0:63:b7:ac:be:9f:
18:e2:b5:29:e5:1c:b9:e2:49:6f:d9:32:3d:5d:e4:8f:6a:08:
67:24:7f:9e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksc6f8Fc1ZYcSXDZIJRmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDYzMTgyMDI0YjFmMzY5ZWY3ZmMxZDU2NTUwODc2ODk5MWJmYjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9DYwJjGThkHF3wB0YilgANfWAolJ
Nmx1knC06G0yxR0AP7BUjk9x10O8d+iNYmPhBM+Mjn4LOxbGyU13dv71Agqk9iaP
+N3I++4h9k6tGbZmMlLMcYTmUIlJo+2bIHVj/homdE4X/e5HsO26bFUmnDh531Kn
AST57vDt1dpSQmk57rOaWP5773zFHzVizGq2VHkWHs8aQt/qb5Gei+q6Rav9uMGo
NsAm3uwNmWeXAbcb+4HcAqxIAuSD43/q1bEd1JhE4nxlfljXErIBY89O31bLJCbj
5oIMyDSgja+abJr2KOjGefLAcG7Y1sFBxrOXkKM8xNWk9Q2u4K+pIjf4LwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBBjGCAksfNp73/B1WVQh2iZG/uGMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvRUdNWUlDU3g4Mm52ZjhIVlpWQ0hhSmtiLTRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAHE/Zrm3X7/F
apIXeEAm7dRYfoOG1sChMYZiq/fxMHnlmrX7AAoYP7JfBHLIbIVC4BCtjuAThqiM
QaJvyK3mFBPxdqP6oOUlFDLQIA1XM8qPqaiD1IpDc6QTqW1IevkoKL40DWkpfdRW
vrS1DOyIzAEEAaFfMJFqz3feD58zQ+cq85rTVh+t+7nMfffvOhjqYHLfNhHCwAD2
fWvxAMS2N23HntXaXre2au7b1A6G3qkMLlIKU0MedEEduVjQAvSylbH5umW52F+1
cofES82LioMBdiGMEe6l/V9G6kyjQvDn/0BrVrBjt6y+nxjitSnlHLniSW/ZMj1d
5I9qCGckf54=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:25 2026 by rpki-client