Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ecy5pjDL32oQJfnXug0p_YH3T_A.roa
File: Ecy5pjDL32oQJfnXug0p_YH3T_A.roa (raw, json)
Hash identifier: niDgNsQHz2xzLsOl25t57bmSpkryoI/FNETO0lB6wz4=
Subject key identifier: 11:CC:B9:A6:30:CB:DF:6A:10:25:F9:D7:BA:0D:29:FD:81:F7:4F:F0
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A12594926953A07FD3741977ACFC
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ecy5pjDL32oQJfnXug0p_YH3T_A.roa
Signing time: Thu 09 Apr 2026 14:08:25 +0000
ROA not before: Thu 09 Apr 2026 14:08:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396543
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a1:25:94:92:69:53:a0:7f:d3:74:19:77:ac:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=11ccb9a630cbdf6a1025f9d7ba0d29fd81f74ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7c:43:6a:75:8b:f7:86:68:fb:9f:82:33:16:
01:ca:46:11:72:a7:c2:2c:01:5b:a9:76:30:77:4a:
3c:04:85:83:81:f6:51:20:2e:43:0d:66:92:77:ba:
21:2a:ee:af:62:fb:98:03:70:9c:a0:02:e5:99:d7:
43:97:dc:d4:7b:0e:58:7d:57:cf:b3:e2:a9:6e:f8:
c7:e2:7d:1a:b5:6d:cd:29:d1:29:1e:32:50:6e:96:
3c:01:28:3b:09:9c:f7:d1:b7:f1:81:fd:35:7c:70:
65:35:ee:5c:27:8c:c0:9b:72:8c:57:1d:cd:81:93:
60:1c:ba:df:ef:e1:cd:12:e7:fa:2f:b4:cd:71:29:
87:54:dc:0e:20:44:5e:b3:74:7e:77:39:dc:ca:64:
38:a3:6c:cf:22:8b:69:81:94:ff:a6:42:12:37:db:
e6:ce:b4:4a:4d:6c:6a:59:6e:67:cd:fa:5e:e6:f0:
8e:f9:bc:06:9f:73:fb:d8:6b:cf:ec:df:01:7c:62:
76:d1:6d:ce:33:c6:50:89:85:0b:01:66:1d:7d:63:
32:d6:cf:47:a7:e1:0d:68:44:36:49:aa:9d:c1:57:
52:68:b7:97:1c:83:34:7f:e6:a1:75:ed:c1:95:56:
c7:30:f5:aa:c7:75:84:69:ca:7e:3e:d2:14:54:aa:
58:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CC:B9:A6:30:CB:DF:6A:10:25:F9:D7:BA:0D:29:FD:81:F7:4F:F0
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Ecy5pjDL32oQJfnXug0p_YH3T_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
a9:da:c2:25:be:95:af:4c:2a:d8:19:7c:a6:80:66:6c:89:68:
7d:67:85:25:f7:02:3f:76:8c:f1:94:c1:b7:30:64:45:8c:1b:
1d:0b:21:e9:71:7b:6e:4f:89:68:cb:98:62:ca:eb:37:f7:8c:
d0:9f:ba:e6:69:2e:0d:e9:5d:23:92:88:06:bf:6e:80:b9:d8:
1c:bc:a2:11:cc:10:9a:21:98:a2:a0:aa:44:4f:bb:dd:14:36:
f0:b8:c6:4f:07:dd:2f:ad:63:16:77:54:cc:76:eb:b9:b5:50:
8c:8d:27:26:eb:4c:7e:66:40:03:3f:c9:c0:e1:3a:4a:d3:7f:
a8:57:96:ea:ec:e3:7c:91:bd:f5:be:04:20:4e:84:83:64:8d:
bb:dc:90:a7:6d:07:74:28:91:63:6a:6d:e6:83:fb:c0:f5:a7:
cb:8f:62:c3:a9:8b:63:50:ff:9f:94:5f:f4:c7:24:28:08:88:
3f:cc:70:39:5c:0a:ec:d0:fe:63:51:67:11:31:7b:13:16:d2:
a8:20:ef:bc:09:ec:2a:ea:25:0f:51:56:5e:05:93:b8:7e:c6:
e3:78:99:96:33:cd:a7:1b:d5:d8:ef:67:d2:02:9b:68:88:5e:
f4:9e:4a:14:9e:b5:68:34:67:73:4b:c1:ad:80:19:5f:80:7c:
ff:91:62:81
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqEllJJpU6B/03QZd6z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNjYjlhNjMwY2JkZjZhMTAyNWY5ZDdiYTBkMjlmZDgxZjc0ZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXxDanWL94Zo+5+CMxYBykYRcqfC
LAFbqXYwd0o8BIWDgfZRIC5DDWaSd7ohKu6vYvuYA3CcoALlmddDl9zUew5YfVfP
s+KpbvjH4n0atW3NKdEpHjJQbpY8ASg7CZz30bfxgf01fHBlNe5cJ4zAm3KMVx3N
gZNgHLrf7+HNEuf6L7TNcSmHVNwOIERes3R+dzncymQ4o2zPIotpgZT/pkISN9vm
zrRKTWxqWW5nzfpe5vCO+bwGn3P72GvP7N8BfGJ20W3OM8ZQiYULAWYdfWMy1s9H
p+ENaEQ2SaqdwVdSaLeXHIM0f+ahde3BlVbHMPWqx3WEacp+PtIUVKpY+QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBHMuaYwy99qECX517oNKf2B90/wMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvRWN5NXBqREwzMm9RSmZuWHVnMHBfWUgzVF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAKnawiW+la9M
KtgZfKaAZmyJaH1nhSX3Aj92jPGUwbcwZEWMGx0LIelxe25PiWjLmGLK6zf3jNCf
uuZpLg3pXSOSiAa/boC52By8ohHMEJohmKKgqkRPu90UNvC4xk8H3S+tYxZ3VMx2
67m1UIyNJybrTH5mQAM/ycDhOkrTf6hXlurs43yRvfW+BCBOhINkjbvckKdtB3Qo
kWNqbeaD+8D1p8uPYsOpi2NQ/5+UX/THJCgIiD/McDlcCuzQ/mNRZxExexMW0qgg
77wJ7CrqJQ9RVl4Fk7h+xuN4mZYzzacb1djvZ9ICm2iIXvSeShSetWg0Z3NLwa2A
GV+AfP+RYoE=
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:12 2026 by rpki-client