Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HdsdvAB1BTwAaLk2gPbbj0if6TA.roa
File: HdsdvAB1BTwAaLk2gPbbj0if6TA.roa (raw, json)
Hash identifier: 6TJR66zL6x4bqMQuytOrNg3rxaV3ozOsCjgpVS516Fk=
Subject key identifier: 1D:DB:1D:BC:00:75:05:3C:00:68:B9:36:80:F6:DB:8F:48:9F:E9:30
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D729295B24C5F40130FFC9D0B4FA4DF2F
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HdsdvAB1BTwAaLk2gPbbj0if6TA.roa
Signing time: Thu 09 Apr 2026 14:08:22 +0000
ROA not before: Thu 09 Apr 2026 14:08:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36616
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:95:b2:4c:5f:40:13:0f:fc:9d:0b:4f:a4:df:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ddb1dbc0075053c0068b93680f6db8f489fe930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ce:47:7a:88:c7:9a:eb:e9:3b:05:93:49:fe:
dc:e4:73:4e:1a:5b:cb:3e:5f:2d:2c:80:ea:d7:92:
a2:1b:30:a8:25:47:a8:55:78:ed:f4:d4:d8:d6:fa:
63:1b:03:39:a7:dc:b0:c9:ad:3b:f7:36:9a:15:b7:
f2:44:91:3a:1e:86:8d:06:8f:a9:c4:88:34:ff:7d:
d4:04:ae:6e:fc:1b:1f:a4:1b:e3:3c:d3:b9:89:e3:
e7:86:8f:a4:f3:7c:f6:a7:9a:74:b9:4a:7d:7a:2c:
f0:9b:d1:b8:2b:5e:23:ff:22:5f:2d:0c:64:33:56:
e3:c9:c8:ed:dc:07:aa:95:7c:c5:02:28:03:45:55:
d4:09:de:73:86:f5:89:06:fd:71:a6:fa:12:72:9e:
4f:39:cd:58:da:de:95:7c:a3:e7:d4:47:39:ef:94:
7a:e4:45:64:ee:b0:75:15:79:e2:12:47:a0:e0:5d:
0f:29:5d:dd:97:3e:41:53:c2:e8:75:06:26:99:dc:
31:55:40:90:98:de:ab:46:04:48:8a:29:17:49:87:
2f:8c:e3:c2:cd:2b:d7:ad:dd:21:2f:a9:7b:ab:56:
ad:1c:43:71:f0:0d:9a:14:ed:84:a8:60:be:a3:b5:
1f:87:e8:41:1b:ee:54:e8:73:a1:f2:1c:fc:b4:fe:
b5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:DB:1D:BC:00:75:05:3C:00:68:B9:36:80:F6:DB:8F:48:9F:E9:30
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HdsdvAB1BTwAaLk2gPbbj0if6TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
1c:a6:e0:ae:87:4f:21:e3:c7:c0:55:07:b2:58:f5:f5:63:95:
cf:61:03:f2:e9:8f:10:8d:4d:d0:67:4b:e3:28:c0:c1:9e:14:
0a:59:ed:a6:95:5e:48:6a:89:df:0f:b4:ea:86:27:44:6d:97:
c6:a2:75:6c:69:3f:b9:56:7e:f1:e2:9d:13:68:14:7b:06:fd:
4c:71:36:d1:3c:a7:4d:55:a2:44:c7:87:40:33:2b:54:42:23:
6d:91:90:54:2c:69:40:67:98:46:46:dc:3a:91:7b:35:c9:7f:
14:e0:2b:8c:98:fd:a1:b4:ae:7a:96:ec:ba:9b:d1:57:ad:40:
84:d5:34:ae:c9:b3:31:b7:d5:ad:ed:65:38:41:76:61:0e:7e:
1a:27:b5:67:f1:30:cf:39:01:64:3f:98:a1:06:a0:18:2a:90:
cf:f9:f2:21:aa:5c:2a:8b:69:4b:f7:03:f4:71:9e:13:92:dd:
ce:c1:f5:a5:45:e3:68:e3:44:8a:f6:65:9b:c3:86:c6:dc:bf:
12:72:0b:60:fa:bf:d1:27:ac:91:0d:f2:71:51:e0:f0:50:e4:
66:59:39:87:3d:7c:93:5a:9b:83:16:04:9b:56:35:c9:92:0e:
0e:ce:93:fc:41:54:e5:52:05:50:98:69:f5:be:a3:82:df:83:
79:d7:6c:10
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykpWyTF9AEw/8nQtPpN8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGRiMWRiYzAwNzUwNTNjMDA2OGI5MzY4MGY2ZGI4ZjQ4OWZlOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM5HeojHmuvpOwWTSf7c5HNOGlvL
Pl8tLIDq15KiGzCoJUeoVXjt9NTY1vpjGwM5p9ywya079zaaFbfyRJE6HoaNBo+p
xIg0/33UBK5u/BsfpBvjPNO5iePnho+k83z2p5p0uUp9eizwm9G4K14j/yJfLQxk
M1bjycjt3AeqlXzFAigDRVXUCd5zhvWJBv1xpvoScp5POc1Y2t6VfKPn1Ec575R6
5EVk7rB1FXniEkeg4F0PKV3dlz5BU8LodQYmmdwxVUCQmN6rRgRIiikXSYcvjOPC
zSvXrd0hL6l7q1atHENx8A2aFO2EqGC+o7Ufh+hBG+5U6HOh8hz8tP61RwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB3bHbwAdQU8AGi5NoD2249In+kwMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvSGRzZHZBQjFCVHdBYUxrMmdQYmJqMGlmNlRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBABym4K6HTyHj
x8BVB7JY9fVjlc9hA/LpjxCNTdBnS+MowMGeFApZ7aaVXkhqid8PtOqGJ0Rtl8ai
dWxpP7lWfvHinRNoFHsG/UxxNtE8p01VokTHh0AzK1RCI22RkFQsaUBnmEZG3DqR
ezXJfxTgK4yY/aG0rnqW7Lqb0VetQITVNK7JszG31a3tZThBdmEOfhontWfxMM85
AWQ/mKEGoBgqkM/58iGqXCqLaUv3A/RxnhOS3c7B9aVF42jjRIr2ZZvDhsbcvxJy
C2D6v9EnrJEN8nFR4PBQ5GZZOYc9fJNam4MWBJtWNcmSDg7Ok/xBVOVSBVCYafW+
o4Lfg3nXbBA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:27 2026 by rpki-client