Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HgjeqMnUeL62TzpFrJPTbTPT7Wc.roa
File: HgjeqMnUeL62TzpFrJPTbTPT7Wc.roa (raw, json)
Hash identifier: 32biaRe2IknUx3QkNp887+SiDVF1PcdwqnmxqKFrgGQ=
Subject key identifier: 1E:08:DE:A8:C9:D4:78:BE:B6:4F:3A:45:AC:93:D3:6D:33:D3:ED:67
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A200293A36088D6C163D7492E322
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HgjeqMnUeL62TzpFrJPTbTPT7Wc.roa
Signing time: Thu 09 Apr 2026 14:08:25 +0000
ROA not before: Thu 09 Apr 2026 14:08:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396545
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a2:00:29:3a:36:08:8d:6c:16:3d:74:92:e3:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1e08dea8c9d478beb64f3a45ac93d36d33d3ed67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:9d:94:53:c9:e8:e1:37:e5:ad:ca:46:12:
4f:e3:04:42:37:c8:97:fa:55:a2:1f:f9:8c:f2:06:
07:f7:18:b7:9a:b6:c0:91:2b:05:42:a8:b0:d0:df:
07:bc:2c:de:9e:67:ba:ad:61:c5:85:0a:6c:72:97:
fc:d1:fb:03:11:e1:c4:21:df:13:0e:b8:39:48:a8:
ed:df:26:d7:b5:cc:6c:ed:a2:f8:e8:22:ff:f6:d2:
51:0d:f1:03:c3:bf:2e:30:91:41:4c:ab:22:d6:e4:
1a:20:2c:47:0d:3a:8c:ce:3a:65:49:66:b3:f0:15:
5a:05:4e:96:d4:fe:c3:ec:82:be:72:73:94:c8:9b:
7b:d7:c0:38:a8:56:f6:f9:e2:87:01:df:df:0f:a5:
72:27:21:43:14:6a:5f:3c:00:ce:4a:83:53:be:e9:
69:9a:af:44:45:5f:f4:52:2c:1e:2a:e3:9c:4d:21:
d5:4b:59:0f:1a:9c:46:b9:a8:70:5d:67:ba:59:aa:
1c:ed:4f:32:41:dc:22:60:12:98:27:d3:52:a3:5a:
d2:dd:c8:ba:72:d2:df:0a:c4:11:d3:9e:30:94:f1:
13:07:7b:c1:27:00:a4:55:e7:d7:5f:8f:76:d8:26:
ee:6e:76:d1:23:32:13:07:e3:1d:27:98:8f:d4:51:
23:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:08:DE:A8:C9:D4:78:BE:B6:4F:3A:45:AC:93:D3:6D:33:D3:ED:67
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HgjeqMnUeL62TzpFrJPTbTPT7Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
2b:8d:e0:67:68:2a:2e:91:e9:c0:e1:99:b9:8f:ee:6b:54:53:
2f:b0:9b:a8:15:42:5c:5b:78:ca:e8:c2:43:6c:c9:67:71:20:
1d:5a:f1:90:8b:fd:c3:a0:77:2f:2a:fa:f1:3c:2b:ab:c5:2c:
e7:19:79:79:48:9c:bd:9d:6a:9e:2d:3d:20:9a:df:59:5f:ec:
74:da:a3:51:85:e5:2f:f8:39:d0:b6:b5:40:b5:40:05:fa:5b:
8f:49:eb:7f:e1:7f:a7:05:5c:7b:d7:54:05:17:3c:01:49:00:
29:4f:43:f4:f6:06:68:cb:92:45:17:34:57:1b:51:61:02:9c:
de:84:39:5e:01:b8:0f:94:36:0d:e6:56:b5:b4:68:ef:23:61:
e8:9e:3f:28:65:d5:88:20:ac:64:a1:49:65:98:04:fc:ce:68:
a1:8d:c7:ec:1f:ba:c6:11:b0:3f:e9:79:69:d2:bb:60:a9:fc:
0b:f4:a8:dd:62:71:b2:7f:13:6c:48:75:bc:8d:58:bc:2a:be:
81:0a:74:b3:f7:8f:21:5e:98:ef:dd:ba:75:df:2d:69:2b:41:
d0:49:94:2f:1a:10:28:da:66:f7:3b:ff:cd:55:a1:2a:7d:18:
cd:eb:62:1a:35:82:4c:6f:00:78:8f:a5:a9:47:e0:f4:49:d2:
9a:b3:4f:1d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqIAKTo2CI1sFj10kuMiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTA4ZGVhOGM5ZDQ3OGJlYjY0ZjNhNDVhYzkzZDM2ZDMzZDNlZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNSdlFPJ6OE35a3KRhJP4wRCN8iX
+lWiH/mM8gYH9xi3mrbAkSsFQqiw0N8HvCzenme6rWHFhQpscpf80fsDEeHEId8T
Drg5SKjt3ybXtcxs7aL46CL/9tJRDfEDw78uMJFBTKsi1uQaICxHDTqMzjplSWaz
8BVaBU6W1P7D7IK+cnOUyJt718A4qFb2+eKHAd/fD6VyJyFDFGpfPADOSoNTvulp
mq9ERV/0UiweKuOcTSHVS1kPGpxGuahwXWe6Waoc7U8yQdwiYBKYJ9NSo1rS3ci6
ctLfCsQR054wlPETB3vBJwCkVefXX4922CbubnbRIzITB+MdJ5iP1FEjvwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB4I3qjJ1Hi+tk86RayT020z0+1nMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvSGdqZXFNblVlTDYyVHpwRnJKUFRiVFBUN1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBACuN4GdoKi6R
6cDhmbmP7mtUUy+wm6gVQlxbeMrowkNsyWdxIB1a8ZCL/cOgdy8q+vE8K6vFLOcZ
eXlInL2dap4tPSCa31lf7HTao1GF5S/4OdC2tUC1QAX6W49J63/hf6cFXHvXVAUX
PAFJAClPQ/T2BmjLkkUXNFcbUWECnN6EOV4BuA+UNg3mVrW0aO8jYeiePyhl1Ygg
rGShSWWYBPzOaKGNx+wfusYRsD/peWnSu2Cp/Av0qN1icbJ/E2xIdbyNWLwqvoEK
dLP3jyFemO/dunXfLWkrQdBJlC8aECjaZvc7/81VoSp9GM3rYho1gkxvAHiPpalH
4PRJ0pqzTx0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:13:28 2026 by rpki-client