Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/L3rJ3VAasfgDXT1bLAv3o1A1ucU.roa
File: L3rJ3VAasfgDXT1bLAv3o1A1ucU.roa (raw, json)
Hash identifier: GNrLuZ7gmXm1BrSOXiM59gC6F4H2aQ6b4qKIaFCqPWI=
Subject key identifier: 2F:7A:C9:DD:50:1A:B1:F8:03:5D:3D:5B:2C:0B:F7:A3:50:35:B9:C5
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292CAA52B04D696879520DDE02B3586
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/L3rJ3VAasfgDXT1bLAv3o1A1ucU.roa
Signing time: Thu 09 Apr 2026 14:08:35 +0000
ROA not before: Thu 09 Apr 2026 14:08:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397210
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:ca:a5:2b:04:d6:96:87:95:20:dd:e0:2b:35:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2f7ac9dd501ab1f8035d3d5b2c0bf7a35035b9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ea:55:b1:29:d7:c9:4f:df:81:6c:4a:4d:44:
15:1a:8a:1a:d8:49:4b:aa:13:73:42:37:2f:b2:70:
a4:04:52:1c:eb:fa:a4:1e:1f:f9:b8:59:6d:22:a6:
ad:7e:7a:43:1b:d0:02:6f:60:94:70:3d:48:b8:69:
c9:57:17:c4:b0:58:0f:8a:b5:ca:bd:34:b6:ac:d0:
d7:04:49:7b:1e:54:15:ad:93:bb:be:86:30:53:db:
9d:88:b0:7c:f4:1e:58:76:ef:50:f8:a2:3d:f7:5d:
8f:9c:77:4a:f2:d3:f4:2b:2e:8b:85:48:8a:f7:bf:
ce:ac:5f:80:c1:3f:bb:3a:85:91:5b:ef:b1:23:06:
8a:02:ba:45:ad:6d:de:1a:d4:f0:af:e7:08:72:2c:
41:69:92:84:ad:af:1c:50:04:06:b8:95:a0:f1:7a:
1c:1d:59:c3:d8:30:54:f5:e0:18:f8:85:86:50:d4:
f0:8f:16:35:06:76:7b:68:77:0d:39:d3:a7:98:f3:
2b:b6:f3:99:cc:39:95:fb:a2:77:ab:b1:a2:db:b2:
8f:8d:5b:7e:4a:5c:1d:8c:bd:1f:0e:12:df:72:ce:
57:3c:34:f6:2d:71:5b:64:4b:84:a2:0b:fc:7d:31:
4a:a5:d0:57:fe:53:8f:3e:de:fb:cc:c0:1e:2d:76:
b0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7A:C9:DD:50:1A:B1:F8:03:5D:3D:5B:2C:0B:F7:A3:50:35:B9:C5
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/L3rJ3VAasfgDXT1bLAv3o1A1ucU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
5f:38:6b:75:bf:9f:2e:c1:dc:11:cd:7e:d1:af:e2:b9:9e:6b:
b8:b6:64:01:ac:39:c3:d3:c1:79:a8:d0:0b:b9:b6:67:80:78:
79:02:bd:07:50:e7:31:98:4b:cb:d3:b2:dd:d8:61:27:fd:b7:
2b:11:6c:57:b6:51:15:0a:76:02:28:21:e7:09:2f:c7:96:b5:
f8:2b:fd:79:f7:75:8c:01:ed:2e:b2:b8:f3:c2:13:88:58:3b:
ba:5a:0f:14:36:30:d8:26:73:df:f6:63:81:05:65:6d:14:60:
50:26:3b:22:c5:2c:c5:ff:f6:6d:f6:ab:d5:bd:63:6a:ab:cc:
db:59:c8:d8:5e:cb:58:30:3a:44:3b:b5:e3:81:39:c3:71:8a:
0b:01:cd:ad:0d:05:c1:5b:9f:6c:4b:6e:70:ab:d4:22:0a:93:
40:94:65:7f:29:a2:43:8e:b1:82:5b:6b:f5:89:0d:d6:c6:1f:
48:b2:d7:18:a1:01:0d:69:89:b5:6f:d4:b8:20:c3:cf:b3:80:
d9:d0:68:b6:43:0f:72:a4:9f:b1:2a:ad:74:19:56:ac:fe:3a:
dd:e7:f0:43:2a:07:9d:46:87:f0:82:c9:06:bb:6f:43:b5:40:
c8:08:58:bf:e4:55:3a:35:96:33:3b:65:f8:77:3a:e3:e0:80:
1a:84:96:fb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksqlKwTWloeVIN3gKzWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdhYzlkZDUwMWFiMWY4MDM1ZDNkNWIyYzBiZjdhMzUwMzViOWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOpVsSnXyU/fgWxKTUQVGooa2ElL
qhNzQjcvsnCkBFIc6/qkHh/5uFltIqatfnpDG9ACb2CUcD1IuGnJVxfEsFgPirXK
vTS2rNDXBEl7HlQVrZO7voYwU9udiLB89B5Ydu9Q+KI9912PnHdK8tP0Ky6LhUiK
97/OrF+AwT+7OoWRW++xIwaKArpFrW3eGtTwr+cIcixBaZKEra8cUAQGuJWg8Xoc
HVnD2DBU9eAY+IWGUNTwjxY1BnZ7aHcNOdOnmPMrtvOZzDmV+6J3q7Gi27KPjVt+
SlwdjL0fDhLfcs5XPDT2LXFbZEuEogv8fTFKpdBX/lOPPt77zMAeLXawlQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFC96yd1QGrH4A109WywL96NQNbnFMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvTDNySjNWQWFzZmdEWFQxYkxBdjNvMUExdWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAF84a3W/ny7B
3BHNftGv4rmea7i2ZAGsOcPTwXmo0Au5tmeAeHkCvQdQ5zGYS8vTst3YYSf9tysR
bFe2URUKdgIoIecJL8eWtfgr/Xn3dYwB7S6yuPPCE4hYO7paDxQ2MNgmc9/2Y4EF
ZW0UYFAmOyLFLMX/9m32q9W9Y2qrzNtZyNhey1gwOkQ7teOBOcNxigsBza0NBcFb
n2xLbnCr1CIKk0CUZX8pokOOsYJba/WJDdbGH0iy1xihAQ1pibVv1Lggw8+zgNnQ
aLZDD3Kkn7EqrXQZVqz+Ot3n8EMqB51Gh/CCyQa7b0O1QMgIWL/kVTo1ljM7Zfh3
OuPggBqElvs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:31:17 2026 by rpki-client