Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/SENU7hYeluujgzzIbI1iaiFgnpg.roa
File: SENU7hYeluujgzzIbI1iaiFgnpg.roa (raw, json)
Hash identifier: bCVDd9LzMpn/aQKIRUHix9cRigBrNjzEEA7KmDt6aJQ=
Subject key identifier: 48:43:54:EE:16:1E:96:EB:A3:83:3C:C8:6C:8D:62:6A:21:60:9E:98
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292BDE03AC35DA6CC5F39F78E7E9575
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/SENU7hYeluujgzzIbI1iaiFgnpg.roa
Signing time: Thu 09 Apr 2026 14:08:32 +0000
ROA not before: Thu 09 Apr 2026 14:08:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396610
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:bd:e0:3a:c3:5d:a6:cc:5f:39:f7:8e:7e:95:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=484354ee161e96eba3833cc86c8d626a21609e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f5:38:3f:fa:18:7f:fc:c8:74:6d:c1:bb:e8:
34:c9:fc:d8:df:61:67:47:ee:51:b1:56:3b:07:08:
71:c1:d4:ad:ce:f5:fc:b3:a3:5b:7f:6c:b7:5a:1e:
60:14:6b:7c:27:f6:a7:1c:b5:55:ea:e4:f2:7d:2f:
56:34:3d:1b:12:9d:23:10:9a:7f:26:bc:da:5d:f3:
9a:21:25:a4:c9:1d:8d:8e:da:8c:c8:05:87:26:f9:
44:f0:5b:ab:19:55:1b:e5:38:9a:95:14:35:ba:e9:
38:58:fc:06:93:15:43:36:7e:d0:f2:1a:27:ca:1a:
05:05:f9:9e:9b:16:57:8a:41:2a:53:d7:dc:50:b5:
87:f3:41:90:cc:e0:bc:e2:bb:b5:4f:36:76:f3:fd:
82:42:f7:40:e4:64:d9:bf:75:7d:c3:00:a4:bd:07:
55:33:b6:fb:d3:31:7b:aa:0d:b4:b5:c4:dd:9d:c6:
7a:35:b1:9f:c7:79:c4:a4:3c:61:80:4e:42:14:db:
e1:7d:31:37:4b:fd:a8:ce:8b:10:3f:81:3e:7e:86:
f5:52:41:2b:63:f4:6a:0d:3c:47:6c:63:98:c9:21:
7d:8a:35:3a:5f:1b:c9:a5:a0:af:aa:83:7f:4f:7c:
5e:28:dd:8a:1c:2c:35:d7:2a:8b:76:da:80:62:30:
7d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:43:54:EE:16:1E:96:EB:A3:83:3C:C8:6C:8D:62:6A:21:60:9E:98
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/SENU7hYeluujgzzIbI1iaiFgnpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
86:c9:4b:c3:4b:7a:09:5d:72:ec:e6:a0:cb:ba:98:99:6c:52:
df:c4:5d:d6:ba:4d:1c:6f:89:23:0b:2b:91:b3:cf:16:e1:3c:
04:b2:ea:f0:cc:50:2b:6b:53:21:14:1d:c7:22:d8:10:32:48:
c1:ab:23:7d:a5:97:35:66:32:38:4f:59:f8:37:91:7c:02:2e:
71:47:64:69:73:39:31:59:7a:79:40:78:64:d9:4e:16:17:90:
e0:ba:a7:df:26:9c:df:40:20:03:dd:43:ff:b7:5e:03:8c:8a:
b0:dc:7a:4e:36:77:85:fb:4e:6d:a3:1f:4e:e8:b3:08:cd:9f:
ec:bf:7f:33:77:4d:e8:8f:cd:6b:7c:d5:85:7f:ad:33:02:29:
fd:28:53:73:09:a8:03:09:6d:2c:19:54:32:3a:7c:cf:f3:aa:
df:26:bf:65:68:77:5a:1f:b4:24:fa:d6:53:98:f9:28:16:43:
da:26:34:6c:f1:a6:66:65:7e:8d:32:96:9a:86:e0:ba:9a:06:
3f:32:4c:53:b1:8f:0f:82:2e:7c:a3:cc:f7:5e:54:d1:90:ea:
99:54:92:c1:ca:11:1b:67:42:b7:d8:14:ca:d3:d7:61:7b:bc:
35:02:06:34:45:a1:d1:61:9f:4f:2b:00:8d:01:f8:b3:e8:c0:
c7:be:5d:ab
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykr3gOsNdpsxfOfeOfpV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQzNTRlZTE2MWU5NmViYTM4MzNjYzg2YzhkNjI2YTIxNjA5ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/U4P/oYf/zIdG3Bu+g0yfzY32Fn
R+5RsVY7BwhxwdStzvX8s6Nbf2y3Wh5gFGt8J/anHLVV6uTyfS9WND0bEp0jEJp/
JrzaXfOaISWkyR2NjtqMyAWHJvlE8FurGVUb5TialRQ1uuk4WPwGkxVDNn7Q8hon
yhoFBfmemxZXikEqU9fcULWH80GQzOC84ru1TzZ28/2CQvdA5GTZv3V9wwCkvQdV
M7b70zF7qg20tcTdncZ6NbGfx3nEpDxhgE5CFNvhfTE3S/2ozosQP4E+fob1UkEr
Y/RqDTxHbGOYySF9ijU6XxvJpaCvqoN/T3xeKN2KHCw11yqLdtqAYjB9vwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEhDVO4WHpbro4M8yGyNYmohYJ6YMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvU0VOVTdoWWVsdXVqZ3p6SWJJMWlhaUZnbnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAIbJS8NLegld
cuzmoMu6mJlsUt/EXda6TRxviSMLK5GzzxbhPASy6vDMUCtrUyEUHcci2BAySMGr
I32llzVmMjhPWfg3kXwCLnFHZGlzOTFZenlAeGTZThYXkOC6p98mnN9AIAPdQ/+3
XgOMirDcek42d4X7Tm2jH07oswjNn+y/fzN3TeiPzWt81YV/rTMCKf0oU3MJqAMJ
bSwZVDI6fM/zqt8mv2Vod1oftCT61lOY+SgWQ9omNGzxpmZlfo0ylpqG4LqaBj8y
TFOxjw+CLnyjzPdeVNGQ6plUksHKERtnQrfYFMrT12F7vDUCBjRFodFhn08rAI0B
+LPowMe+Xas=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:07:25 2026 by rpki-client