Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/VGLGdu_FUdexctat6SvSO7laNeM.roa
File: VGLGdu_FUdexctat6SvSO7laNeM.roa (raw, json)
Hash identifier: UHIE7nNHaJmPG+AboyS1epYJ8KhXIJIo4KBNkNC0KxE=
Subject key identifier: 54:62:C6:76:EF:C5:51:D7:B1:72:D6:AD:E9:2B:D2:3B:B9:5A:35:E3
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C701909B6746556EF082DD9A5080
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/VGLGdu_FUdexctat6SvSO7laNeM.roa
Signing time: Thu 09 Apr 2026 14:08:34 +0000
ROA not before: Thu 09 Apr 2026 14:08:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397200
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c7:01:90:9b:67:46:55:6e:f0:82:dd:9a:50:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5462c676efc551d7b172d6ade92bd23bb95a35e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f2:c3:e4:ab:7b:b9:e3:30:fa:7f:f7:ba:64:
ef:cf:ee:58:4c:d0:c3:63:a0:8b:12:81:8f:19:d5:
71:5f:47:40:78:8b:1a:d8:03:de:40:65:36:5c:8e:
79:17:f9:1a:ed:bb:6f:5d:5b:bb:24:d4:ab:6b:37:
c5:a2:3d:5e:ed:3b:51:e5:2c:87:b0:ac:79:78:a0:
0b:a3:ae:25:cf:3d:2b:14:0c:bc:99:e7:13:36:63:
65:20:20:8e:1d:a5:93:53:94:17:41:e6:a5:46:d6:
d3:1f:7f:1c:30:e5:46:a2:bb:75:1a:ca:7f:34:9b:
58:c3:6a:8f:ee:79:02:b9:04:10:30:bd:29:eb:f2:
15:48:0f:6d:11:48:a2:f4:d2:9c:15:f7:f2:d8:16:
16:25:80:ed:c1:26:5c:55:68:36:b9:c4:48:6d:00:
17:24:0b:6f:e0:46:74:41:ed:30:e1:21:74:8f:db:
ee:ac:73:5f:6e:36:bd:41:8b:9a:60:e3:ef:2c:57:
04:ee:e9:67:cf:d1:e5:c2:bd:a5:6a:44:6f:ef:a1:
88:d7:5a:bd:cc:e8:d9:20:7e:d5:71:cd:77:64:e0:
59:6e:b8:c0:ee:f6:fe:65:b7:7b:67:1e:cb:ef:77:
99:85:c9:6e:d8:67:95:7e:eb:b6:bc:bc:60:4d:11:
38:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:62:C6:76:EF:C5:51:D7:B1:72:D6:AD:E9:2B:D2:3B:B9:5A:35:E3
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/VGLGdu_FUdexctat6SvSO7laNeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
37:86:11:af:98:5a:f1:af:cd:cd:89:58:74:9c:e8:01:cb:5a:
fc:97:bd:79:d5:71:9c:11:2c:08:f6:71:c2:1a:53:a5:4b:9a:
2a:22:f9:21:52:4d:4c:8b:63:16:12:9b:f6:ee:f3:2e:76:c8:
54:19:82:29:32:4a:a1:60:1f:8c:b3:5b:2a:3f:90:75:9a:f0:
40:77:06:d3:6c:60:a5:da:40:0d:84:55:32:96:da:41:a4:dd:
65:ff:92:f9:2b:11:b9:d1:7f:64:eb:ad:89:39:20:96:87:1c:
60:3e:7d:03:30:ff:24:2f:c5:f9:8c:44:01:d9:14:f0:85:cc:
27:48:c1:54:c5:14:57:b1:f5:f0:3b:63:cf:38:b2:41:1b:81:
d1:59:41:97:a0:4e:23:b9:60:68:0e:f7:f6:f6:6c:64:43:cb:
c6:60:1b:5c:7a:05:35:40:0d:ad:c1:cd:3c:72:e4:86:de:98:
06:00:ba:64:e5:e0:4e:eb:40:70:07:40:4b:35:2f:48:e4:3b:
9c:c3:36:2a:b4:c5:3f:09:f4:8f:e5:51:ee:64:d0:63:3e:f7:
9b:f9:a8:d8:09:70:ad:85:30:80:4b:11:aa:f2:b3:99:f6:d0:
2a:1d:58:2d:a8:5d:4e:55:fd:0d:5a:f9:81:4a:11:5a:96:3b:
8e:46:65:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykscBkJtnRlVu8ILdmlCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDYyYzY3NmVmYzU1MWQ3YjE3MmQ2YWRlOTJiZDIzYmI5NWEzNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPLD5Kt7ueMw+n/3umTvz+5YTNDD
Y6CLEoGPGdVxX0dAeIsa2APeQGU2XI55F/ka7btvXVu7JNSrazfFoj1e7TtR5SyH
sKx5eKALo64lzz0rFAy8mecTNmNlICCOHaWTU5QXQealRtbTH38cMOVGort1Gsp/
NJtYw2qP7nkCuQQQML0p6/IVSA9tEUii9NKcFffy2BYWJYDtwSZcVWg2ucRIbQAX
JAtv4EZ0Qe0w4SF0j9vurHNfbja9QYuaYOPvLFcE7ulnz9Hlwr2lakRv76GI11q9
zOjZIH7Vcc13ZOBZbrjA7vb+Zbd7Zx7L73eZhclu2GeVfuu2vLxgTRE40wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFRixnbvxVHXsXLWrekr0ju5WjXjMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvVkdMR2R1X0ZVZGV4Y3RhdDZTdlNPN2xhTmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBADeGEa+YWvGv
zc2JWHSc6AHLWvyXvXnVcZwRLAj2ccIaU6VLmioi+SFSTUyLYxYSm/bu8y52yFQZ
gikySqFgH4yzWyo/kHWa8EB3BtNsYKXaQA2EVTKW2kGk3WX/kvkrEbnRf2TrrYk5
IJaHHGA+fQMw/yQvxfmMRAHZFPCFzCdIwVTFFFex9fA7Y884skEbgdFZQZegTiO5
YGgO9/b2bGRDy8ZgG1x6BTVADa3BzTxy5IbemAYAumTl4E7rQHAHQEs1L0jkO5zD
Niq0xT8J9I/lUe5k0GM+95v5qNgJcK2FMIBLEarys5n20CodWC2oXU5V/Q1a+YFK
EVqWO45GZcU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:02:02 2026 by rpki-client