Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YzjyaJqvbT65lJTQ5Brt1tWklBg.roa
File: YzjyaJqvbT65lJTQ5Brt1tWklBg.roa (raw, json)
Hash identifier: PC9fADmYnsk1rANj51vizbKsucau+K7woal0nC7Giiw=
Subject key identifier: 63:38:F2:68:9A:AF:6D:3E:B9:94:94:D0:E4:1A:ED:D6:D5:A4:94:18
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B5004461B851020A0E56D34CFBBC
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YzjyaJqvbT65lJTQ5Brt1tWklBg.roa
Signing time: Thu 09 Apr 2026 14:08:30 +0000
ROA not before: Thu 09 Apr 2026 14:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396594
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b5:00:44:61:b8:51:02:0a:0e:56:d3:4c:fb:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6338f2689aaf6d3eb99494d0e41aedd6d5a49418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:95:e0:78:c3:c4:d5:6d:c9:38:9f:d7:69:16:
76:a2:1a:d9:45:87:ff:4c:12:0d:b3:46:8c:0b:59:
0a:09:e7:12:fa:9d:98:5b:cd:c0:99:fe:5e:23:4e:
8e:db:fa:68:96:a0:44:29:f8:8c:85:0f:d5:47:bc:
85:e9:c8:da:27:40:f3:4e:ce:b7:3e:6b:23:21:f3:
f1:88:2d:de:57:16:58:5d:b1:75:94:bd:99:21:5e:
cc:f0:9b:8a:90:72:36:a9:af:bb:10:9b:8e:c5:31:
f9:f3:62:6c:bd:bd:95:14:74:3f:80:1f:c9:2f:7f:
96:f5:1d:a2:ca:76:49:ef:0f:08:63:89:20:78:19:
e4:a9:ee:83:36:53:78:10:3f:84:68:02:1d:8e:6e:
7c:f3:9e:b5:ca:e2:1e:53:9e:fa:ff:d2:be:21:7e:
40:b9:08:b2:a4:c8:a3:54:0c:44:59:81:2c:c0:5a:
1f:dd:b6:e5:84:7a:a4:45:13:07:e9:43:a0:82:e3:
06:eb:60:df:2e:19:b4:c5:c4:54:78:11:f5:99:a9:
87:a9:58:df:55:c4:ec:52:00:f7:28:cc:25:a2:13:
88:78:7f:ce:10:8d:1f:49:df:7a:ca:f1:95:ff:5e:
d9:73:04:1c:85:a8:54:5d:d1:03:e0:49:7b:28:9a:
0f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:38:F2:68:9A:AF:6D:3E:B9:94:94:D0:E4:1A:ED:D6:D5:A4:94:18
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/YzjyaJqvbT65lJTQ5Brt1tWklBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
4d:7b:f4:11:ae:e2:fb:74:30:6e:56:72:5b:51:9e:77:ae:04:
6b:41:a9:ea:a5:5d:c9:f4:1c:7f:c6:08:18:b0:24:d3:5e:e7:
6c:89:9d:e5:90:3d:48:9b:47:48:63:74:7a:9f:27:8b:ca:15:
a6:f0:a8:1e:ee:1a:70:1d:ce:1d:23:c3:49:cc:c3:24:c5:86:
f6:d1:4d:93:ef:9c:0e:a6:70:8c:5c:e5:63:f4:84:28:72:b0:
cc:8a:ff:76:9b:2c:d6:23:e7:f3:6f:e9:c8:5b:06:a2:a6:71:
f0:51:1f:75:ba:5f:74:6e:a4:61:f7:40:0a:da:7e:97:34:58:
33:e4:c4:08:9f:3e:67:74:93:0c:5a:dd:ea:04:eb:bb:6d:bf:
5b:8a:8c:d3:a2:26:45:f1:9c:bb:72:4e:65:7f:5c:55:9d:7a:
6d:fe:13:09:07:c9:9c:66:4c:e8:2f:39:13:44:cd:28:9b:38:
9d:7d:4e:65:10:c2:31:6a:1e:7a:3b:7a:4d:ee:f4:59:b4:46:
ef:cf:e9:da:c1:88:e5:27:d2:d4:ff:8c:d2:0c:f8:b2:f2:90:
64:30:bb:d2:62:7a:ee:d4:da:4c:af:d9:2f:46:40:76:b7:d0:
8c:98:e0:1b:b3:db:e1:02:be:4e:b9:7a:f2:1a:22:4c:b2:0d:
f7:cf:1a:53
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrUARGG4UQIKDlbTTPu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM4ZjI2ODlhYWY2ZDNlYjk5NDk0ZDBlNDFhZWRkNmQ1YTQ5NDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspXgeMPE1W3JOJ/XaRZ2ohrZRYf/
TBINs0aMC1kKCecS+p2YW83Amf5eI06O2/polqBEKfiMhQ/VR7yF6cjaJ0DzTs63
PmsjIfPxiC3eVxZYXbF1lL2ZIV7M8JuKkHI2qa+7EJuOxTH582Jsvb2VFHQ/gB/J
L3+W9R2iynZJ7w8IY4kgeBnkqe6DNlN4ED+EaAIdjm588561yuIeU576/9K+IX5A
uQiypMijVAxEWYEswFof3bblhHqkRRMH6UOgguMG62DfLhm0xcRUeBH1mamHqVjf
VcTsUgD3KMwlohOIeH/OEI0fSd96yvGV/17ZcwQchahUXdED4El7KJoPCwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGM48miar20+uZSU0OQa7dbVpJQYMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWXpqeWFKcXZiVDY1bEpUUTVCcnQxdFdrbEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAE179BGu4vt0
MG5WcltRnneuBGtBqeqlXcn0HH/GCBiwJNNe52yJneWQPUibR0hjdHqfJ4vKFabw
qB7uGnAdzh0jw0nMwyTFhvbRTZPvnA6mcIxc5WP0hChysMyK/3abLNYj5/Nv6chb
BqKmcfBRH3W6X3RupGH3QArafpc0WDPkxAifPmd0kwxa3eoE67ttv1uKjNOiJkXx
nLtyTmV/XFWdem3+EwkHyZxmTOgvORNEzSibOJ19TmUQwjFqHno7ek3u9Fm0Ru/P
6drBiOUn0tT/jNIM+LLykGQwu9Jieu7U2kyv2S9GQHa30IyY4Buz2+ECvk65evIa
IkyyDffPGlM=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:48:35 2026 by rpki-client