Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Z3OVN75P-vRs4MCtz-Ym8SmmSZg.roa
File: Z3OVN75P-vRs4MCtz-Ym8SmmSZg.roa (raw, json)
Hash identifier: A6IDc6eBmko+K7fZHs//Iw0O9fi5qgU9abtguoqS8Tk=
Subject key identifier: 67:73:95:37:BE:4F:FA:F4:6C:E0:C0:AD:CF:E6:26:F1:29:A6:49:98
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A5028192DCEC2768A5EE04A25AEC
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Z3OVN75P-vRs4MCtz-Ym8SmmSZg.roa
Signing time: Thu 09 Apr 2026 14:08:26 +0000
ROA not before: Thu 09 Apr 2026 14:08:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396553
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a5:02:81:92:dc:ec:27:68:a5:ee:04:a2:5a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=67739537be4ffaf46ce0c0adcfe626f129a64998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:bf:7f:e7:f5:d5:63:fa:45:f5:71:6e:57:a0:
f3:15:df:da:ca:d9:7f:01:de:bc:33:bc:b0:5e:b4:
66:74:88:2c:a0:20:9b:39:7b:b9:33:af:b3:f9:3d:
49:82:89:7d:df:31:6b:25:9b:ab:dc:c0:de:f4:1c:
39:df:74:b5:22:62:a0:54:3e:26:56:71:ca:4c:5d:
74:48:fb:9c:0a:30:96:e1:31:e8:ea:97:55:9d:e2:
cc:7c:14:69:b1:e2:c7:ce:79:c7:92:f2:cc:25:e9:
6a:0d:59:5c:52:62:29:9f:ee:9c:69:a0:fe:85:bd:
91:2b:52:0a:6e:1e:15:ab:de:89:e4:0c:46:b3:e0:
26:46:b3:e5:6c:2d:a1:ed:a2:a2:c0:5c:b8:53:9e:
a9:ea:f4:bb:59:41:c8:aa:9c:bd:ec:e1:ba:9e:9b:
11:05:a3:29:3a:fe:e6:2e:26:9c:0c:66:9f:a6:22:
5a:12:c4:4b:15:23:6c:06:33:d9:5f:5f:20:6d:19:
3d:ea:3c:ec:e6:cc:1b:a7:55:3d:45:75:a6:2d:9c:
ce:bd:13:8d:e9:a5:76:8a:0a:86:0f:c1:76:c4:d8:
c4:06:38:e2:8a:98:2e:3e:09:df:36:19:44:36:0d:
76:8c:da:c5:71:0e:f5:85:d3:b4:bb:bb:cb:5f:26:
bf:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:73:95:37:BE:4F:FA:F4:6C:E0:C0:AD:CF:E6:26:F1:29:A6:49:98
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/Z3OVN75P-vRs4MCtz-Ym8SmmSZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
8a:ef:6e:84:de:94:8a:9c:3c:c9:b7:85:b1:de:cf:e9:73:f5:
91:7c:24:48:b9:0f:34:8b:68:7f:19:5d:2e:42:13:c8:fd:ca:
b8:b3:56:48:b9:a1:62:fc:bd:a8:1b:b5:0b:d0:33:f8:55:bb:
6e:fe:92:47:f1:df:da:33:8f:2b:7d:0d:ae:2f:e4:a5:fe:f6:
05:e4:62:9b:77:a1:f4:17:9b:9a:e1:2d:80:ac:5a:ff:d8:87:
95:bb:27:91:0d:ae:1c:33:4b:91:1e:5e:ca:74:8c:ef:6b:7e:
6d:1e:40:48:9d:f8:16:33:d8:09:1b:9c:73:be:19:00:d8:b4:
82:0e:22:35:c8:d6:64:b1:63:c3:29:6a:61:b7:0e:62:d1:07:
96:c2:ca:12:6c:9c:0d:a6:72:38:7a:c6:e7:6d:38:8f:4d:35:
49:95:0a:bf:98:84:fe:e0:e6:47:01:2d:1b:74:fc:62:0a:a7:
61:de:19:08:9a:40:35:8d:38:4f:d5:f5:f4:cf:01:fa:8f:d7:
8c:87:2b:9c:da:f9:f1:5b:a9:d3:86:49:ac:af:d3:23:3f:d5:
41:e5:fc:16:a6:43:db:01:e9:8f:a6:b9:87:48:17:e0:c2:6b:
b1:71:92:e2:be:4d:a4:6c:e6:37:b7:4b:54:2b:f8:60:83:3d:
f9:65:5a:dd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqUCgZLc7Cdope4EolrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzczOTUzN2JlNGZmYWY0NmNlMGMwYWRjZmU2MjZmMTI5YTY0OTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb9/5/XVY/pF9XFuV6DzFd/aytl/
Ad68M7ywXrRmdIgsoCCbOXu5M6+z+T1Jgol93zFrJZur3MDe9Bw533S1ImKgVD4m
VnHKTF10SPucCjCW4THo6pdVneLMfBRpseLHznnHkvLMJelqDVlcUmIpn+6caaD+
hb2RK1IKbh4Vq96J5AxGs+AmRrPlbC2h7aKiwFy4U56p6vS7WUHIqpy97OG6npsR
BaMpOv7mLiacDGafpiJaEsRLFSNsBjPZX18gbRk96jzs5swbp1U9RXWmLZzOvRON
6aV2igqGD8F2xNjEBjjiipguPgnfNhlENg12jNrFcQ71hdO0u7vLXya/hQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGdzlTe+T/r0bODArc/mJvEppkmYMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWjNPVk43NVAtdlJzNE1DdHotWW04U21tU1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAIrvboTelIqc
PMm3hbHez+lz9ZF8JEi5DzSLaH8ZXS5CE8j9yrizVki5oWL8vagbtQvQM/hVu27+
kkfx39ozjyt9Da4v5KX+9gXkYpt3ofQXm5rhLYCsWv/Yh5W7J5ENrhwzS5EeXsp0
jO9rfm0eQEid+BYz2AkbnHO+GQDYtIIOIjXI1mSxY8MpamG3DmLRB5bCyhJsnA2m
cjh6xudtOI9NNUmVCr+YhP7g5kcBLRt0/GIKp2HeGQiaQDWNOE/V9fTPAfqP14yH
K5za+fFbqdOGSayv0yM/1UHl/BamQ9sB6Y+muYdIF+DCa7FxkuK+TaRs5je3S1Qr
+GCDPfllWt0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:08 2026 by rpki-client