Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ZZbQCWLTSN3kKe3EfQtrQv_hXGw.roa
File: ZZbQCWLTSN3kKe3EfQtrQv_hXGw.roa (raw, json)
Hash identifier: Im76nMtJut3GwfwSpO0DxvkuDUGLNrEdkfPJqZmHrCE=
Subject key identifier: 65:96:D0:09:62:D3:48:DD:E4:29:ED:C4:7D:0B:6B:42:FF:E1:5C:6C
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292AFAE8AE417F17A74D01615A6E367
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ZZbQCWLTSN3kKe3EfQtrQv_hXGw.roa
Signing time: Thu 09 Apr 2026 14:08:29 +0000
ROA not before: Thu 09 Apr 2026 14:08:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396583
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:af:ae:8a:e4:17:f1:7a:74:d0:16:15:a6:e3:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6596d00962d348dde429edc47d0b6b42ffe15c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4f:16:af:43:f5:9c:4e:a7:71:3a:4a:14:7c:
2c:de:dc:c0:ce:31:3a:20:47:25:c0:d0:28:cb:70:
95:cf:42:a5:c9:2d:5f:60:23:ec:51:0e:ae:15:11:
ef:04:86:3e:79:79:b0:15:cb:73:a7:20:d5:29:5f:
ff:e0:c2:a9:7f:21:6e:bf:1c:f0:bb:b4:23:e2:51:
f5:8e:3c:b1:fb:85:87:e8:6e:74:d8:6f:68:fc:b6:
2a:c6:f5:95:14:31:c3:78:70:a7:62:f9:95:9a:f6:
59:cb:fa:db:43:30:d1:36:34:6f:a7:c2:f0:47:cd:
8e:79:24:df:bd:62:92:e4:26:a0:a7:42:b8:08:87:
fe:fc:bc:f8:c1:76:ba:ab:c4:38:60:0e:80:cf:ee:
20:00:47:04:3d:4d:6f:f9:6c:4e:50:67:00:6c:e9:
b1:4f:4c:0d:21:fd:4d:22:07:e6:f7:a5:01:4a:e6:
5d:1a:07:74:97:be:e5:38:59:cb:c9:e1:f3:14:c7:
e2:0d:7f:e2:11:b5:25:63:f9:7e:ed:30:cb:51:3d:
95:5e:35:a5:b2:56:1b:ae:d5:f0:e1:be:0c:34:37:
22:69:c7:76:80:22:f5:29:7d:5e:a2:f8:85:9b:3f:
3a:0f:23:cd:20:8a:92:43:40:54:3f:2b:a5:3f:b8:
d4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:96:D0:09:62:D3:48:DD:E4:29:ED:C4:7D:0B:6B:42:FF:E1:5C:6C
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/ZZbQCWLTSN3kKe3EfQtrQv_hXGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
8a:0e:a0:31:a2:ca:93:21:3f:f5:65:bb:df:c9:cc:48:fc:f6:
01:31:14:88:45:42:14:ad:44:6c:7b:d8:de:44:f4:c8:f3:24:
b4:53:50:29:d8:8b:9f:43:bf:3d:81:47:dd:9b:e1:b7:35:96:
3f:f0:eb:70:0c:16:b9:55:6a:5b:00:f6:64:c3:8b:1a:43:e8:
de:c6:96:20:7b:ea:d1:bd:15:05:1d:58:f4:1a:ba:2d:66:fa:
23:29:44:2c:5c:8d:c8:d2:a5:72:4b:26:45:a6:3e:ef:f5:35:
4b:5b:18:27:37:ea:2e:97:7b:fa:74:7e:c6:41:b1:a7:43:0f:
9a:8e:14:bd:20:fb:8a:93:ab:2b:f2:2b:89:e2:a4:6c:3d:11:
15:ca:75:d4:c1:26:ec:8e:75:79:14:d3:a2:82:91:6e:6b:69:
66:c6:22:14:24:5e:a8:75:75:d8:c2:58:28:ad:eb:40:0f:02:
5a:8f:9e:89:f3:a9:f0:30:c1:a4:e2:5c:cc:0c:e2:cd:f8:e9:
9d:89:b5:32:6d:4b:3d:e3:84:10:ff:ce:bd:33:e8:86:fd:b9:
d0:ca:a2:fc:33:2a:1e:00:78:18:98:3f:f5:90:55:a5:03:03:
29:93:51:b2:64:84:96:c7:99:e7:d4:02:5e:b5:31:1d:22:ea:
dd:ca:16:ed
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykq+uiuQX8Xp00BYVpuNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTk2ZDAwOTYyZDM0OGRkZTQyOWVkYzQ3ZDBiNmI0MmZmZTE1YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4k8Wr0P1nE6ncTpKFHws3tzAzjE6
IEclwNAoy3CVz0KlyS1fYCPsUQ6uFRHvBIY+eXmwFctzpyDVKV//4MKpfyFuvxzw
u7Qj4lH1jjyx+4WH6G502G9o/LYqxvWVFDHDeHCnYvmVmvZZy/rbQzDRNjRvp8Lw
R82OeSTfvWKS5Cagp0K4CIf+/Lz4wXa6q8Q4YA6Az+4gAEcEPU1v+WxOUGcAbOmx
T0wNIf1NIgfm96UBSuZdGgd0l77lOFnLyeHzFMfiDX/iEbUlY/l+7TDLUT2VXjWl
slYbrtXw4b4MNDciacd2gCL1KX1eoviFmz86DyPNIIqSQ0BUPyulP7jU5wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFGWW0Ali00jd5CntxH0La0L/4VxsMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWlpiUUNXTFRTTjNrS2UzRWZRdHJRdl9oWEd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAIoOoDGiypMh
P/Vlu9/JzEj89gExFIhFQhStRGx72N5E9MjzJLRTUCnYi59Dvz2BR92b4bc1lj/w
63AMFrlValsA9mTDixpD6N7GliB76tG9FQUdWPQaui1m+iMpRCxcjcjSpXJLJkWm
Pu/1NUtbGCc36i6Xe/p0fsZBsadDD5qOFL0g+4qTqyvyK4nipGw9ERXKddTBJuyO
dXkU06KCkW5raWbGIhQkXqh1ddjCWCit60APAlqPnonzqfAwwaTiXMwM4s346Z2J
tTJtSz3jhBD/zr0z6Ib9udDKovwzKh4AeBiYP/WQVaUDAymTUbJkhJbHmefUAl61
MR0i6t3KFu0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:11 2026 by rpki-client