Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_CnplFz1HSb0gldXnUBOam2yDbw.roa
File: _CnplFz1HSb0gldXnUBOam2yDbw.roa (raw, json)
Hash identifier: YxG7ds2APiDmdhhGvSfjUB/JxOjdEY/0zFOKEnMDHnM=
Subject key identifier: FC:29:E9:94:5C:F5:1D:26:F4:82:57:57:9D:40:4E:6A:6D:B2:0D:BC
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292BFA45549F165ABCBB589C56997FB
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_CnplFz1HSb0gldXnUBOam2yDbw.roa
Signing time: Thu 09 Apr 2026 14:08:33 +0000
ROA not before: Thu 09 Apr 2026 14:08:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396612
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:bf:a4:55:49:f1:65:ab:cb:b5:89:c5:69:97:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc29e9945cf51d26f48257579d404e6a6db20dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c6:e4:a7:3d:b1:db:a8:da:4a:a3:82:d8:ea:
84:89:c0:87:ad:93:fc:bc:91:cf:c2:a1:52:ff:a1:
78:40:4a:dd:b5:50:6d:e8:25:cc:73:2a:44:59:87:
69:be:31:78:42:61:39:f9:35:a5:ff:97:c8:84:60:
03:ff:bd:6e:55:b1:1e:3f:57:39:17:05:3f:b2:74:
27:63:83:b5:f2:f2:7b:55:52:39:23:d9:24:db:35:
b9:99:ee:56:57:9a:3c:08:45:6b:88:5e:92:3e:ce:
e0:20:f4:a6:dd:20:06:de:45:66:9f:24:d6:fc:71:
d3:1d:20:1c:d3:e7:7b:cc:46:a1:24:85:b3:ea:6d:
bf:81:ac:dc:f5:62:08:06:b3:fc:59:ff:15:9a:31:
6e:34:43:29:64:9f:8c:22:bc:6a:8d:e8:43:bd:74:
1e:2f:31:b2:ff:a1:59:2d:1f:eb:9b:a8:41:c6:64:
0c:8e:89:eb:eb:c9:ff:ed:f3:db:43:73:04:32:85:
ee:af:15:85:64:30:f4:a0:4a:95:bb:94:5d:6b:c7:
2a:6b:df:22:6b:f3:e3:3c:cf:e7:e7:44:05:28:a7:
c8:3b:21:16:96:c6:1b:c8:7a:72:ac:4e:9d:ad:a7:
0f:bb:17:7d:c5:cc:2d:4b:7d:9b:77:9d:b1:62:a2:
f5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:29:E9:94:5C:F5:1D:26:F4:82:57:57:9D:40:4E:6A:6D:B2:0D:BC
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/_CnplFz1HSb0gldXnUBOam2yDbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
26:80:df:1d:5a:ca:6f:93:06:dc:5b:2d:dc:d1:19:d8:cb:6e:
1a:80:e0:21:e3:95:98:a7:c7:6b:09:e3:a5:9d:66:17:f6:70:
23:2a:a1:9e:dd:8d:df:78:b4:bd:cb:00:9d:c0:49:16:22:6a:
7a:f1:e1:31:d9:1b:55:2d:7c:c9:6d:9a:28:65:94:8d:29:a3:
57:a4:9b:e9:e6:dd:b0:f7:b6:f7:1d:5d:95:83:11:a1:ad:1d:
54:f0:aa:8a:b9:ad:2a:5c:94:cc:4c:e1:5a:7b:3b:9a:6d:96:
aa:dd:9e:f1:78:39:99:0d:40:a1:7f:4d:05:34:e1:7c:b7:d9:
67:2a:30:cf:2a:d2:04:c8:ed:47:d4:51:c2:25:5d:9c:f6:33:
b3:c7:92:9e:e7:9b:d2:b0:16:06:b8:ee:c5:bc:bb:98:74:4a:
17:c0:98:e1:0d:3e:9e:e5:64:e8:17:08:7f:18:77:41:21:90:
b1:3e:5b:e0:44:26:0f:7a:0f:8d:91:cf:37:85:63:33:49:5d:
3b:30:fd:cd:e9:f2:8c:fc:72:f0:28:8c:1a:c6:b4:0b:15:a4:
06:5a:12:0b:2b:e8:ae:81:04:be:0c:68:65:40:bf:c1:b8:95:
0d:5e:be:21:92:c3:6f:78:12:3f:8e:cd:5b:39:cf:7a:07:18:
cc:5a:53:34
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykr+kVUnxZavLtYnFaZf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI5ZTk5NDVjZjUxZDI2ZjQ4MjU3NTc5ZDQwNGU2YTZkYjIwZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8bkpz2x26jaSqOC2OqEicCHrZP8
vJHPwqFS/6F4QErdtVBt6CXMcypEWYdpvjF4QmE5+TWl/5fIhGAD/71uVbEeP1c5
FwU/snQnY4O18vJ7VVI5I9kk2zW5me5WV5o8CEVriF6SPs7gIPSm3SAG3kVmnyTW
/HHTHSAc0+d7zEahJIWz6m2/gazc9WIIBrP8Wf8VmjFuNEMpZJ+MIrxqjehDvXQe
LzGy/6FZLR/rm6hBxmQMjonr68n/7fPbQ3MEMoXurxWFZDD0oEqVu5Rda8cqa98i
a/PjPM/n50QFKKfIOyEWlsYbyHpyrE6dracPuxd9xcwtS32bd52xYqL1kQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPwp6ZRc9R0m9IJXV51ATmptsg28MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvX0NucGxGejFIU2IwZ2xkWG5VQk9hbTJ5RGJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBACaA3x1aym+T
BtxbLdzRGdjLbhqA4CHjlZinx2sJ46WdZhf2cCMqoZ7djd94tL3LAJ3ASRYianrx
4THZG1UtfMltmihllI0po1ekm+nm3bD3tvcdXZWDEaGtHVTwqoq5rSpclMxM4Vp7
O5ptlqrdnvF4OZkNQKF/TQU04Xy32WcqMM8q0gTI7UfUUcIlXZz2M7PHkp7nm9Kw
Fga47sW8u5h0ShfAmOENPp7lZOgXCH8Yd0EhkLE+W+BEJg96D42RzzeFYzNJXTsw
/c3p8oz8cvAojBrGtAsVpAZaEgsr6K6BBL4MaGVAv8G4lQ1eviGSw294Ej+OzVs5
z3oHGMxaUzQ=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:20:27 2026 by rpki-client