Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/bgPsAHuKoqi_yy8ItcCHE4nhDAQ.roa
File: bgPsAHuKoqi_yy8ItcCHE4nhDAQ.roa (raw, json)
Hash identifier: 5pb+5OGf5yC/p7qgvCDfxB+3dVjgVauSYQJoD2TZXFQ=
Subject key identifier: 6E:03:EC:00:7B:8A:A2:A8:BF:CB:2F:08:B5:C0:87:13:89:E1:0C:04
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B9581684DE34FAE471D90352CF6B
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/bgPsAHuKoqi_yy8ItcCHE4nhDAQ.roa
Signing time: Thu 09 Apr 2026 14:08:31 +0000
ROA not before: Thu 09 Apr 2026 14:08:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396603
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b9:58:16:84:de:34:fa:e4:71:d9:03:52:cf:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e03ec007b8aa2a8bfcb2f08b5c0871389e10c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5b:bf:d1:9f:ed:54:13:62:47:62:4f:5d:1f:
ec:f6:c7:15:fb:89:35:19:ab:db:84:db:6f:4b:9b:
3f:e0:a1:6c:67:d2:77:8d:3b:91:93:bb:df:57:a5:
b8:44:56:59:a6:2c:70:43:a9:bb:68:6d:8b:7f:44:
ab:a4:bc:d2:5d:36:f0:eb:0e:2d:86:d5:6c:38:7b:
50:f7:a1:7b:f3:46:24:9e:f9:b9:bc:56:4e:98:c8:
c9:ff:89:19:48:9d:35:a7:45:99:b8:59:d1:b8:ec:
59:3b:62:09:75:1c:06:f9:2f:67:6d:a2:55:f7:5a:
9d:b1:26:bf:36:b8:38:ab:84:88:00:26:af:67:45:
06:cf:03:38:3e:67:29:06:ac:2b:65:24:d5:b4:d9:
35:26:82:c6:c0:aa:67:d5:23:ca:15:5a:bf:d3:6a:
c7:f3:f8:d1:8d:ed:07:df:46:aa:3c:65:34:32:c2:
fe:8d:27:b8:02:44:e5:19:4d:e2:06:d1:34:d5:ce:
dc:be:20:f3:1a:48:b5:e2:de:1c:e4:70:94:4d:2a:
07:02:e1:07:c7:20:c7:32:d2:01:fe:80:82:53:65:
da:d8:0c:22:85:dc:b9:29:0b:ef:ba:e2:50:6e:9e:
07:d1:5e:e3:64:13:b2:b2:9d:6b:e1:ea:29:29:79:
7c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:03:EC:00:7B:8A:A2:A8:BF:CB:2F:08:B5:C0:87:13:89:E1:0C:04
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/bgPsAHuKoqi_yy8ItcCHE4nhDAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
73:36:a9:26:cf:25:11:43:f3:8c:15:1b:91:47:14:e7:d3:0c:
15:89:05:49:a8:b1:4e:87:2e:e5:aa:05:93:a9:bc:71:3d:d7:
0d:f7:f7:4b:88:3b:46:96:48:8e:9d:86:bc:22:92:39:8e:22:
28:59:b4:dc:54:c7:02:28:f5:50:21:55:e9:07:a6:44:0a:e9:
59:16:af:7e:60:dc:0e:7e:45:15:e2:9c:2d:da:33:a8:a9:86:
ac:b4:7d:f9:a9:51:e3:34:8e:56:4e:14:b3:59:25:6c:53:18:
48:b3:7c:d2:e8:50:c7:f3:23:6d:d6:98:95:bb:67:8d:a8:d7:
cd:7b:3f:dd:d5:36:97:aa:9a:af:7e:d7:31:e8:f0:c8:11:3c:
b0:33:48:ef:25:77:18:c7:b1:67:e2:1c:6d:8b:0b:06:d9:50:
ff:48:e9:3d:29:9d:8d:30:6a:9f:91:6e:dc:1d:6f:4f:db:e1:
82:6c:38:2e:16:5a:a9:05:96:b2:f0:ed:34:a1:92:c6:bd:c1:
20:96:b4:db:63:60:7c:d0:ef:75:29:4b:ff:01:07:30:47:6c:
1a:2c:ed:70:02:c6:e5:92:dd:f9:f4:a4:0d:8c:90:4e:c6:6e:
74:51:61:39:b6:23:15:2e:47:27:f9:42:c5:61:1a:3e:71:31:
d5:dd:ef:0e
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrlYFoTeNPrkcdkDUs9rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAzZWMwMDdiOGFhMmE4YmZjYjJmMDhiNWMwODcxMzg5ZTEwYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Fu/0Z/tVBNiR2JPXR/s9scV+4k1
GavbhNtvS5s/4KFsZ9J3jTuRk7vfV6W4RFZZpixwQ6m7aG2Lf0SrpLzSXTbw6w4t
htVsOHtQ96F780Yknvm5vFZOmMjJ/4kZSJ01p0WZuFnRuOxZO2IJdRwG+S9nbaJV
91qdsSa/Nrg4q4SIACavZ0UGzwM4PmcpBqwrZSTVtNk1JoLGwKpn1SPKFVq/02rH
8/jRje0H30aqPGU0MsL+jSe4AkTlGU3iBtE01c7cviDzGki14t4c5HCUTSoHAuEH
xyDHMtIB/oCCU2Xa2Awihdy5KQvvuuJQbp4H0V7jZBOysp1r4eopKXl8wQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG4D7AB7iqKov8svCLXAhxOJ4QwEMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvYmdQc0FIdUtvcWlfeXk4SXRjQ0hFNG5oREFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAHM2qSbPJRFD
84wVG5FHFOfTDBWJBUmosU6HLuWqBZOpvHE91w3390uIO0aWSI6dhrwikjmOIihZ
tNxUxwIo9VAhVekHpkQK6VkWr35g3A5+RRXinC3aM6iphqy0ffmpUeM0jlZOFLNZ
JWxTGEizfNLoUMfzI23WmJW7Z42o1817P93VNpeqmq9+1zHo8MgRPLAzSO8ldxjH
sWfiHG2LCwbZUP9I6T0pnY0wap+Rbtwdb0/b4YJsOC4WWqkFlrLw7TShksa9wSCW
tNtjYHzQ73UpS/8BBzBHbBos7XACxuWS3fn0pA2MkE7GbnRRYTm2IxUuRyf5QsVh
Gj5xMdXd7w4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:23 2026 by rpki-client