Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/dThRt8yDoiGhEgtUTL4YsntGZWU.roa
File: dThRt8yDoiGhEgtUTL4YsntGZWU.roa (raw, json)
Hash identifier: 52GiD2dAj63VOvSPFmuAyE6AIBLpBGSSY14TBY6JieQ=
Subject key identifier: 75:38:51:B7:CC:83:A2:21:A1:12:0B:54:4C:BE:18:B2:7B:46:65:65
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B3353633BD0DF4E3789E1B1F74AA
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/dThRt8yDoiGhEgtUTL4YsntGZWU.roa
Signing time: Thu 09 Apr 2026 14:08:29 +0000
ROA not before: Thu 09 Apr 2026 14:08:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396590
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b3:35:36:33:bd:0d:f4:e3:78:9e:1b:1f:74:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=753851b7cc83a221a1120b544cbe18b27b466565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dc:97:3b:cd:94:ab:41:b8:a0:5f:1d:38:00:
fe:cf:32:be:c3:ce:81:71:7e:5a:24:fe:19:28:fc:
a3:1b:f0:cb:9a:63:8b:dc:43:a1:9d:31:c5:2d:b4:
44:7e:c1:39:ec:db:c7:15:15:b6:a8:07:9a:17:12:
6c:c3:d5:23:54:5f:cd:21:0c:fd:71:de:5b:ef:aa:
17:c3:5f:c3:fc:a9:d1:12:3f:39:ef:97:ee:66:ef:
61:c7:62:9d:c9:f0:85:1e:07:dd:04:2b:43:fa:db:
bf:bb:e8:ba:2b:ac:b0:48:b5:22:54:57:7a:b4:c3:
b3:5c:e5:6d:24:d1:9a:ae:6b:81:0f:8b:29:44:18:
f2:f3:fa:b2:5e:9e:16:b9:b6:a1:d3:bb:09:8a:a5:
a2:80:d7:ff:ed:e8:6b:85:fe:79:39:a2:4c:87:03:
9d:16:47:f0:58:b3:dc:f7:ac:a4:8b:50:06:f9:32:
78:00:76:56:a8:ab:30:52:ff:eb:27:19:88:07:24:
6b:be:37:aa:cf:e5:1a:4b:80:73:e1:6c:4e:15:08:
6f:b4:cc:90:36:17:49:1e:bc:14:ed:70:b6:7d:af:
da:78:fc:42:39:bc:9c:5d:68:95:61:95:e4:ca:24:
3e:85:9d:20:17:9c:02:1e:15:ac:da:59:1e:eb:f5:
a9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:38:51:B7:CC:83:A2:21:A1:12:0B:54:4C:BE:18:B2:7B:46:65:65
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/dThRt8yDoiGhEgtUTL4YsntGZWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
bc:30:ff:35:a0:86:2b:11:23:c9:52:25:f9:2a:ae:c8:f9:ce:
99:43:76:1b:d8:12:58:1d:ac:ad:fd:0e:56:ab:e3:b1:b0:e0:
7c:c5:c9:fd:6c:17:52:f8:1d:aa:22:a7:f9:c8:7d:94:eb:2d:
67:2b:c5:c4:6b:d7:86:de:bf:2c:a0:95:71:85:8d:1c:6f:c2:
e6:45:e0:ec:77:cc:f8:d7:11:b0:c6:71:41:3b:a5:98:97:1d:
e5:65:8a:d3:ae:04:a2:b8:ea:73:67:0a:25:94:9f:e3:ce:6f:
96:82:e9:ed:3a:b7:92:c0:65:8a:64:a8:86:16:54:e5:a5:52:
59:ff:9d:9e:40:c7:44:ad:d8:b1:2e:74:ec:73:12:41:a7:11:
18:9a:f9:74:d8:3e:86:4c:8a:aa:5e:48:39:02:47:8b:f1:6b:
62:ca:a0:2d:05:94:fb:f3:11:8a:a1:58:0f:89:97:a0:68:2d:
c3:8c:78:cd:35:3b:77:32:54:68:3f:af:35:f0:48:12:72:a6:
5b:9f:ee:60:13:d0:7b:70:5a:07:62:fa:c1:93:8e:04:18:a5:
4e:7a:d1:a3:3d:c2:f0:b7:ef:21:05:ba:b0:c0:01:b4:d9:a9:
ae:90:82:4a:07:af:8e:c8:f5:31:f1:ff:50:0d:80:59:58:47:
20:ea:71:fc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrM1NjO9DfTjeJ4bH3SqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM4NTFiN2NjODNhMjIxYTExMjBiNTQ0Y2JlMThiMjdiNDY2NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNyXO82Uq0G4oF8dOAD+zzK+w86B
cX5aJP4ZKPyjG/DLmmOL3EOhnTHFLbREfsE57NvHFRW2qAeaFxJsw9UjVF/NIQz9
cd5b76oXw1/D/KnREj8575fuZu9hx2KdyfCFHgfdBCtD+tu/u+i6K6ywSLUiVFd6
tMOzXOVtJNGarmuBD4spRBjy8/qyXp4Wubah07sJiqWigNf/7ehrhf55OaJMhwOd
FkfwWLPc96yki1AG+TJ4AHZWqKswUv/rJxmIByRrvjeqz+UaS4Bz4WxOFQhvtMyQ
NhdJHrwU7XC2fa/aePxCObycXWiVYZXkyiQ+hZ0gF5wCHhWs2lke6/WplQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHU4UbfMg6IhoRILVEy+GLJ7RmVlMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZFRoUnQ4eURvaUdoRWd0VVRMNFlzbnRHWldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBALww/zWghisR
I8lSJfkqrsj5zplDdhvYElgdrK39Dlar47Gw4HzFyf1sF1L4Haoip/nIfZTrLWcr
xcRr14bevyyglXGFjRxvwuZF4Ox3zPjXEbDGcUE7pZiXHeVlitOuBKK46nNnCiWU
n+POb5aC6e06t5LAZYpkqIYWVOWlUln/nZ5Ax0St2LEudOxzEkGnERia+XTYPoZM
iqpeSDkCR4vxa2LKoC0FlPvzEYqhWA+Jl6BoLcOMeM01O3cyVGg/rzXwSBJypluf
7mAT0HtwWgdi+sGTjgQYpU560aM9wvC37yEFurDAAbTZqa6QgkoHr47I9THx/1AN
gFlYRyDqcfw=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:00:28 2026 by rpki-client