Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/e-r3kfSCFY6xAKPbi4DOHXKilHI.roa
File: e-r3kfSCFY6xAKPbi4DOHXKilHI.roa (raw, json)
Hash identifier: SvXMVTlRkPEcu+nalaJTcDrHKbqvl4vjsOQgzoBCE+8=
Subject key identifier: 7B:EA:F7:91:F4:82:15:8E:B1:00:A3:DB:8B:80:CE:1D:72:A2:94:72
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B57A867A75FE94C7CD7100916D59
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/e-r3kfSCFY6xAKPbi4DOHXKilHI.roa
Signing time: Thu 09 Apr 2026 14:08:30 +0000
ROA not before: Thu 09 Apr 2026 14:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396595
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b5:7a:86:7a:75:fe:94:c7:cd:71:00:91:6d:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7beaf791f482158eb100a3db8b80ce1d72a29472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1b:92:09:a9:e5:b6:a3:a8:20:5f:fa:e8:81:
69:8e:db:1b:4f:71:0b:e3:ec:22:17:f8:20:b0:ae:
d1:b0:95:f5:9e:19:8f:3e:ce:a8:ee:45:62:18:b2:
e6:3b:79:b2:2a:b0:10:92:e9:f3:59:3a:41:c2:8f:
cd:26:7c:1d:1f:dc:b2:6a:60:68:e2:09:24:f2:49:
af:b5:47:57:cb:0d:18:42:72:2b:66:c9:64:92:af:
0d:4a:a9:60:a7:17:e3:1a:d7:f9:83:fb:cb:63:15:
39:eb:8d:e0:a3:07:3a:f0:a7:d4:a5:ae:b9:d1:32:
8b:a3:29:f0:a9:d0:88:3a:27:9c:93:cd:3d:52:a3:
6a:f3:54:e3:b4:88:69:67:de:38:d0:0c:63:ed:8b:
79:20:9a:6d:60:df:16:b0:6c:43:73:c2:e2:04:d1:
e6:93:41:44:c0:54:57:65:8a:89:34:04:78:fa:35:
13:65:8d:8b:95:3a:e1:3b:03:84:21:4a:f6:6e:4b:
0b:e8:f7:0c:15:eb:61:ee:93:7f:60:be:c8:00:e5:
76:ff:e4:c9:87:be:e6:6c:8e:c3:21:8d:25:d6:47:
8d:ac:39:bd:27:8a:2b:f7:49:8b:2e:a5:06:05:4a:
51:7d:64:ec:b2:55:76:ed:70:b4:72:ca:a8:c7:2a:
ba:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EA:F7:91:F4:82:15:8E:B1:00:A3:DB:8B:80:CE:1D:72:A2:94:72
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/e-r3kfSCFY6xAKPbi4DOHXKilHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
93:df:4a:3a:33:2b:ad:46:d8:f2:e1:af:c4:84:89:be:05:ee:
2c:fc:0b:65:73:d3:e0:24:52:cc:85:c8:d3:7d:72:03:ab:8d:
b4:cb:6f:cd:38:f9:af:25:d8:a9:05:1b:83:21:70:03:42:33:
fd:14:24:29:08:b2:29:1a:65:6d:91:e2:0d:b1:67:06:78:0f:
9c:a2:7d:56:d2:06:f9:80:7e:ef:84:ef:3b:ac:f3:66:24:3c:
81:ed:de:7f:13:d9:61:f6:40:76:c7:96:12:7b:9c:fa:c8:11:
8b:59:e7:41:cc:cd:5a:c6:c2:ef:41:fa:83:e8:6a:4e:2b:df:
1a:e9:a1:4e:6f:98:48:aa:61:2e:9b:ac:a8:4e:06:53:9b:07:
c5:17:40:45:f2:cf:10:1b:f3:dc:c3:c8:53:16:dd:77:f3:e3:
a7:39:cb:f7:b0:01:4e:ee:23:5a:44:ca:75:14:3c:f1:93:85:
45:3a:a2:86:6f:da:9e:64:fc:9e:b8:bf:bf:2b:63:80:bc:b5:
1d:97:c0:48:c0:89:fa:b9:a1:67:2f:81:bf:63:08:a4:d5:22:
b3:3d:86:0b:0f:46:6b:b8:48:7a:66:2c:71:7d:dd:eb:e9:c8:
e3:08:31:be:b1:99:2a:af:47:6d:8f:d7:60:4f:2b:26:c3:70:
1f:15:b9:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrV6hnp1/pTHzXEAkW1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVhZjc5MWY0ODIxNThlYjEwMGEzZGI4YjgwY2UxZDcyYTI5NDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BuSCanltqOoIF/66IFpjtsbT3EL
4+wiF/ggsK7RsJX1nhmPPs6o7kViGLLmO3myKrAQkunzWTpBwo/NJnwdH9yyamBo
4gkk8kmvtUdXyw0YQnIrZslkkq8NSqlgpxfjGtf5g/vLYxU5643gowc68KfUpa65
0TKLoynwqdCIOieck809UqNq81TjtIhpZ9440Axj7Yt5IJptYN8WsGxDc8LiBNHm
k0FEwFRXZYqJNAR4+jUTZY2LlTrhOwOEIUr2bksL6PcMFeth7pN/YL7IAOV2/+TJ
h77mbI7DIY0l1keNrDm9J4or90mLLqUGBUpRfWTsslV27XC0csqoxyq6FwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHvq95H0ghWOsQCj24uAzh1yopRyMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZS1yM2tmU0NGWTZ4QUtQYmk0RE9IWEtpbEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAJPfSjozK61G
2PLhr8SEib4F7iz8C2Vz0+AkUsyFyNN9cgOrjbTLb804+a8l2KkFG4MhcANCM/0U
JCkIsikaZW2R4g2xZwZ4D5yifVbSBvmAfu+E7zus82YkPIHt3n8T2WH2QHbHlhJ7
nPrIEYtZ50HMzVrGwu9B+oPoak4r3xrpoU5vmEiqYS6brKhOBlObB8UXQEXyzxAb
89zDyFMW3Xfz46c5y/ewAU7uI1pEynUUPPGThUU6ooZv2p5k/J64v78rY4C8tR2X
wEjAifq5oWcvgb9jCKTVIrM9hgsPRmu4SHpmLHF93evpyOMIMb6xmSqvR22P12BP
KybDcB8VucU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:23 2026 by rpki-client