Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/eKQI50T4xUI1isPtb1v37TtRSlE.roa
File: eKQI50T4xUI1isPtb1v37TtRSlE.roa (raw, json)
Hash identifier: kbwKMb0BidV7CJ/ZOjRF2bIkR8RVjeTa26o02ZsPZAY=
Subject key identifier: 78:A4:08:E7:44:F8:C5:42:35:8A:C3:ED:6F:5B:F7:ED:3B:51:4A:51
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D72929F5A91DA95A197005BDE51C2D7C6
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/eKQI50T4xUI1isPtb1v37TtRSlE.roa
Signing time: Thu 09 Apr 2026 14:08:24 +0000
ROA not before: Thu 09 Apr 2026 14:08:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211369
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:9f:5a:91:da:95:a1:97:00:5b:de:51:c2:d7:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=78a408e744f8c542358ac3ed6f5bf7ed3b514a51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d2:70:bd:4d:44:95:b9:41:ab:a4:93:55:0e:
5c:40:eb:04:08:2a:83:75:cf:0e:4f:f6:76:51:4a:
83:fa:fc:34:d1:72:aa:fa:28:db:e4:f5:3d:ac:1b:
5c:98:26:6f:f9:bd:fc:16:9c:be:bd:6d:b5:3c:a0:
ba:af:d9:ed:79:23:b5:05:a1:99:4d:e8:ad:cb:fc:
e4:12:2f:d9:cd:a9:f4:da:0f:18:57:0e:b0:a2:e9:
6c:1b:e0:6f:c3:50:36:35:f0:bb:3e:42:67:eb:b4:
b8:2b:99:6a:4b:57:aa:3a:af:9e:2e:5e:5d:95:be:
e1:6b:a1:53:75:96:98:70:c7:c1:f5:76:78:81:9c:
35:c7:04:49:ef:95:d5:55:82:b5:32:02:cd:b6:98:
be:3d:46:8d:4c:51:1e:25:7f:16:94:5d:ee:9a:9f:
64:96:eb:d2:72:69:12:b5:d5:f2:1a:f8:bd:71:cb:
fa:7c:68:d0:38:4c:17:73:8a:6d:06:49:36:9b:9e:
a8:7c:c2:95:45:6f:9e:33:ef:d0:9c:15:8e:b3:3e:
94:4f:f0:93:99:2b:67:b1:65:04:c6:3c:9b:28:1d:
76:4b:22:a8:95:d9:93:20:5d:6f:2c:86:29:18:21:
2b:81:99:d1:d0:31:30:b0:f3:8c:21:b2:0c:5f:e3:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A4:08:E7:44:F8:C5:42:35:8A:C3:ED:6F:5B:F7:ED:3B:51:4A:51
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/eKQI50T4xUI1isPtb1v37TtRSlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
a6:5a:16:89:10:11:35:24:c2:63:63:13:9f:69:ee:06:25:aa:
f3:10:50:6d:6f:d9:28:5a:fa:61:55:3a:8d:e7:21:e2:39:bb:
45:79:cf:51:d1:32:4a:c8:b6:69:26:ab:1f:62:5a:c8:e0:43:
c1:aa:ce:e9:b9:6f:a1:6e:b7:f3:fd:6a:91:ae:1b:69:b8:d9:
1c:ab:8f:9b:c2:8d:4a:7f:83:b8:ac:ef:6b:5c:e8:01:8e:c1:
55:d1:14:a9:5b:d2:3c:e2:d9:18:ba:8f:b2:ec:92:64:aa:f9:
e4:51:f5:37:6b:b1:c0:72:1d:6d:e0:bf:fd:2d:10:52:2b:01:
fd:69:90:04:90:13:4d:7b:bc:f0:17:a5:97:ae:b1:c5:af:cb:
91:b8:06:8e:de:01:b5:4d:49:95:cd:99:3e:b4:d3:0f:6d:3b:
d8:a9:b7:af:12:cd:ab:87:2f:aa:94:14:96:3c:b6:7a:bc:f8:
04:4e:2b:86:16:6c:65:57:82:59:97:1e:e3:a9:7f:5b:79:f0:
84:ec:8d:b5:4f:3e:34:c9:ae:03:eb:9b:eb:3f:1c:c0:58:76:
bb:13:95:18:1f:aa:ba:44:e3:c3:bd:4c:12:ab:c7:53:6c:07:
ae:76:74:37:43:74:98:90:60:51:d9:c5:c7:ab:13:a8:48:51:
2a:07:95:72
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykp9akdqVoZcAW95RwtfGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE0MDhlNzQ0ZjhjNTQyMzU4YWMzZWQ2ZjViZjdlZDNiNTE0YTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNJwvU1ElblBq6STVQ5cQOsECCqD
dc8OT/Z2UUqD+vw00XKq+ijb5PU9rBtcmCZv+b38Fpy+vW21PKC6r9nteSO1BaGZ
Teity/zkEi/Zzan02g8YVw6woulsG+Bvw1A2NfC7PkJn67S4K5lqS1eqOq+eLl5d
lb7ha6FTdZaYcMfB9XZ4gZw1xwRJ75XVVYK1MgLNtpi+PUaNTFEeJX8WlF3ump9k
luvScmkStdXyGvi9ccv6fGjQOEwXc4ptBkk2m56ofMKVRW+eM+/QnBWOsz6UT/CT
mStnsWUExjybKB12SyKoldmTIF1vLIYpGCErgZnR0DEwsPOMIbIMX+PMYwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHikCOdE+MVCNYrD7W9b9+07UUpRMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZUtRSTUwVDR4VUkxaXNQdGIxdjM3VHRSU2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAKZaFokQETUk
wmNjE59p7gYlqvMQUG1v2Sha+mFVOo3nIeI5u0V5z1HRMkrItmkmqx9iWsjgQ8Gq
zum5b6Fut/P9apGuG2m42Ryrj5vCjUp/g7is72tc6AGOwVXRFKlb0jzi2Ri6j7Ls
kmSq+eRR9TdrscByHW3gv/0tEFIrAf1pkASQE017vPAXpZeuscWvy5G4Bo7eAbVN
SZXNmT600w9tO9ipt68SzauHL6qUFJY8tnq8+AROK4YWbGVXglmXHuOpf1t58ITs
jbVPPjTJrgPrm+s/HMBYdrsTlRgfqrpE48O9TBKrx1NsB652dDdDdJiQYFHZxcer
E6hIUSoHlXI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:20:23 2026 by rpki-client