Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fUzy-dDF8ZBAvKSR3aHbYw-qnoU.roa
File: fUzy-dDF8ZBAvKSR3aHbYw-qnoU.roa (raw, json)
Hash identifier: ZJyXeKUfuNBB6Q436+Q7ZR2WrpO95R1zyw8Rj88kq6E=
Subject key identifier: 7D:4C:F2:F9:D0:C5:F1:90:40:BC:A4:91:DD:A1:DB:63:0F:AA:9E:85
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292CA2B4372DB5F7BC73431CA4FA98C
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fUzy-dDF8ZBAvKSR3aHbYw-qnoU.roa
Signing time: Thu 09 Apr 2026 14:08:35 +0000
ROA not before: Thu 09 Apr 2026 14:08:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397208
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:ca:2b:43:72:db:5f:7b:c7:34:31:ca:4f:a9:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7d4cf2f9d0c5f19040bca491dda1db630faa9e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:86:0c:1c:6c:62:25:dd:ac:f1:ef:02:44:5d:
0f:51:13:6f:7c:3d:6f:7f:06:4c:15:5d:71:cc:c1:
88:6e:9f:16:9b:e2:75:32:de:ee:64:a6:e3:ba:58:
83:82:dc:b8:98:57:82:59:40:7f:be:20:5b:b1:bb:
bc:f1:0a:9f:20:39:3d:50:ef:1d:11:58:be:1b:8b:
5d:18:48:8d:79:d0:f8:63:14:e6:de:ef:d4:80:13:
58:5c:26:40:a0:a1:9d:bf:c3:05:e1:e0:09:a2:43:
ad:da:b6:74:ab:37:5b:1f:ef:3f:57:ec:bb:8a:58:
96:63:69:3b:80:68:7c:f7:74:a4:7f:c7:c1:c7:61:
8f:43:9e:f9:7e:9a:bb:d2:d8:22:4f:14:27:f3:fa:
f8:18:3e:67:95:f9:be:bd:91:23:d9:5f:a2:99:89:
f7:de:95:40:cc:e7:98:c3:bd:42:7e:88:a6:e5:5a:
9b:f3:14:34:9d:84:dd:ee:3f:88:ec:72:5f:98:5b:
b6:7f:38:41:cd:cc:5c:af:25:99:86:58:0c:83:dc:
fd:9a:fc:f2:96:bc:e2:c4:d8:42:65:0f:0e:90:f1:
6d:84:38:fd:23:70:be:a9:5a:7b:f3:7b:9c:da:50:
53:4a:3e:46:fe:e1:85:bf:66:0f:26:40:6d:09:b6:
81:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:4C:F2:F9:D0:C5:F1:90:40:BC:A4:91:DD:A1:DB:63:0F:AA:9E:85
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/fUzy-dDF8ZBAvKSR3aHbYw-qnoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
49:57:65:26:e8:29:af:6b:2c:e2:c4:c1:2c:23:23:74:ae:f7:
3b:e9:a5:f9:1e:14:99:b5:e7:66:0c:21:79:43:2d:b3:f9:0e:
e6:52:85:67:8b:93:22:df:1e:d0:39:3f:45:45:35:73:0c:82:
6d:65:24:2b:41:2e:9b:b2:2c:81:36:73:f4:3c:87:99:ba:a0:
7b:5d:3a:3f:33:4e:16:6b:86:d2:20:7a:ee:44:3e:84:14:e9:
f2:af:ce:95:b8:27:f4:0e:bb:7d:a3:f9:5f:4c:27:56:b5:fa:
b8:77:9c:5e:06:91:0d:e9:b6:0c:e1:cb:63:5d:c8:a1:ee:f6:
54:fa:00:14:e7:42:56:13:5b:ad:7e:25:8e:2f:12:1e:80:cf:
e3:6f:8a:ee:eb:7b:4f:d4:fe:39:66:6d:34:73:dc:8a:f8:71:
db:aa:37:48:88:2a:de:52:bb:0b:6d:b8:d1:46:a3:77:05:8f:
80:c6:72:cb:a4:09:92:a3:1e:01:53:92:b4:d0:b7:cf:0b:14:
79:6c:6b:3d:96:e4:9c:7c:47:e8:a4:4b:70:ad:81:10:5b:0c:
c1:80:57:45:6c:2e:ce:29:e8:de:d4:65:04:fe:aa:e3:ce:9c:
d0:7c:3c:3e:3b:5f:8a:4e:c4:07:47:f2:61:f7:d8:c6:5c:c3:
84:b2:07:25
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksorQ3LbX3vHNDHKT6mMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDRjZjJmOWQwYzVmMTkwNDBiY2E0OTFkZGExZGI2MzBmYWE5ZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4YMHGxiJd2s8e8CRF0PURNvfD1v
fwZMFV1xzMGIbp8Wm+J1Mt7uZKbjuliDgty4mFeCWUB/viBbsbu88QqfIDk9UO8d
EVi+G4tdGEiNedD4YxTm3u/UgBNYXCZAoKGdv8MF4eAJokOt2rZ0qzdbH+8/V+y7
iliWY2k7gGh893Skf8fBx2GPQ575fpq70tgiTxQn8/r4GD5nlfm+vZEj2V+imYn3
3pVAzOeYw71Cfoim5Vqb8xQ0nYTd7j+I7HJfmFu2fzhBzcxcryWZhlgMg9z9mvzy
lrzixNhCZQ8OkPFthDj9I3C+qVp783uc2lBTSj5G/uGFv2YPJkBtCbaBwQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFH1M8vnQxfGQQLykkd2h22MPqp6FMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZlV6eS1kREY4WkJBdktTUjNhSGJZdy1xbm9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAElXZSboKa9r
LOLEwSwjI3Su9zvppfkeFJm152YMIXlDLbP5DuZShWeLkyLfHtA5P0VFNXMMgm1l
JCtBLpuyLIE2c/Q8h5m6oHtdOj8zThZrhtIgeu5EPoQU6fKvzpW4J/QOu32j+V9M
J1a1+rh3nF4GkQ3ptgzhy2NdyKHu9lT6ABTnQlYTW61+JY4vEh6Az+Nviu7re0/U
/jlmbTRz3Ir4cduqN0iIKt5SuwttuNFGo3cFj4DGcsukCZKjHgFTkrTQt88LFHls
az2W5Jx8R+ikS3CtgRBbDMGAV0VsLs4p6N7UZQT+quPOnNB8PD47X4pOxAdH8mH3
2MZcw4SyByU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:31:24 2026 by rpki-client