Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hCw_OZGJ0jU_LusQCu6vYzXWDp8.roa
File: hCw_OZGJ0jU_LusQCu6vYzXWDp8.roa (raw, json)
Hash identifier: CstgeDKbArYXpI6DBfACsUvws4pN/2tPBdVQv3TEUiE=
Subject key identifier: 84:2C:3F:39:91:89:D2:35:3F:2E:EB:10:0A:EE:AF:63:35:D6:0E:9F
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B38553804B98D7F9DBE6A1655F8E
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hCw_OZGJ0jU_LusQCu6vYzXWDp8.roa
Signing time: Thu 09 Apr 2026 14:08:30 +0000
ROA not before: Thu 09 Apr 2026 14:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396591
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b3:85:53:80:4b:98:d7:f9:db:e6:a1:65:5f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=842c3f399189d2353f2eeb100aeeaf6335d60e9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ba:be:36:b6:a9:32:ca:3d:32:b9:09:0e:89:
63:fc:a3:23:e9:1b:6b:6c:14:d2:b7:e0:e7:6b:f8:
8d:67:f4:5b:7a:c8:0b:08:67:90:62:4f:1c:20:8f:
d6:c7:91:ec:22:6e:44:36:07:53:7d:93:49:f9:d2:
a2:6c:f5:f5:fe:30:7e:43:1d:f3:ff:04:0a:42:b9:
a6:50:f5:e2:31:a8:43:ff:2f:64:25:b3:ea:28:92:
56:35:99:da:17:a8:a7:11:dd:22:0e:89:98:19:ea:
4a:6e:d8:7f:05:c7:67:45:05:b5:4b:ca:c6:f8:4a:
82:37:24:15:2b:19:75:38:65:23:08:ee:56:17:2b:
8a:b8:98:cf:10:5e:83:a3:df:59:4a:50:bb:f6:54:
3a:75:32:67:fb:93:06:44:a6:c4:f8:78:3e:8e:b1:
c2:2a:7e:e6:64:18:41:ca:bc:0e:dc:08:5a:cd:69:
88:40:2e:5e:4f:7b:72:1a:08:80:d9:f4:37:e6:4b:
bb:b9:94:84:2f:46:4e:b4:99:0e:64:65:3d:68:f5:
94:d0:0f:08:17:c4:56:08:ca:07:f2:7e:3a:14:fa:
b3:93:fc:a8:b7:e9:9a:4e:40:fc:94:85:0e:92:cc:
87:ec:41:83:23:9b:b9:47:77:94:4d:21:15:d5:8b:
c3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:2C:3F:39:91:89:D2:35:3F:2E:EB:10:0A:EE:AF:63:35:D6:0E:9F
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hCw_OZGJ0jU_LusQCu6vYzXWDp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
1f:d3:94:d3:fd:dd:85:ad:84:d3:ac:81:72:02:54:ef:cd:fa:
3e:d5:67:50:b7:0a:9a:fc:26:9a:ac:31:c7:03:f5:51:6c:bf:
e6:00:f5:68:fb:e2:1a:11:91:1e:28:77:71:53:84:0c:44:4f:
e1:10:45:60:58:8a:5b:c1:d8:1a:94:49:e7:c1:f3:99:03:46:
35:9a:5b:f0:78:f8:ed:4a:5c:8b:5a:65:2d:cb:92:32:64:80:
91:e1:6e:21:6b:73:2c:13:9b:30:84:91:00:a9:b4:53:87:1c:
67:a9:15:e3:2c:24:0d:4a:cf:93:59:fd:0b:46:f5:bb:77:b8:
ca:8f:23:fb:b8:8e:da:2b:ae:52:58:6f:c4:78:16:5a:6d:d4:
82:d8:be:d9:83:a5:16:b7:a3:20:5a:31:36:c9:58:cc:ec:b5:
ff:67:32:49:ea:1e:bc:eb:f1:ba:6c:9c:94:0e:97:61:6c:e2:
8f:24:84:e1:1c:f6:1c:53:22:e6:61:77:a1:c8:9c:54:2f:0c:
20:c7:11:22:34:fb:dc:aa:ce:2a:53:5a:b9:0c:8e:c6:33:1f:
58:f3:e6:d0:b5:ec:f3:61:8e:6f:2a:de:d9:d8:4b:b4:91:c9:
38:ca:de:ae:49:dc:90:73:9b:1a:03:fe:0e:01:2a:76:22:c1:
d0:f6:79:28
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrOFU4BLmNf52+ahZV+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDJjM2YzOTkxODlkMjM1M2YyZWViMTAwYWVlYWY2MzM1ZDYwZTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLq+NrapMso9MrkJDolj/KMj6Rtr
bBTSt+Dna/iNZ/RbesgLCGeQYk8cII/Wx5HsIm5ENgdTfZNJ+dKibPX1/jB+Qx3z
/wQKQrmmUPXiMahD/y9kJbPqKJJWNZnaF6inEd0iDomYGepKbth/BcdnRQW1S8rG
+EqCNyQVKxl1OGUjCO5WFyuKuJjPEF6Do99ZSlC79lQ6dTJn+5MGRKbE+Hg+jrHC
Kn7mZBhByrwO3AhazWmIQC5eT3tyGgiA2fQ35ku7uZSEL0ZOtJkOZGU9aPWU0A8I
F8RWCMoH8n46FPqzk/yot+maTkD8lIUOksyH7EGDI5u5R3eUTSEV1YvDEwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIQsPzmRidI1Py7rEArur2M11g6fMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaEN3X09aR0owalVfTHVzUUN1NnZZelhXRHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAB/TlNP93YWt
hNOsgXICVO/N+j7VZ1C3Cpr8JpqsMccD9VFsv+YA9Wj74hoRkR4od3FThAxET+EQ
RWBYilvB2BqUSefB85kDRjWaW/B4+O1KXItaZS3LkjJkgJHhbiFrcywTmzCEkQCp
tFOHHGepFeMsJA1Kz5NZ/QtG9bt3uMqPI/u4jtorrlJYb8R4Flpt1ILYvtmDpRa3
oyBaMTbJWMzstf9nMknqHrzr8bpsnJQOl2Fs4o8khOEc9hxTIuZhd6HInFQvDCDH
ESI0+9yqzipTWrkMjsYzH1jz5tC17PNhjm8q3tnYS7SRyTjK3q5J3JBzmxoD/g4B
KnYiwdD2eSg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:07:22 2026 by rpki-client