Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hJPw8I3931LE6zqkU9k6At1o9_k.roa
File: hJPw8I3931LE6zqkU9k6At1o9_k.roa (raw, json)
Hash identifier: ibv6TTdWZVBCMKxUnyRWy+yxPA4IOlR0OIbTsC60WgM=
Subject key identifier: 84:93:F0:F0:8D:FD:DF:52:C4:EB:3A:A4:53:D9:3A:02:DD:68:F7:F9
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D729290FA00016FF8052EA80A937DF59A
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hJPw8I3931LE6zqkU9k6At1o9_k.roa
Signing time: Thu 09 Apr 2026 14:08:21 +0000
ROA not before: Thu 09 Apr 2026 14:08:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 10515
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:90:fa:00:01:6f:f8:05:2e:a8:0a:93:7d:f5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8493f0f08dfddf52c4eb3aa453d93a02dd68f7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:e2:a6:24:aa:5a:f8:47:11:1b:0e:c9:7a:
0d:cf:e8:a1:e9:86:18:68:71:e8:8a:81:df:5c:ba:
75:a1:e8:5e:18:e8:51:1e:b1:55:67:9d:f8:af:60:
17:00:14:66:ad:04:ac:35:85:81:36:c6:c8:16:9f:
04:f7:e6:8f:ce:84:4e:1a:99:27:50:04:d6:f3:94:
81:a6:7d:32:cf:0c:0d:ae:a8:eb:d8:ab:9d:92:f1:
d2:c1:ff:0f:08:98:85:d4:53:43:a8:36:a1:0d:18:
5b:da:f0:41:a6:75:ff:ab:81:0e:84:f9:58:45:4f:
cb:b1:8e:8a:b5:0e:49:b2:66:c6:38:42:cf:a8:03:
c6:1e:cb:98:e8:32:0f:e5:30:d8:f1:69:f6:ca:fa:
87:d4:87:59:76:e2:7d:ae:2b:fb:e9:bb:ae:6c:ad:
61:e8:76:86:6e:11:be:97:26:a2:98:1e:1b:f2:ac:
0b:c9:05:0d:fb:40:a6:f4:55:c8:fc:bb:d0:57:28:
da:d3:38:6d:38:56:aa:5e:a8:75:bb:28:12:88:ba:
a8:de:0a:64:1f:c0:05:5f:73:3a:5f:c2:30:d1:ba:
01:36:e6:9d:e3:e3:3d:e2:51:61:b1:85:6b:3f:82:
f7:81:9e:0c:e3:d6:21:10:1b:75:53:3a:5a:20:d9:
4d:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:93:F0:F0:8D:FD:DF:52:C4:EB:3A:A4:53:D9:3A:02:DD:68:F7:F9
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hJPw8I3931LE6zqkU9k6At1o9_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
18:51:36:6f:55:9a:91:14:7a:98:03:22:f8:fb:23:75:68:b2:
02:8a:e3:36:b6:6f:5d:5b:43:10:2e:4a:96:7a:4b:c3:7e:68:
f8:5d:08:78:d0:a7:0d:53:5c:87:07:8e:51:fe:26:e8:63:a5:
2b:63:f0:5f:13:d6:b2:30:60:18:15:bc:8e:90:b0:35:fc:9b:
0e:22:7a:7a:4b:fd:6a:9e:d2:85:5a:3a:3a:c4:87:b8:8e:72:
fe:2f:23:a1:ef:c5:24:de:d0:2d:bd:e8:98:11:30:5d:8f:94:
07:38:d1:1f:ec:03:13:42:6c:d5:6d:ad:c9:6b:e3:cd:c2:4c:
06:e3:8b:e4:49:b0:56:67:52:d1:82:8c:de:3f:f6:2b:cb:a3:
cc:db:ee:99:ed:d6:63:41:06:35:82:7c:39:ca:a1:52:95:b1:
98:f5:f2:f3:43:68:fc:f0:41:30:84:05:d7:65:4f:ca:2b:f2:
e2:fb:4b:61:39:12:47:29:58:fe:9a:a2:d6:7c:f8:62:8d:81:
92:65:89:0d:bd:66:4e:50:31:90:b2:91:ed:9f:46:5c:7a:9c:
53:a6:6a:61:9f:40:ea:b5:4f:e4:8e:eb:ba:f7:0d:59:6a:95:
eb:b6:c5:38:12:ff:2f:c7:72:2a:ca:87:d8:bf:6c:4f:ec:93:
43:2c:43:12
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykpD6AAFv+AUuqAqTffWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDkzZjBmMDhkZmRkZjUyYzRlYjNhYTQ1M2Q5M2EwMmRkNjhmN2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLDipiSqWvhHERsOyXoNz+ih6YYY
aHHoioHfXLp1oeheGOhRHrFVZ534r2AXABRmrQSsNYWBNsbIFp8E9+aPzoROGpkn
UATW85SBpn0yzwwNrqjr2KudkvHSwf8PCJiF1FNDqDahDRhb2vBBpnX/q4EOhPlY
RU/LsY6KtQ5JsmbGOELPqAPGHsuY6DIP5TDY8Wn2yvqH1IdZduJ9riv76buubK1h
6HaGbhG+lyaimB4b8qwLyQUN+0Cm9FXI/LvQVyja0zhtOFaqXqh1uygSiLqo3gpk
H8AFX3M6X8Iw0boBNuad4+M94lFhsYVrP4L3gZ4M49YhEBt1UzpaINlNvQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFIST8PCN/d9SxOs6pFPZOgLdaPf5MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaEpQdzhJMzkzMUxFNnpxa1U5azZBdDFvOV9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBABhRNm9VmpEU
epgDIvj7I3VosgKK4za2b11bQxAuSpZ6S8N+aPhdCHjQpw1TXIcHjlH+JuhjpStj
8F8T1rIwYBgVvI6QsDX8mw4ienpL/Wqe0oVaOjrEh7iOcv4vI6HvxSTe0C296JgR
MF2PlAc40R/sAxNCbNVtrclr483CTAbji+RJsFZnUtGCjN4/9ivLo8zb7pnt1mNB
BjWCfDnKoVKVsZj18vNDaPzwQTCEBddlT8or8uL7S2E5EkcpWP6aotZ8+GKNgZJl
iQ29Zk5QMZCyke2fRlx6nFOmamGfQOq1T+SO67r3DVlqleu2xTgS/y/HcirKh9i/
bE/sk0MsQxI=
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:20 2026 by rpki-client