Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hK_bCFV2T06kxwmMuM6ai9gcKKk.roa
File: hK_bCFV2T06kxwmMuM6ai9gcKKk.roa (raw, json)
Hash identifier: /22es1J8Fd1c7zCKJA4MuANbvrz7+FZQQnB49p46sKA=
Subject key identifier: 84:AF:DB:08:55:76:4F:4E:A4:C7:09:8C:B8:CE:9A:8B:D8:1C:28:A9
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D72929D8554842353D43DBC91265B115E
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hK_bCFV2T06kxwmMuM6ai9gcKKk.roa
Signing time: Thu 09 Apr 2026 14:08:24 +0000
ROA not before: Thu 09 Apr 2026 14:08:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36631
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:9d:85:54:84:23:53:d4:3d:bc:91:26:5b:11:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=84afdb0855764f4ea4c7098cb8ce9a8bd81c28a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ee:8b:63:3e:fc:3d:72:ba:d2:f9:8a:7a:5c:
9a:12:88:43:84:5d:d3:84:e2:b1:29:73:e8:a1:da:
4e:60:ec:1b:5b:e5:04:4c:66:dd:50:c9:3e:37:47:
5a:e5:c8:5b:a1:84:36:45:7e:e0:b8:7d:a3:89:3a:
92:63:7d:45:f9:df:76:38:d7:84:3b:51:c8:b3:a3:
5e:4b:8a:57:ab:16:19:ab:b3:c7:d4:87:a0:f2:da:
97:77:83:bc:05:8c:62:8a:c3:de:1b:ec:2b:72:8f:
c0:7e:6e:00:75:29:20:5f:3a:a3:a9:cc:6e:db:22:
60:51:5f:99:3a:04:e2:7f:b8:f7:0d:76:85:7a:6a:
61:6d:01:13:2f:18:06:13:de:67:d9:08:16:c9:7d:
23:7b:ac:87:2f:84:f6:48:e2:32:25:9d:6b:8a:94:
c3:8c:61:0c:42:67:44:b8:4d:95:ee:24:2e:1a:86:
1d:5f:82:d6:58:01:1b:ee:c2:38:9c:c9:12:e4:51:
bd:70:25:5e:e4:e2:b4:f9:98:09:f0:05:1a:ed:1e:
e8:38:a7:b0:c7:af:70:d7:00:ab:09:01:4a:8f:85:
3f:a9:f4:36:2e:02:4b:99:2f:40:95:f9:34:40:8d:
a4:6f:8a:ad:fd:9b:33:b0:84:75:e9:53:5f:83:29:
82:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AF:DB:08:55:76:4F:4E:A4:C7:09:8C:B8:CE:9A:8B:D8:1C:28:A9
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/hK_bCFV2T06kxwmMuM6ai9gcKKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
83:a2:4a:a1:7a:94:4e:31:b1:36:31:70:40:7e:f0:94:67:e7:
71:e7:b1:06:6d:ea:4a:ec:d5:2d:ca:18:75:09:2b:99:11:87:
7f:24:bf:f2:6f:b7:ff:72:5c:0e:44:ab:81:1e:de:ed:2d:5a:
fa:7f:42:b8:43:1e:41:01:d3:76:a4:b4:91:57:28:3f:14:38:
6c:ac:84:31:67:5f:74:02:2d:5f:08:d4:0f:f1:59:01:b8:e2:
a5:b6:77:4c:23:01:16:dd:db:ee:21:81:b9:9f:39:dd:9a:ac:
d4:ac:a0:4e:72:68:b1:05:59:61:1e:37:03:c6:8e:cf:7d:93:
38:78:2e:87:07:9d:15:fa:36:79:93:35:95:e9:bf:83:02:2b:
3e:c1:c0:fd:95:7e:c8:87:dd:78:c9:89:73:05:4c:49:4d:bf:
9b:f0:d9:6d:1a:1a:81:59:74:0a:2c:b3:86:cd:e1:90:9c:83:
96:5f:29:83:47:e2:cf:84:c4:2d:65:a9:d4:81:03:13:f0:81:
ba:1c:bb:44:fe:c2:79:bc:f6:74:88:fc:1d:3f:ab:12:0c:f4:
70:ad:13:99:49:28:f7:7e:aa:45:ae:e1:f8:e8:b3:16:0e:8b:
85:cb:a7:e0:a7:72:18:b3:14:6d:d7:c8:5d:25:a9:da:41:79:
c4:c7:07:cd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykp2FVIQjU9Q9vJEmWxFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFmZGIwODU1NzY0ZjRlYTRjNzA5OGNiOGNlOWE4YmQ4MWMyOGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue6LYz78PXK60vmKelyaEohDhF3T
hOKxKXPoodpOYOwbW+UETGbdUMk+N0da5chboYQ2RX7guH2jiTqSY31F+d92ONeE
O1HIs6NeS4pXqxYZq7PH1Ieg8tqXd4O8BYxiisPeG+wrco/Afm4AdSkgXzqjqcxu
2yJgUV+ZOgTif7j3DXaFemphbQETLxgGE95n2QgWyX0je6yHL4T2SOIyJZ1ripTD
jGEMQmdEuE2V7iQuGoYdX4LWWAEb7sI4nMkS5FG9cCVe5OK0+ZgJ8AUa7R7oOKew
x69w1wCrCQFKj4U/qfQ2LgJLmS9Alfk0QI2kb4qt/ZszsIR16VNfgymCkwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFISv2whVdk9OpMcJjLjOmovYHCipMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvaEtfYkNGVjJUMDZreHdtTXVNNmFpOWdjS0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAIOiSqF6lE4x
sTYxcEB+8JRn53HnsQZt6krs1S3KGHUJK5kRh38kv/Jvt/9yXA5Eq4Ee3u0tWvp/
QrhDHkEB03aktJFXKD8UOGyshDFnX3QCLV8I1A/xWQG44qW2d0wjARbd2+4hgbmf
Od2arNSsoE5yaLEFWWEeNwPGjs99kzh4LocHnRX6NnmTNZXpv4MCKz7BwP2VfsiH
3XjJiXMFTElNv5vw2W0aGoFZdAoss4bN4ZCcg5ZfKYNH4s+ExC1lqdSBAxPwgboc
u0T+wnm89nSI/B0/qxIM9HCtE5lJKPd+qkWu4fjosxYOi4XLp+CnchizFG3XyF0l
qdpBecTHB80=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:20:19 2026 by rpki-client