Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jRyzw9ZDzZs4eJRkRVCk6EEfntI.roa
File: jRyzw9ZDzZs4eJRkRVCk6EEfntI.roa (raw, json)
Hash identifier: VREgaIKTOnw+5TYh0MpnU659U8nHaS6hBUiHZ3wf9J8=
Subject key identifier: 8D:1C:B3:C3:D6:43:CD:9B:38:78:94:64:45:50:A4:E8:41:1F:9E:D2
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292CAD96AAC638CCBD21A96F294F7B6
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jRyzw9ZDzZs4eJRkRVCk6EEfntI.roa
Signing time: Thu 09 Apr 2026 14:08:36 +0000
ROA not before: Thu 09 Apr 2026 14:08:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397211
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:ca:d9:6a:ac:63:8c:cb:d2:1a:96:f2:94:f7:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d1cb3c3d643cd9b387894644550a4e8411f9ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:14:e0:4b:97:60:5a:6b:a6:40:45:2e:6f:
9e:8a:fe:91:ba:b6:4e:82:94:07:ad:0f:36:19:4b:
53:4a:27:89:54:c2:fc:dc:ba:bf:2f:8b:86:40:01:
51:56:fd:ad:8d:0f:1f:ec:02:cf:b2:59:9e:1f:41:
70:fe:04:94:1f:85:70:27:7f:45:bf:7c:88:82:9d:
ec:9c:45:b3:c8:aa:dc:4f:d3:32:d2:74:19:e8:87:
93:47:dd:7e:29:3b:71:96:4e:4d:82:7c:b2:f1:b5:
88:77:83:88:4c:64:9e:39:99:ff:55:6d:45:03:04:
06:e4:4f:3a:92:28:15:4f:4b:f2:10:a4:4c:81:e7:
8a:54:d0:e8:6b:80:58:e1:6e:81:f7:ac:ec:d9:3f:
2d:d8:02:fc:36:78:f7:1d:05:bc:8e:59:e4:2d:29:
26:00:29:87:e2:e9:f5:59:e8:75:68:ec:5e:85:0b:
72:43:f8:83:ba:2e:e8:f8:ef:a1:e5:79:ce:d8:79:
16:4b:d6:67:2e:6e:e7:9c:7e:79:cb:79:23:b3:30:
d4:93:42:e7:b1:09:8b:64:5b:cb:85:27:60:a9:84:
d7:3c:65:2a:ae:66:15:f7:25:a5:01:22:6d:50:3d:
c9:32:db:8a:bd:49:87:13:36:dd:df:b3:fa:cd:bb:
73:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1C:B3:C3:D6:43:CD:9B:38:78:94:64:45:50:A4:E8:41:1F:9E:D2
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jRyzw9ZDzZs4eJRkRVCk6EEfntI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
29:d8:44:b1:ca:24:8c:5d:69:60:32:10:c0:2d:61:78:68:a5:
ac:22:5d:05:22:64:0b:3e:c4:66:a3:25:68:43:64:b1:42:4c:
31:e5:dd:c2:6c:99:e4:e3:4c:01:be:33:c0:93:33:33:54:41:
0b:62:bd:09:71:63:e5:f6:69:2e:4f:c1:95:90:b4:61:6f:82:
29:2e:c1:a6:ae:82:4c:c9:0c:2e:b7:1d:74:e7:95:96:af:58:
8f:52:a4:cb:1d:29:46:66:24:b8:23:06:13:10:40:17:3e:d2:
6d:05:c8:af:7e:bb:03:9f:2a:17:de:1c:56:2d:1d:bb:7b:c3:
53:92:fe:bd:e9:b2:97:d5:ec:e9:c9:10:ab:dd:5d:31:77:51:
c4:86:8e:e1:f7:f9:f9:67:7b:36:c6:2e:8c:12:b6:20:48:2c:
f2:77:0b:e8:45:c3:20:84:f2:51:79:fa:00:21:29:5d:51:04:
e4:00:c0:9f:34:d1:37:2d:32:ce:0c:fc:f1:ce:7c:c9:c7:79:
15:a7:5c:8b:98:2c:84:c6:79:43:ad:b2:d6:2a:4a:ae:6e:0d:
97:f9:c1:9a:ba:16:5b:61:97:35:db:12:3d:76:9b:16:27:aa:
c1:d2:b4:10:3d:df:2b:ab:3d:74:05:39:2e:31:1a:39:36:b7:
6e:c4:26:d5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksrZaqxjjMvSGpbylPe2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFjYjNjM2Q2NDNjZDliMzg3ODk0NjQ0NTUwYTRlODQxMWY5ZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEIU4EuXYFprpkBFLm+eiv6RurZO
gpQHrQ82GUtTSieJVML83Lq/L4uGQAFRVv2tjQ8f7ALPslmeH0Fw/gSUH4VwJ39F
v3yIgp3snEWzyKrcT9My0nQZ6IeTR91+KTtxlk5Ngnyy8bWId4OITGSeOZn/VW1F
AwQG5E86kigVT0vyEKRMgeeKVNDoa4BY4W6B96zs2T8t2AL8Nnj3HQW8jlnkLSkm
ACmH4un1Weh1aOxehQtyQ/iDui7o+O+h5XnO2HkWS9ZnLm7nnH55y3kjszDUk0Ln
sQmLZFvLhSdgqYTXPGUqrmYV9yWlASJtUD3JMtuKvUmHEzbd37P6zbtzFQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI0cs8PWQ82bOHiUZEVQpOhBH57SMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvalJ5enc5WkR6WnM0ZUpSa1JWQ2s2RUVmbnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBACnYRLHKJIxd
aWAyEMAtYXhopawiXQUiZAs+xGajJWhDZLFCTDHl3cJsmeTjTAG+M8CTMzNUQQti
vQlxY+X2aS5PwZWQtGFvgikuwaaugkzJDC63HXTnlZavWI9SpMsdKUZmJLgjBhMQ
QBc+0m0FyK9+uwOfKhfeHFYtHbt7w1OS/r3pspfV7OnJEKvdXTF3UcSGjuH3+fln
ezbGLowStiBILPJ3C+hFwyCE8lF5+gAhKV1RBOQAwJ800TctMs4M/PHOfMnHeRWn
XIuYLITGeUOtstYqSq5uDZf5wZq6FlthlzXbEj12mxYnqsHStBA93yurPXQFOS4x
Gjk2t27EJtU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:31 2026 by rpki-client