Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jfPtLRUvBNRk9nB6kACofKjFy70.roa
File: jfPtLRUvBNRk9nB6kACofKjFy70.roa (raw, json)
Hash identifier: IXWlypVrHNycWB2WLCkuLIot+XIx4Ze071Y8rAg+aoc=
Subject key identifier: 8D:F3:ED:2D:15:2F:04:D4:64:F6:70:7A:90:00:A8:7C:A8:C5:CB:BD
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C5CDB389ED97EEAE8899D72D4529
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jfPtLRUvBNRk9nB6kACofKjFy70.roa
Signing time: Thu 09 Apr 2026 14:08:34 +0000
ROA not before: Thu 09 Apr 2026 14:08:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397197
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c5:cd:b3:89:ed:97:ee:ae:88:99:d7:2d:45:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8df3ed2d152f04d464f6707a9000a87ca8c5cbbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2e:89:3d:27:00:b2:d9:70:95:4a:53:a5:fb:
d3:a2:01:08:38:75:62:f0:19:de:13:db:d8:9c:19:
d8:ac:3f:0a:27:37:17:8a:7a:2f:1e:9a:5f:ef:d9:
d0:0f:d5:94:34:a8:af:74:95:a2:ab:bd:dd:5e:20:
b9:33:ff:d5:ea:99:ea:c8:9b:a1:08:80:c7:a5:a7:
60:a4:77:05:5d:65:0e:f3:56:cf:e2:a5:b2:9b:01:
86:a2:b6:4d:a2:2c:68:dd:a3:a6:4c:37:fe:53:c6:
bb:41:9c:b6:c1:92:9c:b6:b4:9d:89:2f:4e:c3:b4:
5a:c5:6a:94:cd:f0:c1:7a:1c:9f:d4:0b:be:42:7e:
f6:d5:11:d1:07:c5:d1:a9:39:d2:21:21:2f:85:70:
43:02:71:83:dc:08:79:bd:4d:e7:ff:5e:bd:c9:a6:
b2:c4:b3:9e:ee:c0:c4:db:b0:52:fc:64:16:bd:55:
b6:ba:c5:5e:46:3b:f2:f6:ca:59:cb:50:15:0d:33:
7e:6b:32:a1:e7:63:85:e7:b7:e2:5d:35:a7:09:28:
60:6c:e2:88:09:c2:18:ce:67:b5:2b:8c:69:ef:ef:
18:c6:16:e8:2d:a9:4e:62:72:f0:f3:92:43:af:cb:
0c:ce:53:76:f7:99:be:84:01:5d:f9:9e:b3:cc:74:
92:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F3:ED:2D:15:2F:04:D4:64:F6:70:7A:90:00:A8:7C:A8:C5:CB:BD
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jfPtLRUvBNRk9nB6kACofKjFy70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
57:33:a9:03:2b:2e:9a:b6:c1:4b:ef:74:05:c2:c3:70:4a:a2:
77:ea:d0:11:91:98:79:20:c2:58:d2:43:40:97:a8:99:cc:6b:
4f:6b:c7:93:3f:7c:8d:f2:16:d4:70:d1:cc:9f:29:63:5c:dc:
8e:f7:eb:e0:c0:68:92:3e:c2:ad:9a:7d:cc:0d:62:74:03:05:
c3:1c:bd:1a:e3:d0:b5:4c:5e:3d:52:c4:1e:76:f5:d9:a2:40:
be:21:37:b3:6b:29:4c:87:f9:cb:07:cd:08:04:83:07:85:30:
3e:11:11:a2:21:64:d1:05:c3:47:59:6c:17:02:68:02:fb:2b:
b5:2d:5f:14:b3:94:b5:88:26:d9:44:dc:f5:6c:cb:85:ef:d9:
e4:35:2d:7a:f0:80:c8:e4:2c:a0:c7:87:06:72:8c:55:9a:5d:
c0:9b:63:a5:cf:33:63:f3:32:a9:73:f0:10:12:f7:11:0e:3f:
07:14:00:ad:73:1d:ac:cb:4f:73:a0:f1:a6:82:11:14:c4:78:
0a:c3:50:73:06:ed:3d:5a:d5:a1:d9:92:39:01:fa:3c:dc:84:
19:fe:38:26:87:26:1d:6c:ab:49:f4:e5:d5:69:16:39:bb:00:
0d:ed:6d:23:55:15:79:b4:7c:b3:d2:0c:bb:fd:6e:76:86:b5:
ec:64:16:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksXNs4ntl+6uiJnXLUUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGYzZWQyZDE1MmYwNGQ0NjRmNjcwN2E5MDAwYTg3Y2E4YzVjYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy6JPScAstlwlUpTpfvTogEIOHVi
8BneE9vYnBnYrD8KJzcXinovHppf79nQD9WUNKivdJWiq73dXiC5M//V6pnqyJuh
CIDHpadgpHcFXWUO81bP4qWymwGGorZNoixo3aOmTDf+U8a7QZy2wZKctrSdiS9O
w7RaxWqUzfDBehyf1Au+Qn721RHRB8XRqTnSISEvhXBDAnGD3Ah5vU3n/169yaay
xLOe7sDE27BS/GQWvVW2usVeRjvy9spZy1AVDTN+azKh52OF57fiXTWnCShgbOKI
CcIYzme1K4xp7+8YxhboLalOYnLw85JDr8sMzlN295m+hAFd+Z6zzHSSPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI3z7S0VLwTUZPZwepAAqHyoxcu9MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvamZQdExSVXZCTlJrOW5CNmtBQ29mS2pGeTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAFczqQMrLpq2
wUvvdAXCw3BKonfq0BGRmHkgwljSQ0CXqJnMa09rx5M/fI3yFtRw0cyfKWNc3I73
6+DAaJI+wq2afcwNYnQDBcMcvRrj0LVMXj1SxB529dmiQL4hN7NrKUyH+csHzQgE
gweFMD4REaIhZNEFw0dZbBcCaAL7K7UtXxSzlLWIJtlE3PVsy4Xv2eQ1LXrwgMjk
LKDHhwZyjFWaXcCbY6XPM2PzMqlz8BAS9xEOPwcUAK1zHazLT3Og8aaCERTEeArD
UHMG7T1a1aHZkjkB+jzchBn+OCaHJh1sq0n05dVpFjm7AA3tbSNVFXm0fLPSDLv9
bnaGtexkFtg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:20 2026 by rpki-client