Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jxdkGSBNpFc1hVlIrMGTYn60LEY.roa
File: jxdkGSBNpFc1hVlIrMGTYn60LEY.roa (raw, json)
Hash identifier: OZZzL8aPMLdlpy956h6pa/CEfM2zI+TNAM4iS/LBf2Q=
Subject key identifier: 8F:17:64:19:20:4D:A4:57:35:85:59:48:AC:C1:93:62:7E:B4:2C:46
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292CA58500D87FAC12BC25EA2F39B9B
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jxdkGSBNpFc1hVlIrMGTYn60LEY.roa
Signing time: Thu 09 Apr 2026 14:08:35 +0000
ROA not before: Thu 09 Apr 2026 14:08:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397209
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:ca:58:50:0d:87:fa:c1:2b:c2:5e:a2:f3:9b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8f176419204da45735855948acc193627eb42c46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ec:b1:6b:ea:4c:9b:90:7f:ed:fe:fe:98:4c:
8f:7e:80:bd:df:9c:0e:2f:ea:16:22:4e:95:1c:fc:
15:51:ac:f5:4e:77:af:db:72:cd:4e:0f:51:ef:85:
d6:e3:f8:fb:25:ef:d9:32:23:b2:14:8f:2d:b8:a6:
6e:ea:eb:39:8c:00:9a:d4:51:2b:7d:6b:a7:24:5c:
7b:7e:f2:a1:68:35:d2:94:6d:9e:de:26:52:5c:5b:
e1:a8:71:a1:57:4b:30:9d:fa:65:90:2e:ff:72:93:
57:e4:d0:ee:9e:a9:b7:f2:0d:68:fb:76:32:c4:80:
56:82:c2:33:06:fa:ac:e6:9d:57:76:2a:41:c9:0e:
b6:04:d0:8b:5c:f5:4b:65:98:14:91:0e:04:e2:d0:
20:a8:ec:0f:93:a9:9a:70:7b:13:bc:96:01:03:08:
0d:ba:ad:56:a8:b9:6a:a4:8d:3b:58:93:5b:9b:25:
ae:96:36:18:e6:f9:21:ca:9b:c7:18:19:1f:c0:13:
8e:4c:20:04:86:34:94:b0:db:ce:c5:d9:c6:40:f1:
16:31:f4:cf:ed:57:52:28:a0:c7:df:21:2a:c2:6d:
da:21:01:79:2f:51:0c:af:e2:c9:74:81:fb:50:a7:
f2:fa:31:ca:81:45:3d:6d:c6:e2:50:0b:b5:27:24:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:17:64:19:20:4D:A4:57:35:85:59:48:AC:C1:93:62:7E:B4:2C:46
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/jxdkGSBNpFc1hVlIrMGTYn60LEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
0e:4a:4a:d3:d0:71:82:e9:cf:98:8c:3a:f3:24:64:35:d0:4a:
b2:48:57:d1:b2:30:6c:49:02:bf:e8:7c:d4:68:a7:31:e1:c3:
3b:2d:c8:c0:f1:32:19:44:82:e0:2a:3f:0b:f2:2b:e0:3a:a4:
09:8c:8c:02:52:30:28:9d:2f:04:38:8f:48:e8:32:d0:1b:e6:
4a:8e:1a:5e:75:89:67:c2:a7:88:32:d1:b8:95:df:a8:0b:fe:
64:28:a9:17:e7:d6:91:86:52:54:7e:25:4c:71:6e:3f:40:d7:
7f:79:27:be:7c:53:03:a6:4a:7e:b0:91:47:4f:dc:c3:89:22:
19:8b:56:a9:1d:e5:93:53:e3:6e:bd:36:fc:d4:28:a1:e8:fb:
89:14:e1:43:01:f0:78:5f:3f:ef:e9:66:69:91:f9:51:ea:54:
e0:fc:d7:50:06:49:a8:36:7c:a7:21:75:10:b6:43:88:ec:6e:
d6:80:f1:5e:12:7b:42:81:f6:48:df:7b:f8:4f:ef:38:60:16:
c2:1e:c5:c3:db:28:63:cc:82:21:77:e6:2f:31:8b:dc:45:2f:
de:4b:0b:c1:76:03:64:8b:3c:f4:cd:f5:9e:66:f6:c0:72:b7:
7b:7f:f4:a8:db:5a:86:ef:48:61:2a:58:e1:7f:d2:25:df:af:
a0:94:3b:f2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykspYUA2H+sErwl6i85ubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjE3NjQxOTIwNGRhNDU3MzU4NTU5NDhhY2MxOTM2MjdlYjQyYzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeyxa+pMm5B/7f7+mEyPfoC935wO
L+oWIk6VHPwVUaz1Tnev23LNTg9R74XW4/j7Je/ZMiOyFI8tuKZu6us5jACa1FEr
fWunJFx7fvKhaDXSlG2e3iZSXFvhqHGhV0swnfplkC7/cpNX5NDunqm38g1o+3Yy
xIBWgsIzBvqs5p1XdipByQ62BNCLXPVLZZgUkQ4E4tAgqOwPk6macHsTvJYBAwgN
uq1WqLlqpI07WJNbmyWuljYY5vkhypvHGBkfwBOOTCAEhjSUsNvOxdnGQPEWMfTP
7VdSKKDH3yEqwm3aIQF5L1EMr+LJdIH7UKfy+jHKgUU9bcbiUAu1JyQjMwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI8XZBkgTaRXNYVZSKzBk2J+tCxGMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvanhka0dTQk5wRmMxaFZsSXJNR1RZbjYwTEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAA5KStPQcYLp
z5iMOvMkZDXQSrJIV9GyMGxJAr/ofNRopzHhwzstyMDxMhlEguAqPwvyK+A6pAmM
jAJSMCidLwQ4j0joMtAb5kqOGl51iWfCp4gy0biV36gL/mQoqRfn1pGGUlR+JUxx
bj9A1395J758UwOmSn6wkUdP3MOJIhmLVqkd5ZNT4269NvzUKKHo+4kU4UMB8Hhf
P+/pZmmR+VHqVOD811AGSag2fKchdRC2Q4jsbtaA8V4Se0KB9kjfe/hP7zhgFsIe
xcPbKGPMgiF35i8xi9xFL95LC8F2A2SLPPTN9Z5m9sByt3t/9KjbWobvSGEqWOF/
0iXfr6CUO/I=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:33:37 2026 by rpki-client