Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kSlfJxwzhbAjsS3kbK1wDqg2-zI.roa
File: kSlfJxwzhbAjsS3kbK1wDqg2-zI.roa (raw, json)
Hash identifier: oqIOGZpxBaVVe31BrLQ5zqg7/8VvabARgQMILmmBMqo=
Subject key identifier: 91:29:5F:27:1C:33:85:B0:23:B1:2D:E4:6C:AD:70:0E:A8:36:FB:32
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292B0AB4F1B46DBBAE0EC5CD3E37BA9
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kSlfJxwzhbAjsS3kbK1wDqg2-zI.roa
Signing time: Thu 09 Apr 2026 14:08:29 +0000
ROA not before: Thu 09 Apr 2026 14:08:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396585
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:b0:ab:4f:1b:46:db:ba:e0:ec:5c:d3:e3:7b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=91295f271c3385b023b12de46cad700ea836fb32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:97:c7:6e:82:46:f1:47:3d:db:e4:82:86:fa:
45:02:e2:0c:1f:fd:b9:d6:f3:94:ab:cf:0f:7a:1e:
71:ef:27:cb:5f:b7:f5:c0:59:d8:fd:9e:e9:a9:ba:
3d:71:95:70:d6:63:06:02:65:aa:12:17:e6:3a:ae:
c5:23:13:a1:6c:a4:6c:89:ca:bf:23:fd:70:b5:c3:
54:3d:87:d8:cd:9c:f1:97:92:d2:8e:f4:97:b0:1e:
62:a9:86:62:2a:7b:de:5b:1e:fb:67:e2:65:70:dc:
6e:af:f4:ec:62:dd:e7:2d:9d:79:db:86:2e:a7:00:
ee:37:bb:ba:f0:bf:b5:19:25:db:a1:e1:b5:17:e1:
c3:49:4c:49:9b:80:09:b7:10:d2:40:7b:5e:c6:d4:
fa:be:fe:08:4c:31:10:74:47:de:91:73:b8:2d:7e:
d9:5b:1f:6b:03:7e:0b:3f:2e:89:43:3d:10:8c:2d:
17:7b:7e:5b:30:68:fe:ba:cf:73:d8:14:25:96:85:
c1:a4:7f:13:e6:0e:b5:6f:95:ab:f6:92:f3:6d:58:
ed:ff:40:34:ff:53:c2:85:d4:13:33:fb:54:32:76:
81:e1:bb:30:6c:ff:1f:b4:aa:f9:ef:5d:d0:03:32:
7b:ec:89:99:bc:cc:1a:7e:04:53:0b:81:b0:4f:d9:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:29:5F:27:1C:33:85:B0:23:B1:2D:E4:6C:AD:70:0E:A8:36:FB:32
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/kSlfJxwzhbAjsS3kbK1wDqg2-zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
b6:08:57:6a:3e:81:14:46:7c:63:73:b0:57:7e:82:76:ec:c3:
5c:a5:a9:d7:cb:fd:3a:3d:50:96:e4:bf:fc:b9:ed:7a:bd:9c:
d9:e0:d7:37:56:6d:6b:f8:42:00:a7:fa:0d:14:ba:c7:0a:6b:
b1:fb:01:a7:03:be:ff:f1:c6:25:1f:38:ea:6a:79:70:8b:b4:
0b:c9:7b:42:5f:ec:5a:51:9b:5c:bc:0c:b0:0d:b0:e4:ea:7c:
c6:b1:6c:d9:7f:0d:59:4e:bd:9c:46:a4:f7:e5:08:b6:55:21:
49:86:b0:d8:08:2b:b9:5d:93:0d:63:aa:06:da:3a:93:ba:aa:
43:e6:78:58:ab:b1:ad:a4:20:ee:bb:69:c8:2b:fc:db:2e:24:
09:8f:35:19:2b:e6:00:61:ed:a4:8e:1f:98:9a:23:08:66:3d:
39:ec:f2:5a:87:b0:73:80:a3:c1:7b:4f:09:ef:27:73:50:37:
72:67:d9:2b:10:fa:88:25:50:78:e6:38:80:a4:c4:49:f8:e0:
37:1e:af:c6:6a:52:b1:d4:68:9c:2d:68:a2:bf:0f:6a:6e:1f:
56:6a:c0:c1:8a:07:77:d3:41:8e:d1:b5:b8:01:e8:cf:84:af:
14:96:4b:9f:2e:82:70:6a:fb:06:2c:52:16:b3:20:b0:ef:c2:
35:7d:08:7f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykrCrTxtG27rg7FzT43upMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTI5NWYyNzFjMzM4NWIwMjNiMTJkZTQ2Y2FkNzAwZWE4MzZmYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZfHboJG8Uc92+SChvpFAuIMH/25
1vOUq88Peh5x7yfLX7f1wFnY/Z7pqbo9cZVw1mMGAmWqEhfmOq7FIxOhbKRsicq/
I/1wtcNUPYfYzZzxl5LSjvSXsB5iqYZiKnveWx77Z+JlcNxur/TsYt3nLZ1524Yu
pwDuN7u68L+1GSXboeG1F+HDSUxJm4AJtxDSQHtextT6vv4ITDEQdEfekXO4LX7Z
Wx9rA34LPy6JQz0QjC0Xe35bMGj+us9z2BQlloXBpH8T5g61b5Wr9pLzbVjt/0A0
/1PChdQTM/tUMnaB4bswbP8ftKr5713QAzJ77ImZvMwafgRTC4GwT9nj/QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJEpXyccM4WwI7Et5GytcA6oNvsyMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEva1NsZkp4d3poYkFqc1Mza2JLMXdEcWcyLXpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBALYIV2o+gRRG
fGNzsFd+gnbsw1ylqdfL/To9UJbkv/y57Xq9nNng1zdWbWv4QgCn+g0UuscKa7H7
AacDvv/xxiUfOOpqeXCLtAvJe0Jf7FpRm1y8DLANsOTqfMaxbNl/DVlOvZxGpPfl
CLZVIUmGsNgIK7ldkw1jqgbaOpO6qkPmeFirsa2kIO67acgr/NsuJAmPNRkr5gBh
7aSOH5iaIwhmPTns8lqHsHOAo8F7TwnvJ3NQN3Jn2SsQ+oglUHjmOICkxEn44Dce
r8ZqUrHUaJwtaKK/D2puH1ZqwMGKB3fTQY7RtbgB6M+ErxSWS58ugnBq+wYsUhaz
ILDvwjV9CH8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:26:26 2026 by rpki-client