Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lmnHJn4Ctgeq2FIS6i8PIUKU_O4.roa
File: lmnHJn4Ctgeq2FIS6i8PIUKU_O4.roa (raw, json)
Hash identifier: Q0TPlLKg6/FAaXUHoXhihAEe8JhKIylGxveijSttDqc=
Subject key identifier: 96:69:C7:26:7E:02:B6:07:AA:D8:52:12:EA:2F:0F:21:42:94:FC:EE
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D72929AE322EE9D28F13D7E21C883D92E
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lmnHJn4Ctgeq2FIS6i8PIUKU_O4.roa
Signing time: Thu 09 Apr 2026 14:08:23 +0000
ROA not before: Thu 09 Apr 2026 14:08:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36626
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:9a:e3:22:ee:9d:28:f1:3d:7e:21:c8:83:d9:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9669c7267e02b607aad85212ea2f0f214294fcee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c2:d1:43:7b:00:32:eb:b6:33:4d:50:bd:ca:
25:8e:51:80:f5:dc:d9:bf:ce:18:1d:54:5e:b3:bc:
23:51:6a:00:34:8a:c5:38:30:48:d2:7a:e4:12:13:
c9:44:f1:1a:ba:87:f4:b0:4e:a3:ab:fe:1a:a2:01:
95:52:54:77:20:51:1d:14:78:33:bd:2d:bd:57:61:
70:66:94:6b:9d:c7:03:79:3c:0e:31:23:0d:49:d2:
01:7c:ae:55:cf:5f:72:bc:c2:40:55:1c:04:f7:86:
27:93:79:f0:e9:9d:fa:f8:e0:24:7f:d7:f3:fd:85:
43:5f:21:f8:ea:ca:f0:7c:8b:6e:35:0d:7b:47:99:
d0:e3:c2:ca:e0:2a:dd:c9:61:30:6f:63:a5:be:51:
68:0c:00:f6:50:6e:f9:0b:0f:87:91:63:ac:86:dc:
b2:bb:31:a5:a8:05:2e:3e:87:aa:bf:16:2c:c8:4b:
78:01:e4:d9:04:a6:b3:c1:32:a1:68:bf:f7:53:19:
6f:80:9a:39:e8:da:ad:87:18:00:00:95:3b:55:88:
1e:c7:fe:cc:8b:76:f2:fd:ef:67:d6:eb:1a:30:94:
d8:3c:a6:0e:2f:75:7b:42:c4:04:3b:32:14:cc:18:
52:92:31:f2:dc:63:40:aa:ae:63:8d:9e:43:3b:de:
bf:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:69:C7:26:7E:02:B6:07:AA:D8:52:12:EA:2F:0F:21:42:94:FC:EE
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/lmnHJn4Ctgeq2FIS6i8PIUKU_O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
1a:fd:d4:57:76:65:b5:dc:17:2c:b4:76:4e:88:7d:2f:e5:63:
eb:a1:31:d9:1e:48:fa:37:1b:f4:74:b5:59:d4:27:27:bd:38:
e3:28:ae:6f:4b:61:01:14:5f:30:ad:2f:ba:a7:6b:04:e5:37:
e9:1e:e4:c0:91:49:f8:63:01:82:2c:47:e1:b6:a8:39:5a:2c:
b3:24:24:b7:0c:58:39:37:70:b7:ed:ca:68:51:21:79:08:f8:
7e:49:41:b8:40:b7:fd:9e:26:d1:02:a7:55:ff:ef:f5:7b:19:
6d:bb:21:d9:e2:86:b3:d6:0c:e5:e1:bc:dd:f4:c4:5a:35:c8:
56:0b:5b:b7:5c:cd:47:f7:db:8b:b9:2e:d8:fa:69:11:fd:76:
0b:47:97:78:e7:83:82:a8:3f:da:a0:d3:f1:7e:8d:e0:10:fc:
33:82:e1:23:5a:0d:da:c3:de:07:16:7a:e6:9a:c2:f7:9a:ee:
ad:1b:76:cc:da:a0:54:0b:59:6e:11:82:ef:59:b7:6b:47:85:
89:78:98:28:35:9d:84:1f:8d:6d:9d:6c:9d:39:ac:0e:7f:13:
aa:6f:36:23:c0:35:64:02:6a:b9:ed:20:66:a4:50:26:12:5c:
9f:ae:f3:b2:1e:72:84:8e:40:4b:df:05:50:54:b1:f6:bf:a0:
2c:dc:81:7f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykprjIu6dKPE9fiHIg9kuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY5YzcyNjdlMDJiNjA3YWFkODUyMTJlYTJmMGYyMTQyOTRmY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsLRQ3sAMuu2M01QvcoljlGA9dzZ
v84YHVRes7wjUWoANIrFODBI0nrkEhPJRPEauof0sE6jq/4aogGVUlR3IFEdFHgz
vS29V2FwZpRrnccDeTwOMSMNSdIBfK5Vz19yvMJAVRwE94Ynk3nw6Z36+OAkf9fz
/YVDXyH46srwfItuNQ17R5nQ48LK4CrdyWEwb2OlvlFoDAD2UG75Cw+HkWOshtyy
uzGlqAUuPoeqvxYsyEt4AeTZBKazwTKhaL/3UxlvgJo56NqthxgAAJU7VYgex/7M
i3by/e9n1usaMJTYPKYOL3V7QsQEOzIUzBhSkjHy3GNAqq5jjZ5DO96/6QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJZpxyZ+ArYHqthSEuovDyFClPzuMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvbG1uSEpuNEN0Z2VxMkZJUzZpOFBJVUtVX080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBABr91Fd2ZbXc
Fyy0dk6IfS/lY+uhMdkeSPo3G/R0tVnUJye9OOMorm9LYQEUXzCtL7qnawTlN+ke
5MCRSfhjAYIsR+G2qDlaLLMkJLcMWDk3cLftymhRIXkI+H5JQbhAt/2eJtECp1X/
7/V7GW27IdnihrPWDOXhvN30xFo1yFYLW7dczUf324u5Ltj6aRH9dgtHl3jng4Ko
P9qg0/F+jeAQ/DOC4SNaDdrD3gcWeuaawvea7q0bdszaoFQLWW4Rgu9Zt2tHhYl4
mCg1nYQfjW2dbJ05rA5/E6pvNiPANWQCarntIGakUCYSXJ+u87IecoSOQEvfBVBU
sfa/oCzcgX8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:23 2026 by rpki-client