Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/mG-etaWhddSHxwKZOQZX3VG9MuA.roa
File: mG-etaWhddSHxwKZOQZX3VG9MuA.roa (raw, json)
Hash identifier: GyX7PDzAv5d0B1GNhFHDaiyHC2QdNAI4wTonfrSUZbE=
Subject key identifier: 98:6F:9E:B5:A5:A1:75:D4:87:C7:02:99:39:06:57:DD:51:BD:32:E0
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A902A30B9C51569B10E16246C2D8
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/mG-etaWhddSHxwKZOQZX3VG9MuA.roa
Signing time: Thu 09 Apr 2026 14:08:27 +0000
ROA not before: Thu 09 Apr 2026 14:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396565
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a9:02:a3:0b:9c:51:56:9b:10:e1:62:46:c2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=986f9eb5a5a175d487c70299390657dd51bd32e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c6:82:82:05:62:cd:bc:4b:28:de:a2:dd:b2:
2e:e1:94:40:bf:b3:2a:7d:2c:96:45:4e:16:41:4d:
a9:43:90:8d:13:41:e3:bc:91:16:cb:79:a9:06:47:
62:b9:f3:35:f1:7b:b5:5c:e8:c9:c5:aa:cd:b2:ce:
a7:51:11:9b:43:0c:bb:d3:33:af:7f:8d:93:16:13:
7b:60:9f:b4:a2:40:2f:3d:b8:66:a4:9a:6f:81:48:
1e:f9:22:c4:f8:2a:19:7b:c4:df:a6:d8:a3:1a:0f:
8b:20:89:70:f2:23:59:f6:88:f8:bf:1b:8d:9c:ce:
4a:8e:93:f9:b5:94:c7:9d:ad:7c:96:ec:5a:4b:10:
e4:77:b0:83:c4:82:df:4b:e5:1f:36:60:22:42:5e:
80:c0:8e:8c:79:0a:be:90:14:19:57:fa:e1:e6:1c:
ea:a7:68:29:e4:71:fc:9c:a8:8c:70:62:42:42:9c:
2e:47:c0:cd:0e:b3:0a:69:b4:07:7e:58:b0:05:55:
78:b3:66:82:10:50:cf:c6:64:07:c4:6d:3b:cf:7a:
76:db:ae:2a:2c:64:9b:d8:b6:38:a7:00:f7:0c:c8:
83:cf:96:45:ae:e8:cb:95:f3:92:b0:9a:4a:34:76:
6f:78:59:48:a5:fe:90:b9:77:fc:2b:74:cd:75:7b:
9b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6F:9E:B5:A5:A1:75:D4:87:C7:02:99:39:06:57:DD:51:BD:32:E0
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/mG-etaWhddSHxwKZOQZX3VG9MuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
b2:6d:cf:cf:fc:20:fc:a2:6c:6d:c5:cd:dd:59:ca:cf:da:b3:
dc:2b:6f:2b:17:ec:bf:88:54:5d:3b:8d:02:dc:ec:d1:5a:a4:
ed:aa:4b:17:9f:95:4e:f8:93:93:69:6b:31:77:05:c0:9e:ca:
71:07:e7:13:16:8a:4c:13:3c:c6:42:e1:59:1b:9a:05:0a:3f:
2c:e2:ca:59:25:3e:fc:f7:d7:32:4d:ef:d0:d4:b2:0b:f0:d9:
d6:4f:05:0f:eb:da:c3:4d:de:b5:6f:b3:6a:61:8c:c0:90:b3:
a3:d6:a0:10:a1:dd:9a:6e:65:82:3d:cb:5e:f9:95:58:36:d5:
65:48:ab:ea:d8:bf:26:f0:c6:d8:ff:c7:04:0f:d7:f0:99:06:
7f:72:ed:89:56:58:99:b8:83:11:a7:48:29:c7:b1:09:68:91:
0e:59:75:ab:6a:ed:40:d0:83:66:0d:d0:c4:5e:9e:94:45:13:
0c:54:31:e4:26:db:60:22:fd:30:89:cc:cb:b3:35:e0:d8:29:
a8:77:cc:88:36:f5:e3:44:e9:11:73:9d:6e:fd:7b:73:aa:da:
41:7e:4a:8c:71:cd:2a:a9:38:3a:06:b2:81:72:b7:a8:9f:41:
63:9e:c2:b8:31:f6:f1:4d:75:85:20:44:13:35:22:0c:4f:d0:
e0:d3:48:8b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqkCowucUVabEOFiRsLYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODZmOWViNWE1YTE3NWQ0ODdjNzAyOTkzOTA2NTdkZDUxYmQzMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcaCggVizbxLKN6i3bIu4ZRAv7Mq
fSyWRU4WQU2pQ5CNE0HjvJEWy3mpBkdiufM18Xu1XOjJxarNss6nURGbQwy70zOv
f42TFhN7YJ+0okAvPbhmpJpvgUge+SLE+CoZe8TfptijGg+LIIlw8iNZ9oj4vxuN
nM5KjpP5tZTHna18luxaSxDkd7CDxILfS+UfNmAiQl6AwI6MeQq+kBQZV/rh5hzq
p2gp5HH8nKiMcGJCQpwuR8DNDrMKabQHfliwBVV4s2aCEFDPxmQHxG07z3p2264q
LGSb2LY4pwD3DMiDz5ZFrujLlfOSsJpKNHZveFlIpf6QuXf8K3TNdXublwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJhvnrWloXXUh8cCmTkGV91RvTLgMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvbUctZXRhV2hkZFNIeHdLWk9RWlgzVkc5TXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBALJtz8/8IPyi
bG3Fzd1Zys/as9wrbysX7L+IVF07jQLc7NFapO2qSxeflU74k5NpazF3BcCeynEH
5xMWikwTPMZC4VkbmgUKPyziylklPvz31zJN79DUsgvw2dZPBQ/r2sNN3rVvs2ph
jMCQs6PWoBCh3ZpuZYI9y175lVg21WVIq+rYvybwxtj/xwQP1/CZBn9y7YlWWJm4
gxGnSCnHsQlokQ5Zdatq7UDQg2YN0MRenpRFEwxUMeQm22Ai/TCJzMuzNeDYKah3
zIg29eNE6RFznW79e3Oq2kF+SoxxzSqpODoGsoFyt6ifQWOewrgx9vFNdYUgRBM1
IgxP0ODTSIs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:25 2026 by rpki-client