Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/p5ya8gDPnY2TY2x1s8RDMBqOLG8.roa
File: p5ya8gDPnY2TY2x1s8RDMBqOLG8.roa (raw, json)
Hash identifier: p0WFRRLEJplGKzDiC1TUj+P1TuA4OmDedgKOnyCKRdU=
Subject key identifier: A7:9C:9A:F2:00:CF:9D:8D:93:63:6C:75:B3:C4:43:30:1A:8E:2C:6F
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C04514EE305ECF0F1CB676A47F9B
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/p5ya8gDPnY2TY2x1s8RDMBqOLG8.roa
Signing time: Thu 09 Apr 2026 14:08:33 +0000
ROA not before: Thu 09 Apr 2026 14:08:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396613
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c0:45:14:ee:30:5e:cf:0f:1c:b6:76:a4:7f:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a79c9af200cf9d8d93636c75b3c443301a8e2c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6c:bd:2c:77:15:c2:cd:06:3c:30:f0:a0:b3:
f5:88:8a:eb:fc:4e:8f:a3:ec:34:de:7e:b7:0e:4c:
ca:6d:1c:c3:88:c2:10:89:66:c4:e6:84:58:ce:ba:
35:9f:e9:05:52:ae:db:e1:23:28:54:5f:4a:d6:0b:
ad:f8:7b:36:fc:d1:7b:20:c2:e1:a1:50:68:d4:91:
66:b2:6d:cf:bd:26:68:e3:32:19:31:99:a1:0e:61:
f1:eb:97:9a:3b:ff:39:8b:14:35:ee:36:aa:df:b5:
c4:ca:d1:7d:be:30:d8:6e:1c:69:71:07:62:42:31:
f3:57:79:bb:5a:fb:96:4d:b0:f6:4c:11:3c:65:fd:
cb:07:1d:86:8d:6c:d3:6c:86:8d:63:4e:c1:70:8d:
2f:30:ad:64:38:e8:0e:a0:51:77:13:54:23:e8:bf:
4d:98:1d:3f:cf:72:a8:b0:bd:32:a0:2c:f0:72:66:
fb:29:f2:01:de:1d:43:16:f0:5a:76:21:d2:ab:68:
82:08:89:d9:54:24:ab:a8:e7:08:0e:64:39:e1:e3:
6e:98:c9:96:b4:97:c8:63:3f:45:fc:2d:b8:6d:4a:
87:08:4b:d1:f6:3c:d4:2e:e1:e0:45:96:4b:e9:fa:
e9:8e:9b:e3:10:b6:4f:60:3c:2a:4b:3d:39:84:2d:
6f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9C:9A:F2:00:CF:9D:8D:93:63:6C:75:B3:C4:43:30:1A:8E:2C:6F
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/p5ya8gDPnY2TY2x1s8RDMBqOLG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
34:26:9e:fc:b0:10:d8:a3:88:ec:89:36:fc:3a:e9:c6:5a:ce:
c9:1b:39:f3:df:cb:4d:79:09:b9:f5:d1:d6:50:c1:c8:1b:33:
b9:71:55:c4:21:ae:15:03:77:6f:11:f3:74:94:a1:16:30:88:
d9:51:0d:99:e7:72:00:21:a6:73:89:e4:3a:45:cd:2b:16:7c:
13:bd:aa:bf:02:a2:31:7d:fb:ce:89:d7:df:38:be:3f:d3:ce:
41:eb:7f:ae:d2:53:03:71:d2:93:b9:8f:e9:54:7b:a4:26:a3:
60:b9:05:f8:6e:35:22:e1:6e:4b:9e:61:de:12:9e:c8:2a:d9:
fd:10:a5:70:37:3b:1c:de:8c:05:cf:1d:be:d6:28:a5:f4:43:
5d:0b:fc:62:e8:c4:5a:cd:56:64:6d:89:18:43:a0:96:94:01:
5b:59:66:6a:6c:bc:f2:c5:ed:18:22:5d:a8:27:89:ae:b0:34:
35:cf:11:f4:2c:e0:3c:c5:04:2a:6d:f6:2d:a5:68:d0:1f:52:
55:fd:d2:28:87:39:35:0d:0d:a1:30:0b:bd:42:c8:cb:9e:95:
45:73:e7:6a:f9:6a:50:aa:14:ad:76:7d:c1:4d:72:6a:2b:3f:
46:c6:fc:25:17:47:61:9a:02:10:7f:c7:7c:3a:f6:4b:49:7d:
5c:ab:88:ec
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksBFFO4wXs8PHLZ2pH+bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzljOWFmMjAwY2Y5ZDhkOTM2MzZjNzViM2M0NDMzMDFhOGUyYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWy9LHcVws0GPDDwoLP1iIrr/E6P
o+w03n63DkzKbRzDiMIQiWbE5oRYzro1n+kFUq7b4SMoVF9K1gut+Hs2/NF7IMLh
oVBo1JFmsm3PvSZo4zIZMZmhDmHx65eaO/85ixQ17jaq37XEytF9vjDYbhxpcQdi
QjHzV3m7WvuWTbD2TBE8Zf3LBx2GjWzTbIaNY07BcI0vMK1kOOgOoFF3E1Qj6L9N
mB0/z3KosL0yoCzwcmb7KfIB3h1DFvBadiHSq2iCCInZVCSrqOcIDmQ54eNumMmW
tJfIYz9F/C24bUqHCEvR9jzULuHgRZZL6frpjpvjELZPYDwqSz05hC1vkQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKecmvIAz52Nk2NsdbPEQzAajixvMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcDV5YThnRFBuWTJUWTJ4MXM4UkRNQnFPTEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBADQmnvywENij
iOyJNvw66cZazskbOfPfy015Cbn10dZQwcgbM7lxVcQhrhUDd28R83SUoRYwiNlR
DZnncgAhpnOJ5DpFzSsWfBO9qr8CojF9+86J1984vj/TzkHrf67SUwNx0pO5j+lU
e6Qmo2C5BfhuNSLhbkueYd4Snsgq2f0QpXA3OxzejAXPHb7WKKX0Q10L/GLoxFrN
VmRtiRhDoJaUAVtZZmpsvPLF7RgiXagnia6wNDXPEfQs4DzFBCpt9i2laNAfUlX9
0iiHOTUNDaEwC71CyMuelUVz52r5alCqFK12fcFNcmorP0bG/CUXR2GaAhB/x3w6
9ktJfVyriOw=
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:10:47 2026 by rpki-client