Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/poR75Gf6_IWN3bm5irIQIjo0R4E.roa
File: poR75Gf6_IWN3bm5irIQIjo0R4E.roa (raw, json)
Hash identifier: Gpv50D5wplycyVPzyO6Dd7LuYUdc/1/wZ69O7r4bdz4=
Subject key identifier: A6:84:7B:E4:67:FA:FC:85:8D:DD:B9:B9:8A:B2:10:22:3A:34:47:81
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D729293D2C598E8A517AD6F9AFD03BDFD
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/poR75Gf6_IWN3bm5irIQIjo0R4E.roa
Signing time: Thu 09 Apr 2026 14:08:21 +0000
ROA not before: Thu 09 Apr 2026 14:08:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 22547
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:93:d2:c5:98:e8:a5:17:ad:6f:9a:fd:03:bd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a6847be467fafc858dddb9b98ab210223a344781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:db:f3:79:9b:9a:4d:15:9c:45:f0:3e:cd:6c:
ee:70:56:f1:f1:25:53:4e:e7:20:2e:a3:62:43:b6:
b0:35:9b:b9:6f:60:06:7d:36:da:f9:83:ae:c7:ab:
ad:30:cc:e6:84:a9:51:21:d9:22:c3:bd:c5:2c:12:
35:45:04:37:4b:ea:d1:fd:44:99:2d:93:73:03:b8:
23:de:ba:1d:b0:6d:93:13:5d:cc:00:0a:d1:43:95:
72:1b:28:4f:65:09:ce:37:23:83:3c:52:8b:37:7d:
57:1e:67:08:05:12:ab:19:5c:46:37:42:1c:9b:8d:
48:a5:ff:93:cc:21:ba:85:5a:f4:fa:46:b1:c6:ab:
e8:86:c1:7d:f2:e1:cc:87:de:3c:85:0e:7f:38:fc:
b8:35:87:39:c2:92:06:8a:da:23:53:4f:2b:18:f7:
20:d3:45:3e:02:46:0d:0a:c3:aa:72:8b:6c:a4:40:
58:ff:a6:0c:36:e6:7d:e3:be:b4:da:25:a4:83:a7:
a7:1f:2f:6b:e3:a8:67:86:60:55:79:a3:f6:a3:ed:
42:1b:94:21:63:89:6f:ad:61:c3:5e:05:41:5f:98:
e2:e8:95:50:eb:c9:11:b3:5e:7d:67:18:8b:f7:64:
5e:9f:1a:b5:59:ef:e2:3a:e7:68:30:1c:37:9e:bf:
87:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:84:7B:E4:67:FA:FC:85:8D:DD:B9:B9:8A:B2:10:22:3A:34:47:81
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/poR75Gf6_IWN3bm5irIQIjo0R4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
6f:87:83:1d:8a:6e:47:87:c5:5c:e3:bf:27:ea:a8:ac:ab:fa:
c8:f3:68:2a:d0:e2:e6:84:c9:cc:fc:9a:96:91:76:da:72:81:
88:82:1e:4f:63:4f:82:0b:ab:94:15:f7:8d:db:37:43:79:8e:
c4:7c:d4:a5:0b:c0:13:d8:b3:b8:b4:cc:b1:af:49:23:b8:21:
d7:4e:6d:86:ff:9b:23:8e:d4:17:7d:eb:45:0b:e0:4b:bd:0b:
d0:b9:49:52:31:a5:9e:ea:c3:d7:25:ab:a3:4d:a5:15:0a:b1:
7b:22:f2:70:f2:18:6f:f8:bd:aa:1e:89:44:90:90:ec:70:f2:
4e:c9:30:1c:49:ab:45:84:04:23:ca:e7:f7:9e:95:aa:c7:55:
f5:07:30:2f:c8:a8:cd:c0:40:09:19:3d:09:11:8e:d6:17:05:
3e:d7:e5:48:24:04:5b:bb:7a:91:af:53:63:7a:d3:a8:ca:99:
65:2e:32:4f:f4:f0:cd:48:58:41:24:3b:c1:6f:c2:5c:42:9f:
cf:9b:4c:0c:b3:76:44:ea:1c:63:66:5c:02:4f:5f:fc:11:22:
35:14:b8:2a:06:15:86:e1:fe:b0:a8:d9:ab:64:4e:4e:2e:3d:
d5:54:9d:46:73:07:9c:08:42:6d:a1:c6:cd:68:1a:dc:93:bc:
d3:74:b5:2f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykpPSxZjopRetb5r9A739MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjg0N2JlNDY3ZmFmYzg1OGRkZGI5Yjk4YWIyMTAyMjNhMzQ0NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydvzeZuaTRWcRfA+zWzucFbx8SVT
TucgLqNiQ7awNZu5b2AGfTba+YOux6utMMzmhKlRIdkiw73FLBI1RQQ3S+rR/USZ
LZNzA7gj3rodsG2TE13MAArRQ5VyGyhPZQnONyODPFKLN31XHmcIBRKrGVxGN0Ic
m41Ipf+TzCG6hVr0+kaxxqvohsF98uHMh948hQ5/OPy4NYc5wpIGitojU08rGPcg
00U+AkYNCsOqcotspEBY/6YMNuZ947602iWkg6enHy9r46hnhmBVeaP2o+1CG5Qh
Y4lvrWHDXgVBX5ji6JVQ68kRs159ZxiL92Renxq1We/iOudoMBw3nr+HzwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKaEe+Rn+vyFjd25uYqyECI6NEeBMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcG9SNzVHZjZfSVdOM2JtNWlySVFJam8wUjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAG+Hgx2KbkeH
xVzjvyfqqKyr+sjzaCrQ4uaEycz8mpaRdtpygYiCHk9jT4ILq5QV943bN0N5jsR8
1KULwBPYs7i0zLGvSSO4IddObYb/myOO1Bd960UL4Eu9C9C5SVIxpZ7qw9clq6NN
pRUKsXsi8nDyGG/4vaoeiUSQkOxw8k7JMBxJq0WEBCPK5/eelarHVfUHMC/IqM3A
QAkZPQkRjtYXBT7X5UgkBFu7epGvU2N606jKmWUuMk/08M1IWEEkO8FvwlxCn8+b
TAyzdkTqHGNmXAJPX/wRIjUUuCoGFYbh/rCo2atkTk4uPdVUnUZzB5wIQm2hxs1o
GtyTvNN0tS8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:20:23 2026 by rpki-client