Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rfTTPoVJuGimmJ5tFwIf5j_bLs0.roa
File: rfTTPoVJuGimmJ5tFwIf5j_bLs0.roa (raw, json)
Hash identifier: z0+hDll7EPZ2AyvEAtj8+7az5G+uIQUJO3RZv9Cp2w4=
Subject key identifier: AD:F4:D3:3E:85:49:B8:68:A6:98:9E:6D:17:02:1F:E6:3F:DB:2E:CD
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A01A7D4AC24555A2BBEAE5C02E00
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rfTTPoVJuGimmJ5tFwIf5j_bLs0.roa
Signing time: Thu 09 Apr 2026 14:08:25 +0000
ROA not before: Thu 09 Apr 2026 14:08:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396541
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a0:1a:7d:4a:c2:45:55:a2:bb:ea:e5:c0:2e:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=adf4d33e8549b868a6989e6d17021fe63fdb2ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a1:82:55:83:24:ec:f4:49:9c:e6:9e:84:3e:
2d:92:3a:53:a5:26:e2:70:19:ab:41:5a:32:66:49:
03:97:ea:0d:34:c2:b8:ef:31:f0:4e:1f:dd:c1:b8:
56:46:ca:58:3f:10:72:cb:b6:44:8c:38:3c:d5:95:
4a:af:4e:a4:5b:68:b6:a4:b5:be:b3:ad:3d:ec:6a:
91:0e:11:9d:3e:3f:19:ae:82:6d:30:14:52:62:bc:
3f:16:b2:88:a9:21:a9:57:bc:61:10:11:6f:26:74:
a7:da:f9:e8:4f:df:da:f2:9e:fc:d3:6a:c0:39:b5:
b5:1b:65:8c:25:17:17:dd:38:38:ed:7e:df:a2:5f:
d3:40:c8:3e:18:f1:75:e5:4a:e5:4b:7f:0b:6b:34:
f0:19:4c:86:e9:88:8a:4b:66:74:39:90:72:41:45:
2d:72:b7:e1:d8:aa:97:86:c8:b7:29:0b:4c:91:80:
a2:e6:fb:4c:19:18:c5:c7:ad:fb:9e:68:5e:2c:79:
78:82:a6:10:a7:9f:6b:34:39:27:35:c3:20:3e:2d:
46:c6:ca:b7:66:ef:2f:ba:8c:1c:a4:ac:1e:24:05:
82:e1:09:32:82:f4:36:58:b3:3f:73:23:e4:47:28:
09:19:4f:1f:7d:a9:81:d6:36:aa:38:4c:5f:01:6a:
5a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F4:D3:3E:85:49:B8:68:A6:98:9E:6D:17:02:1F:E6:3F:DB:2E:CD
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/rfTTPoVJuGimmJ5tFwIf5j_bLs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
9d:dc:b6:7d:ca:46:fd:32:b6:28:6b:d5:4d:27:5c:a0:9a:b4:
bf:4f:1e:9b:54:59:ed:b5:4f:2e:bb:31:ed:60:c5:6e:c0:21:
36:5c:4d:7c:05:0a:82:30:56:e5:da:68:76:d4:d0:ad:61:9e:
89:30:0b:53:47:8f:a7:bb:af:39:8c:05:0c:ab:a0:63:cb:4b:
06:d8:e1:42:7f:1e:ea:bc:a7:f1:d5:68:10:a0:f4:f8:fc:9c:
e9:88:19:06:be:22:46:20:a3:ec:ef:b8:a7:03:11:7b:62:01:
67:4e:eb:d7:2d:78:dc:aa:49:3f:f5:08:4c:76:bb:20:e8:63:
60:f6:4b:ae:2a:29:e9:96:e7:e7:d0:60:79:71:65:b4:ee:fb:
62:e3:56:9f:62:4f:33:83:f3:40:e2:0e:cf:6d:47:ac:b9:98:
70:c3:69:3e:bc:17:7f:03:4d:98:8e:7f:28:fb:46:75:f6:c8:
9d:d4:48:cf:cc:61:ae:48:4a:a8:b2:ea:7e:39:31:e7:5f:da:
d7:61:6f:bf:70:f5:72:a9:f3:45:3c:24:69:e7:18:6d:36:64:
c1:31:a9:e4:0e:b3:b2:ee:35:c8:62:53:f9:b8:81:f1:9a:f0:
63:3f:8e:10:c4:94:5f:40:d6:34:35:d1:3b:4e:bb:bb:e1:d0:
bc:c0:4d:7d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqAafUrCRVWiu+rlwC4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGY0ZDMzZTg1NDliODY4YTY5ODllNmQxNzAyMWZlNjNmZGIyZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aGCVYMk7PRJnOaehD4tkjpTpSbi
cBmrQVoyZkkDl+oNNMK47zHwTh/dwbhWRspYPxByy7ZEjDg81ZVKr06kW2i2pLW+
s6097GqRDhGdPj8ZroJtMBRSYrw/FrKIqSGpV7xhEBFvJnSn2vnoT9/a8p7802rA
ObW1G2WMJRcX3Tg47X7fol/TQMg+GPF15UrlS38LazTwGUyG6YiKS2Z0OZByQUUt
crfh2KqXhsi3KQtMkYCi5vtMGRjFx637nmheLHl4gqYQp59rNDknNcMgPi1Gxsq3
Zu8vuowcpKweJAWC4QkygvQ2WLM/cyPkRygJGU8ffamB1jaqOExfAWpaFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK300z6FSbhoppiebRcCH+Y/2y7NMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcmZUVFBvVkp1R2ltbUo1dEZ3SWY1al9iTHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAJ3ctn3KRv0y
tihr1U0nXKCatL9PHptUWe21Ty67Me1gxW7AITZcTXwFCoIwVuXaaHbU0K1hnokw
C1NHj6e7rzmMBQyroGPLSwbY4UJ/Huq8p/HVaBCg9Pj8nOmIGQa+IkYgo+zvuKcD
EXtiAWdO69cteNyqST/1CEx2uyDoY2D2S64qKemW5+fQYHlxZbTu+2LjVp9iTzOD
80DiDs9tR6y5mHDDaT68F38DTZiOfyj7RnX2yJ3USM/MYa5ISqiy6n45Medf2tdh
b79w9XKp80U8JGnnGG02ZMExqeQOs7LuNchiU/m4gfGa8GM/jhDElF9A1jQ10TtO
u7vh0LzATX0=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:49:55 2026 by rpki-client