Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/s6yeTAFcNsqhX9_Ezek5pB4-Aq8.roa
File: s6yeTAFcNsqhX9_Ezek5pB4-Aq8.roa (raw, json)
Hash identifier: T1mIto6K9PnGnkl6hWIrDA+n87VtMKBpVHdc5HduXq4=
Subject key identifier: B3:AC:9E:4C:01:5C:36:CA:A1:5F:DF:C4:CD:E9:39:A4:1E:3E:02:AF
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292ADA11F52926AA8B68E5B5E818D16
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/s6yeTAFcNsqhX9_Ezek5pB4-Aq8.roa
Signing time: Thu 09 Apr 2026 14:08:28 +0000
ROA not before: Thu 09 Apr 2026 14:08:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396576
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:ad:a1:1f:52:92:6a:a8:b6:8e:5b:5e:81:8d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3ac9e4c015c36caa15fdfc4cde939a41e3e02af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2f:93:ec:fd:3b:5f:ea:be:03:15:62:56:90:
5d:e5:92:88:bb:64:bb:75:e8:ba:cf:bb:0d:75:29:
b3:c5:fb:b1:b8:4b:25:22:f4:4b:ab:10:6a:24:4e:
26:64:2a:51:a5:d0:d0:3e:50:63:32:e6:ab:1c:76:
f4:94:52:19:5a:3f:a5:7f:8b:6d:9e:8e:f9:ab:e6:
5f:d2:df:a1:fb:e7:82:86:44:27:c2:84:70:54:35:
72:4a:4f:0b:f5:85:07:c1:58:09:4a:16:4a:6f:1a:
b0:4c:cd:8f:ef:48:57:94:d0:67:45:ea:09:cc:9e:
e7:0a:df:5a:4a:27:d2:e6:71:61:76:59:d8:59:3d:
3f:5f:4b:fd:d5:36:7b:f4:6e:53:b5:b4:70:1e:37:
36:68:47:e5:f7:f4:e1:f9:a1:7e:ec:77:b1:76:ad:
f7:e0:6e:f2:cc:b3:b4:5f:d3:ff:e9:97:3a:1c:af:
af:fe:56:78:44:06:b8:f5:1d:68:33:50:bd:f1:6c:
30:55:42:b4:57:f6:54:35:63:f3:69:0d:e6:0a:a0:
d9:8e:8c:cd:9a:c7:d9:ea:d9:cf:f9:01:1a:45:be:
13:d0:6b:8f:cc:00:c4:ac:ff:0f:d9:0e:fc:08:c8:
76:b6:c4:3d:74:42:f4:34:55:3c:28:5d:64:62:47:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AC:9E:4C:01:5C:36:CA:A1:5F:DF:C4:CD:E9:39:A4:1E:3E:02:AF
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/s6yeTAFcNsqhX9_Ezek5pB4-Aq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
7a:53:02:1b:3c:f5:05:a1:13:0d:a5:b4:ae:80:a1:66:e0:bd:
93:f2:7e:60:0e:86:82:ec:fe:14:6c:de:06:b9:d0:95:9a:1f:
4b:5d:e3:7e:2a:25:7a:2c:79:5a:4f:ba:d0:d6:c8:e7:8e:76:
66:9d:9d:c9:a3:a6:75:81:8f:47:09:09:97:11:94:9d:42:cb:
27:30:dd:80:5c:e6:7a:9c:fa:6f:0f:00:38:c1:20:ab:36:2e:
7c:a5:5b:e3:d3:78:f4:09:9e:31:a8:46:9c:bf:9a:04:17:b5:
20:3c:3e:5d:2a:cc:25:a3:5e:d1:b7:8a:d4:9c:0c:63:61:d5:
4f:22:85:b7:c7:a5:f1:77:3a:2c:08:5d:27:02:30:6c:cf:0f:
44:9b:b9:d6:a1:b6:05:2d:8f:cf:9d:32:0d:ca:ff:e0:2c:e8:
86:dd:f6:68:95:82:f7:a6:0f:31:a9:4a:e8:4a:3d:06:01:c2:
d5:30:22:2a:10:a5:d1:10:79:a2:63:8c:42:98:c1:5f:4d:e2:
4f:51:7e:ca:5f:5c:4d:e9:51:8a:f5:55:f6:f6:70:df:69:91:
96:25:ce:e0:6b:60:2c:d1:c4:ec:0d:60:0b:27:c6:fb:ad:7f:
a4:a5:62:b0:af:82:89:1d:53:ee:0d:8a:dc:b3:50:10:ee:8f:
2b:80:fc:c8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykq2hH1KSaqi2jltegY0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2FjOWU0YzAxNWMzNmNhYTE1ZmRmYzRjZGU5MzlhNDFlM2UwMmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy+T7P07X+q+AxViVpBd5ZKIu2S7
dei6z7sNdSmzxfuxuEslIvRLqxBqJE4mZCpRpdDQPlBjMuarHHb0lFIZWj+lf4tt
no75q+Zf0t+h++eChkQnwoRwVDVySk8L9YUHwVgJShZKbxqwTM2P70hXlNBnReoJ
zJ7nCt9aSifS5nFhdlnYWT0/X0v91TZ79G5TtbRwHjc2aEfl9/Th+aF+7Hexdq33
4G7yzLO0X9P/6Zc6HK+v/lZ4RAa49R1oM1C98WwwVUK0V/ZUNWPzaQ3mCqDZjozN
msfZ6tnP+QEaRb4T0GuPzADErP8P2Q78CMh2tsQ9dEL0NFU8KF1kYkcswQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLOsnkwBXDbKoV/fxM3pOaQePgKvMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvczZ5ZVRBRmNOc3FoWDlfRXplazVwQjQtQXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAHpTAhs89QWh
Ew2ltK6AoWbgvZPyfmAOhoLs/hRs3ga50JWaH0td434qJXoseVpPutDWyOeOdmad
ncmjpnWBj0cJCZcRlJ1Cyycw3YBc5nqc+m8PADjBIKs2LnylW+PTePQJnjGoRpy/
mgQXtSA8Pl0qzCWjXtG3itScDGNh1U8ihbfHpfF3OiwIXScCMGzPD0SbudahtgUt
j8+dMg3K/+As6Ibd9miVgvemDzGpSuhKPQYBwtUwIioQpdEQeaJjjEKYwV9N4k9R
fspfXE3pUYr1Vfb2cN9pkZYlzuBrYCzRxOwNYAsnxvutf6SlYrCvgokdU+4Nityz
UBDujyuA/Mg=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:19:08 2026 by rpki-client