Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/spGoRA02B45oTaFQ9m2uOIta6IU.roa
File: spGoRA02B45oTaFQ9m2uOIta6IU.roa (raw, json)
Hash identifier: sPVcrxPq54fBEjCaGPvIlC1rf1uvfraMpvMzOdT2MUQ=
Subject key identifier: B2:91:A8:44:0D:36:07:8E:68:4D:A1:50:F6:6D:AE:38:8B:5A:E8:85
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C8097634D463F5CDB5D0779D400B
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/spGoRA02B45oTaFQ9m2uOIta6IU.roa
Signing time: Thu 09 Apr 2026 14:08:35 +0000
ROA not before: Thu 09 Apr 2026 14:08:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397203
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c8:09:76:34:d4:63:f5:cd:b5:d0:77:9d:40:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b291a8440d36078e684da150f66dae388b5ae885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3d:1e:54:66:93:0d:2b:07:28:0e:67:92:a8:
3e:f1:d1:1e:f6:d1:d0:99:da:fb:1d:9d:ab:8f:4c:
7d:04:3b:74:e2:72:bb:99:57:4f:97:27:9c:44:e0:
70:a2:10:06:a9:f5:56:f4:db:83:1e:de:8c:9b:d4:
5b:9c:74:cf:3f:76:c1:80:e7:84:3c:bb:76:21:9c:
42:ee:a6:69:ef:11:a5:04:b9:44:c3:d7:ca:18:55:
e4:cf:49:d3:55:0e:13:2c:29:4b:f8:c4:e6:be:95:
c9:4a:da:28:5a:d8:9f:c4:d3:57:10:1c:09:6e:50:
6e:cf:87:53:e4:17:c1:ad:35:48:2c:79:cd:9a:62:
b5:02:84:d9:bb:1b:ed:f4:4e:ea:27:73:dd:59:a6:
f9:b4:8b:a5:8c:2a:01:11:21:3b:db:58:45:29:61:
31:8e:c8:f3:d9:45:bc:2c:49:c6:34:70:b5:6a:dd:
c8:e1:55:0f:41:b9:ee:dc:5d:b7:75:3a:e2:c7:97:
b7:d3:69:13:13:c6:a8:63:c8:ba:3b:f2:b8:f9:5b:
45:6c:e7:35:36:f1:f3:03:7d:f0:1f:bb:8d:65:ce:
cf:d4:b6:9c:9b:46:00:f8:87:2d:38:8e:69:f6:17:
f9:91:23:bc:83:cc:ad:91:a5:de:5d:35:72:90:ba:
92:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:91:A8:44:0D:36:07:8E:68:4D:A1:50:F6:6D:AE:38:8B:5A:E8:85
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/spGoRA02B45oTaFQ9m2uOIta6IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
49:2e:29:d3:ef:0e:ff:c3:86:a1:13:7e:cf:0d:46:e1:7e:ea:
d3:e3:a9:87:17:cc:dd:2f:c8:11:7a:6c:d0:c1:5e:03:57:7a:
96:8d:19:30:ff:52:d9:c0:56:55:e3:08:d3:de:9f:33:a4:5d:
f1:63:2e:d5:30:0a:65:16:6a:1d:6f:d3:57:74:60:1a:ca:22:
56:b3:25:bf:68:be:7b:c8:a2:c4:de:49:6e:1f:da:e1:2e:86:
4f:cf:2a:26:7c:66:8b:ca:3a:3c:f0:bb:d7:f2:01:ef:39:66:
bd:a0:90:fa:6f:96:ae:ee:0a:67:a4:47:82:3c:98:f3:46:fd:
4d:60:75:f2:50:8b:ac:0e:9f:e9:ce:f9:b2:6d:0a:44:7f:56:
02:53:37:9c:85:c8:c6:10:c3:30:fe:42:28:7d:21:6b:bc:91:
84:94:b2:99:c0:4d:50:9a:26:59:92:3b:c6:86:14:39:9d:17:
cd:36:44:c0:2a:fd:e9:e9:9d:56:89:5c:0e:88:eb:2b:32:ba:
2b:b8:9a:03:55:c8:79:01:b0:5a:39:48:53:3b:87:55:7e:f0:
87:87:85:c8:9b:66:97:ae:29:ac:36:1f:12:97:4e:a9:8a:6d:
a4:2a:59:0d:0d:f4:22:eb:28:77:08:43:ac:83:db:d1:49:e9:
07:11:9b:44
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksgJdjTUY/XNtdB3nUALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkxYTg0NDBkMzYwNzhlNjg0ZGExNTBmNjZkYWUzODhiNWFlODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT0eVGaTDSsHKA5nkqg+8dEe9tHQ
mdr7HZ2rj0x9BDt04nK7mVdPlyecROBwohAGqfVW9NuDHt6Mm9RbnHTPP3bBgOeE
PLt2IZxC7qZp7xGlBLlEw9fKGFXkz0nTVQ4TLClL+MTmvpXJStooWtifxNNXEBwJ
blBuz4dT5BfBrTVILHnNmmK1AoTZuxvt9E7qJ3PdWab5tIuljCoBESE721hFKWEx
jsjz2UW8LEnGNHC1at3I4VUPQbnu3F23dTrix5e302kTE8aoY8i6O/K4+VtFbOc1
NvHzA33wH7uNZc7P1Lacm0YA+IctOI5p9hf5kSO8g8ytkaXeXTVykLqSkwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLKRqEQNNgeOaE2hUPZtrjiLWuiFMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvc3BHb1JBMDJCNDVvVGFGUTltMnVPSXRhNklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAEkuKdPvDv/D
hqETfs8NRuF+6tPjqYcXzN0vyBF6bNDBXgNXepaNGTD/UtnAVlXjCNPenzOkXfFj
LtUwCmUWah1v01d0YBrKIlazJb9ovnvIosTeSW4f2uEuhk/PKiZ8ZovKOjzwu9fy
Ae85Zr2gkPpvlq7uCmekR4I8mPNG/U1gdfJQi6wOn+nO+bJtCkR/VgJTN5yFyMYQ
wzD+Qih9IWu8kYSUspnATVCaJlmSO8aGFDmdF802RMAq/enpnVaJXA6I6ysyuiu4
mgNVyHkBsFo5SFM7h1V+8IeHhcibZpeuKaw2HxKXTqmKbaQqWQ0N9CLrKHcIQ6yD
29FJ6QcRm0Q=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:19:30 2026 by rpki-client