Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/v7Wrh1hYNrGHpkJvU_W4drmZ_z0.roa
File: v7Wrh1hYNrGHpkJvU_W4drmZ_z0.roa (raw, json)
Hash identifier: r/fBosGi5omJzlf2WwJDIHUgb2ktYvYdiSc31EcjDZs=
Subject key identifier: BF:B5:AB:87:58:58:36:B1:87:A6:42:6F:53:F5:B8:76:B9:99:FF:3D
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D72929A1DCD6624A52CB577D95ED7B5B2
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/v7Wrh1hYNrGHpkJvU_W4drmZ_z0.roa
Signing time: Thu 09 Apr 2026 14:08:23 +0000
ROA not before: Thu 09 Apr 2026 14:08:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36624
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:9a:1d:cd:66:24:a5:2c:b5:77:d9:5e:d7:b5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bfb5ab87585836b187a6426f53f5b876b999ff3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a9:f3:10:eb:60:90:9b:aa:50:e8:72:34:0b:
8c:b1:55:ba:05:0c:3a:36:3e:ba:f1:ca:64:ac:3a:
d3:82:61:02:86:32:29:ee:44:a2:84:c0:d1:f1:b4:
fd:82:3e:bd:33:8c:dd:ed:48:5e:85:57:1e:2a:5b:
92:bd:54:b4:ec:76:a0:28:b6:4d:77:80:da:7f:73:
29:c3:4a:42:31:4a:2f:2e:62:dc:26:e7:be:02:0b:
d3:47:31:79:a8:90:af:4c:2f:49:84:4f:26:24:84:
6a:1a:0c:73:e6:17:20:a3:d5:0a:b7:27:38:39:38:
00:82:b2:7e:79:d4:fb:58:ed:13:c4:0d:46:cb:c0:
cc:93:64:f3:42:d1:6a:69:a4:89:8f:d4:e7:b0:33:
21:5a:b2:32:f7:82:ee:ce:65:7b:a2:c9:8f:b0:96:
0d:e1:89:8e:ec:e6:0c:ef:30:5a:3d:6b:60:c8:07:
4d:c5:93:4a:1d:14:fe:34:92:91:1e:c6:f2:f2:4a:
3b:36:9e:79:9a:76:21:d2:e5:5a:82:5b:99:b7:ad:
34:2c:1a:d2:c4:0b:8d:cd:a8:d0:1d:df:41:78:f2:
a2:89:09:af:0e:b3:df:15:14:44:7a:84:47:50:e8:
a3:2c:a6:e7:db:af:82:d9:fa:8c:fc:9a:9a:38:fc:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:B5:AB:87:58:58:36:B1:87:A6:42:6F:53:F5:B8:76:B9:99:FF:3D
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/v7Wrh1hYNrGHpkJvU_W4drmZ_z0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
5e:2a:bd:4e:41:4d:77:b7:e6:fb:a7:50:f8:e0:cf:d4:8c:db:
16:28:68:ef:a7:42:db:c2:e3:45:05:62:c7:23:c8:7d:5e:46:
18:5a:51:7f:55:47:74:f1:f0:03:d8:16:5e:95:18:70:84:88:
d8:2c:c9:e5:d9:bb:f5:18:51:2b:54:0c:e0:62:7e:bd:6c:24:
4c:48:5d:4e:b2:5d:4d:a8:72:3c:81:d0:07:3b:ce:0f:19:fe:
36:94:ee:92:bc:51:90:33:99:6c:9e:67:1a:8d:5b:e2:4a:c0:
fa:67:e2:82:56:bb:1e:a6:89:70:33:77:72:2c:58:54:bf:2f:
01:a7:d2:29:dd:46:5c:21:02:e8:64:91:88:a5:18:ba:e9:d7:
c9:c4:4a:ef:e1:06:7a:35:a1:29:b8:f8:bc:fc:9a:26:a6:d3:
89:5b:ac:b6:fe:32:d2:22:87:bb:9d:27:b0:d5:d7:ad:9b:9a:
bf:bd:19:19:f1:8e:a5:cf:e2:af:30:b1:68:8d:48:1d:fa:5b:
80:cb:14:f6:d7:71:30:46:fa:70:ec:23:cf:39:e0:85:88:cd:
2a:9e:3f:9e:6e:3a:f7:09:e2:e6:7c:f2:de:ae:d4:f1:7f:0c:
0f:52:fa:ac:aa:41:3b:d7:db:ae:71:3b:3d:40:21:56:e7:7a:
da:55:fa:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykpodzWYkpSy1d9le17WyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmI1YWI4NzU4NTgzNmIxODdhNjQyNmY1M2Y1Yjg3NmI5OTlmZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwanzEOtgkJuqUOhyNAuMsVW6BQw6
Nj668cpkrDrTgmEChjIp7kSihMDR8bT9gj69M4zd7UhehVceKluSvVS07HagKLZN
d4Daf3Mpw0pCMUovLmLcJue+AgvTRzF5qJCvTC9JhE8mJIRqGgxz5hcgo9UKtyc4
OTgAgrJ+edT7WO0TxA1Gy8DMk2TzQtFqaaSJj9TnsDMhWrIy94LuzmV7osmPsJYN
4YmO7OYM7zBaPWtgyAdNxZNKHRT+NJKRHsby8ko7Np55mnYh0uVagluZt600LBrS
xAuNzajQHd9BePKiiQmvDrPfFRREeoRHUOijLKbn26+C2fqM/JqaOPwBLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL+1q4dYWDaxh6ZCb1P1uHa5mf89MB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvdjdXcmgxaFlOckdIcGtKdlVfVzRkcm1aX3owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAF4qvU5BTXe3
5vunUPjgz9SM2xYoaO+nQtvC40UFYscjyH1eRhhaUX9VR3Tx8APYFl6VGHCEiNgs
yeXZu/UYUStUDOBifr1sJExIXU6yXU2ocjyB0Ac7zg8Z/jaU7pK8UZAzmWyeZxqN
W+JKwPpn4oJWux6miXAzd3IsWFS/LwGn0indRlwhAuhkkYilGLrp18nESu/hBno1
oSm4+Lz8miam04lbrLb+MtIih7udJ7DV162bmr+9GRnxjqXP4q8wsWiNSB36W4DL
FPbXcTBG+nDsI8854IWIzSqeP55uOvcJ4uZ88t6u1PF/DA9S+qyqQTvX265xOz1A
IVbnetpV+nA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:21:29 2026 by rpki-client