Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/wA52T7qn04OdOprXFFO67OsWq5Y.roa
File: wA52T7qn04OdOprXFFO67OsWq5Y.roa (raw, json)
Hash identifier: AL0iG3Yy5sfOtBITPAlq7wO7LEEWJ2MbrS+kBVPFVPc=
Subject key identifier: C0:0E:76:4F:BA:A7:D3:83:9D:3A:9A:D7:14:53:BA:EC:EB:16:AB:96
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292A8A794AE1DAE38751F2D459C64A0
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/wA52T7qn04OdOprXFFO67OsWq5Y.roa
Signing time: Thu 09 Apr 2026 14:08:27 +0000
ROA not before: Thu 09 Apr 2026 14:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396564
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:a8:a7:94:ae:1d:ae:38:75:1f:2d:45:9c:64:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c00e764fbaa7d3839d3a9ad71453baeceb16ab96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:47:45:6f:6d:a2:cc:40:ce:62:84:81:72:
53:0e:c2:63:58:91:25:ac:7f:2f:b6:29:c4:b3:49:
c6:aa:fd:ee:f3:6c:e6:40:8f:b5:d8:ca:ff:3e:37:
e6:5f:9c:f4:1c:99:e3:2a:2a:e1:ac:70:02:c1:e2:
5f:cf:45:0d:c6:b3:29:ee:fa:d9:75:7c:1d:8b:69:
54:aa:6b:62:8e:c9:2b:f8:75:d5:73:ad:22:ea:1f:
11:f5:07:75:27:dc:00:45:3d:92:f1:53:1c:6a:50:
8d:5e:c2:24:19:46:69:01:ab:b5:03:aa:fd:69:c2:
6d:52:f9:f6:4a:4a:f8:c8:1f:43:c0:d6:99:30:dd:
ce:5b:76:98:d2:e0:cc:81:61:c4:ed:55:01:61:95:
a5:f8:85:cb:92:17:e4:51:7b:fc:db:c8:49:2f:20:
4f:6d:08:30:91:ed:be:e1:3e:76:1a:99:fe:72:66:
60:0e:47:06:f0:3a:42:dc:ad:4d:40:32:74:66:f8:
e0:f1:33:3f:89:08:29:ce:5c:80:e6:f5:01:95:70:
4a:8a:11:ae:80:9d:cb:c1:d8:d2:af:2d:88:b4:de:
8f:a3:b9:a5:8a:33:6e:93:12:9c:74:9d:02:c6:6f:
75:60:c4:f1:cc:e6:2b:fb:f6:ff:01:0c:05:0d:70:
30:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0E:76:4F:BA:A7:D3:83:9D:3A:9A:D7:14:53:BA:EC:EB:16:AB:96
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/wA52T7qn04OdOprXFFO67OsWq5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
c2:a1:20:a4:92:9c:ac:57:d7:18:7b:2b:e2:44:c1:39:8b:5a:
cf:d8:90:d1:ef:ee:7d:3c:3c:3b:22:0f:3a:8d:ea:05:42:6e:
16:3b:1e:79:54:96:4d:7e:0e:c1:86:67:5b:52:16:15:c3:cc:
2b:8a:21:e1:d0:e7:2a:da:2d:6b:80:82:4b:68:1a:05:f8:94:
91:1d:47:bb:24:05:1f:bd:15:6a:2b:11:57:6b:65:2e:bc:3b:
5c:ac:45:4a:a6:08:bb:7e:c9:23:7b:d6:97:5f:86:d9:0c:0e:
f5:d9:b8:0c:dd:44:af:a5:8b:d5:58:5d:d4:4f:d8:7c:4c:63:
02:84:54:f1:74:80:9d:46:e6:65:17:12:78:01:66:36:5f:dc:
5a:5d:05:4b:28:4f:26:2e:b5:43:bf:79:a3:8d:8e:36:89:14:
86:b0:4c:5a:d4:ea:a2:4d:1c:f4:ce:17:4a:a1:f7:85:d3:0d:
13:1d:db:d0:00:81:6f:01:fd:6a:ed:14:09:a4:0b:5f:fe:05:
1f:fb:bc:03:67:08:2f:6d:6a:c8:91:42:00:d1:c4:42:09:01:
b2:50:4a:37:ba:41:d1:a4:42:43:b1:ee:20:20:93:8e:a1:ff:
12:af:e6:c8:fb:9b:bb:7d:1a:61:4c:86:31:7d:15:a6:6d:fc:
da:0b:4d:0d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1ykqinlK4drjh1Hy1FnGSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBlNzY0ZmJhYTdkMzgzOWQzYTlhZDcxNDUzYmFlY2ViMTZhYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7RHRW9tosxAzmKEgXJTDsJjWJEl
rH8vtinEs0nGqv3u82zmQI+12Mr/PjfmX5z0HJnjKirhrHACweJfz0UNxrMp7vrZ
dXwdi2lUqmtijskr+HXVc60i6h8R9Qd1J9wART2S8VMcalCNXsIkGUZpAau1A6r9
acJtUvn2Skr4yB9DwNaZMN3OW3aY0uDMgWHE7VUBYZWl+IXLkhfkUXv828hJLyBP
bQgwke2+4T52Gpn+cmZgDkcG8DpC3K1NQDJ0Zvjg8TM/iQgpzlyA5vUBlXBKihGu
gJ3LwdjSry2ItN6Po7mlijNukxKcdJ0Cxm91YMTxzOYr+/b/AQwFDXAwPQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFMAOdk+6p9ODnTqa1xRTuuzrFquWMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvd0E1MlQ3cW4wNE9kT3ByWEZGTzY3T3NXcTVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAMKhIKSSnKxX
1xh7K+JEwTmLWs/YkNHv7n08PDsiDzqN6gVCbhY7HnlUlk1+DsGGZ1tSFhXDzCuK
IeHQ5yraLWuAgktoGgX4lJEdR7skBR+9FWorEVdrZS68O1ysRUqmCLt+ySN71pdf
htkMDvXZuAzdRK+li9VYXdRP2HxMYwKEVPF0gJ1G5mUXEngBZjZf3FpdBUsoTyYu
tUO/eaONjjaJFIawTFrU6qJNHPTOF0qh94XTDRMd29AAgW8B/WrtFAmkC1/+BR/7
vANnCC9tasiRQgDRxEIJAbJQSje6QdGkQkOx7iAgk46h/xKv5sj7m7t9GmFMhjF9
FaZt/NoLTQ0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:19:37 2026 by rpki-client