Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/IQM7OL2V5GJkn8XqBCxVwxYG19w.roa
File: IQM7OL2V5GJkn8XqBCxVwxYG19w.roa (raw, json)
Hash identifier: TrkY38pyJfAx5NluxhCFCDdPS3nUbrsk/gajBlW8sEU=
Subject key identifier: 21:03:3B:38:BD:95:E4:62:64:9F:C5:EA:04:2C:55:C3:16:06:D7:DC
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D443B1D694BFC34333D3F6B16A62029FF
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/IQM7OL2V5GJkn8XqBCxVwxYG19w.roa
Signing time: Tue 31 Mar 2026 14:10:17 +0000
ROA not before: Tue 31 Mar 2026 14:10:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 185.100.1.0/24 maxlen: 24
185.100.2.0/24 maxlen: 24
217.30.89.0/24 maxlen: 24
217.30.90.0/24 maxlen: 24
2a10:eec0:d::/48 maxlen: 48
2a10:eec0:e::/47 maxlen: 47
2a10:eec0:10::/44 maxlen: 44
2a10:eec0:20::/43 maxlen: 43
2a10:eec0:40::/42 maxlen: 42
2a10:eec0:80::/41 maxlen: 41
2a10:eec0:100::/40 maxlen: 40
2a10:eec0:200::/39 maxlen: 39
2a10:eec0:400::/38 maxlen: 38
2a10:eec0:800::/37 maxlen: 37
2a10:eec0:1000::/36 maxlen: 36
2a10:eec0:2000::/35 maxlen: 35
2a10:eec0:4000::/34 maxlen: 34
2a10:eec0:8000::/35 maxlen: 35
2a10:eec0:a000::/37 maxlen: 37
2a10:eec0:a800::/39 maxlen: 39
2a10:eec0:aa00::/40 maxlen: 40
2a10:eec0:ab00::/41 maxlen: 41
2a10:eec0:ab80::/42 maxlen: 42
2a10:eec0:abc0::/45 maxlen: 45
2a10:eec0:abc8::/46 maxlen: 46
2a10:eec0:abcc::/48 maxlen: 48
2a10:eec0:abce::/47 maxlen: 47
2a10:eec0:abd0::/44 maxlen: 44
2a10:eec0:abe0::/43 maxlen: 43
2a10:eec0:ac00::/38 maxlen: 38
2a10:eec0:b000::/36 maxlen: 36
2a10:eec0:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 Apr 2026 11:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:3b:1d:69:4b:fc:34:33:3d:3f:6b:16:a6:20:29:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 31 14:10:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21033b38bd95e462649fc5ea042c55c31606d7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:16:b8:2f:30:bc:3f:d2:7e:c4:98:24:7f:ac:
95:5a:2f:26:2b:30:20:1c:47:3e:b6:0d:ed:c6:c9:
51:1b:a2:a1:e3:bd:1c:57:0d:26:5e:35:63:dc:46:
b9:6d:3f:1f:47:7b:27:2f:2a:b4:e0:d6:00:fd:06:
58:f0:26:4e:14:01:8f:0a:4a:77:b1:22:10:80:cb:
6c:69:31:f0:c8:42:3e:c3:49:ff:92:22:0c:3e:a5:
8b:8c:e5:8a:45:d5:9d:ed:d9:e2:c2:9e:dc:91:56:
36:21:59:a4:fe:ac:f2:9a:c8:68:4b:3d:5b:e4:1e:
56:ae:13:ca:e6:2f:a0:8f:a4:d9:c9:d9:f2:06:62:
cd:8a:ae:bb:6c:b2:a1:6d:76:11:f1:1b:5a:9b:fa:
65:d7:81:f8:10:b5:ab:84:eb:e8:d0:bf:5b:8d:3f:
f6:24:49:f9:ce:9b:22:c2:c7:79:31:9f:3d:01:c0:
26:75:c4:fd:8d:22:58:52:0a:1a:5f:59:5f:5e:23:
09:b4:e0:6f:e6:93:5b:7c:a4:6e:77:b7:0a:05:c8:
6d:49:22:9a:e4:6f:a7:aa:46:b3:8d:8c:f3:14:65:
0b:5f:7c:88:af:ec:90:54:c5:a4:f4:4f:1e:13:5a:
83:d1:33:3d:d4:cc:9c:f5:c4:63:58:19:38:88:2c:
61:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:03:3B:38:BD:95:E4:62:64:9F:C5:EA:04:2C:55:C3:16:06:D7:DC
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/IQM7OL2V5GJkn8XqBCxVwxYG19w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.1.0-185.100.2.255
217.30.89.0-217.30.90.255
IPv6:
2a10:eec0:d::-2a10:eec0:abcc:ffff:ffff:ffff:ffff:ffff
2a10:eec0:abce::-2a10:eec0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
46:ab:f0:4d:b5:3f:82:91:69:c2:35:75:0a:50:89:86:b1:d2:
1a:db:f3:b3:40:ff:e2:d8:a6:9c:21:12:ae:9b:92:e6:c2:5b:
3f:c0:c5:c0:99:d2:13:df:92:7f:39:aa:65:f4:e7:ff:94:18:
57:b1:fa:7d:4b:fb:a6:4f:2b:9a:c9:99:74:9a:7c:86:09:53:
a7:54:26:80:72:18:db:3a:d4:ba:76:e1:4d:94:44:8b:05:7f:
06:ae:15:a9:8b:ec:f6:93:b4:53:8b:65:e4:c2:7f:71:1d:79:
ba:14:c8:33:ee:1a:76:eb:4c:68:07:d2:8b:f9:e6:42:0e:8e:
94:7f:e3:d1:89:4e:bf:fc:a2:61:0a:35:71:70:5c:14:15:89:
fa:36:62:6c:6e:ae:0d:22:d6:79:bc:30:b2:0d:70:11:53:f0:
9d:97:33:1f:62:be:72:c7:a7:73:63:ea:32:1b:44:47:89:cb:
af:ff:21:d9:fd:d6:c3:a5:e0:9f:8a:02:23:2f:57:d8:00:98:
f9:39:82:f9:1e:a7:e9:15:66:2d:fc:a4:0d:72:69:56:5f:b8:
dd:75:9d:7e:58:44:b6:17:4c:10:16:7a:c2:a8:51:5b:cd:0e:
6a:5c:5e:05:3e:32:8c:65:11:27:d1:c5:0e:ba:ca:c4:c9:3d:
46:84:ea:34
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZ1EOx1pS/w0Mz0/axamICn/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzMxMTQxMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAzM2IzOGJkOTVlNDYyNjQ5ZmM1ZWEwNDJjNTVjMzE2MDZkN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ha4LzC8P9J+xJgkf6yVWi8mKzAg
HEc+tg3txslRG6Kh470cVw0mXjVj3Ea5bT8fR3snLyq04NYA/QZY8CZOFAGPCkp3
sSIQgMtsaTHwyEI+w0n/kiIMPqWLjOWKRdWd7dniwp7ckVY2IVmk/qzymshoSz1b
5B5WrhPK5i+gj6TZydnyBmLNiq67bLKhbXYR8Rtam/pl14H4ELWrhOvo0L9bjT/2
JEn5zpsiwsd5MZ89AcAmdcT9jSJYUgoaX1lfXiMJtOBv5pNbfKRud7cKBchtSSKa
5G+nqkazjYzzFGULX3yIr+yQVMWk9E8eE1qD0TM91Myc9cRjWBk4iCxh2QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCEDOzi9leRiZJ/F6gQsVcMWBtfcMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvSVFNN09MMlY1R0prbjhYcUJDeFZ3eFlHMTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjAiBAIAATAcMAwDBAC5ZAED
BAC5ZAIwDAMEANkeWQMEANkeWjAsBAIAAjAmMBIDBwAqEO7AAA0DBwAqEO7Aq8ww
EAMHASoQ7sCrzgMFACoQ7sAwDQYJKoZIhvcNAQELBQADggEBAEar8E21P4KRacI1
dQpQiYax0hrb87NA/+LYppwhEq6bkubCWz/AxcCZ0hPfkn85qmX05/+UGFex+n1L
+6ZPK5rJmXSafIYJU6dUJoByGNs61Lp24U2URIsFfwauFamL7PaTtFOLZeTCf3Ed
eboUyDPuGnbrTGgH0ov55kIOjpR/49GJTr/8omEKNXFwXBQVifo2Ymxurg0i1nm8
MLINcBFT8J2XMx9ivnLHp3Nj6jIbREeJy6//Idn91sOl4J+KAiMvV9gAmPk5gvke
p+kVZi38pA1yaVZfuN11nX5YRLYXTBAWesKoUVvNDmpcXgU+MoxlESfRxQ66ysTJ
PUaE6jQ=
-----END CERTIFICATE-----
Generated at Tue Apr 7 19:39:50 2026 by rpki-client