Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CGlDRNOFPkBqU37GDzJ7QETtieo.roa
File: CGlDRNOFPkBqU37GDzJ7QETtieo.roa (raw, json)
Hash identifier: Ktoe3+2jtoypfBydY0rjxPtGfys6p3evDIoQ+xR1kKM=
Subject key identifier: 08:69:43:44:D3:85:3E:40:6A:53:7E:C6:0F:32:7B:40:44:ED:89:EA
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82C860B530FDA855A8F4F31BA70861
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CGlDRNOFPkBqU37GDzJ7QETtieo.roa
Signing time: Thu 26 Mar 2026 14:18:27 +0000
ROA not before: Thu 26 Mar 2026 14:18:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396584
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:c8:60:b5:30:fd:a8:55:a8:f4:f3:1b:a7:08:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08694344d3853e406a537ec60f327b4044ed89ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3e:66:6f:b5:71:41:fb:37:95:bb:5f:3f:e0:
b2:e1:cc:f1:48:06:c2:54:57:65:f3:1f:bc:1a:28:
27:b6:e9:eb:1b:a7:2c:c8:6f:49:75:90:18:9a:4e:
50:d0:33:de:1e:ed:c7:ab:ea:4a:4e:6b:63:bf:a3:
aa:d8:8c:67:d6:d4:6b:04:23:c1:2b:56:86:09:7a:
3b:e7:c5:e8:19:22:6a:89:fc:46:5a:dd:a0:63:86:
3d:e4:de:16:c8:a3:e5:98:77:56:6b:d7:d9:aa:29:
5d:35:76:4b:dc:a8:e4:6e:f4:9b:76:e4:e3:6d:23:
43:81:54:7c:07:75:b0:9c:82:5e:ff:51:9e:c8:03:
91:73:0f:ec:a3:21:84:df:33:a1:7c:64:1c:1d:2d:
55:eb:d6:0a:48:b0:7f:be:e7:e8:6a:96:55:b5:dc:
71:9e:2e:c5:b9:53:84:07:1e:a2:c8:f7:4f:5d:66:
ee:10:13:bb:25:2f:09:e2:d1:d0:c2:1f:10:94:7a:
b8:cd:1a:c4:2c:5d:e1:1e:61:7e:97:6b:e6:8a:17:
ca:ea:7e:6d:48:11:19:3b:f6:b3:38:25:62:60:36:
bc:1c:71:a9:07:5b:0d:21:5b:2c:bd:86:ad:49:e1:
f0:58:c7:be:9d:2c:a4:6b:17:d1:40:00:a3:5b:eb:
55:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:69:43:44:D3:85:3E:40:6A:53:7E:C6:0F:32:7B:40:44:ED:89:EA
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/CGlDRNOFPkBqU37GDzJ7QETtieo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:32:12:10:76:10:ac:b5:20:5c:c1:99:b8:1c:09:49:91:5f:
6c:25:f8:4f:44:a4:53:1a:21:9d:62:bf:82:2b:d6:92:8f:c5:
af:c6:98:74:a2:49:8f:4d:0a:b4:0f:0c:bd:4f:d3:da:37:57:
bc:9d:55:67:68:2a:a7:82:0f:10:0d:ca:38:17:2d:f2:a5:00:
36:94:29:e5:4b:6e:66:11:4a:5a:0c:5d:fa:03:28:a4:fb:73:
02:9e:5e:f9:cf:b6:45:f3:91:1c:cb:71:ac:18:fe:34:08:b4:
bc:80:bf:8f:a2:32:8e:19:57:3c:35:1b:66:cc:6d:ca:9f:ff:
7a:43:cb:d3:39:3b:f7:1c:78:a7:02:b4:04:3a:6d:55:b5:9e:
7b:49:d9:f8:93:75:0f:4b:32:ba:dd:d0:6e:33:bf:61:7a:d7:
04:07:2d:c4:fa:d4:74:0d:6d:be:55:2d:11:30:25:0d:46:53:
ab:18:8b:59:a2:00:b8:7d:0a:7a:33:a5:58:bf:7d:31:c6:bc:
b8:5a:48:e7:20:59:bc:23:5f:b6:9c:3f:8e:ab:93:1d:7e:1e:
d1:8b:22:99:fe:b6:b0:c3:8b:01:9b:f5:75:4d:96:89:f3:7e:
44:14:13:d9:d1:14:cd:f4:99:97:4c:ee:c6:e1:2f:e9:5a:8b:
42:31:13:8e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgshgtTD9qFWo9PMbpwhhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY5NDM0NGQzODUzZTQwNmE1MzdlYzYwZjMyN2I0MDQ0ZWQ4OWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlz5mb7VxQfs3lbtfP+Cy4czxSAbC
VFdl8x+8GigntunrG6csyG9JdZAYmk5Q0DPeHu3Hq+pKTmtjv6Oq2Ixn1tRrBCPB
K1aGCXo758XoGSJqifxGWt2gY4Y95N4WyKPlmHdWa9fZqildNXZL3KjkbvSbduTj
bSNDgVR8B3WwnIJe/1GeyAORcw/soyGE3zOhfGQcHS1V69YKSLB/vufoapZVtdxx
ni7FuVOEBx6iyPdPXWbuEBO7JS8J4tHQwh8QlHq4zRrELF3hHmF+l2vmihfK6n5t
SBEZO/azOCViYDa8HHGpB1sNIVssvYatSeHwWMe+nSykaxfRQACjW+tVywIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFAhpQ0TThT5AalN+xg8ye0BE7YnqMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvQ0dsRFJOT0ZQa0JxVTM3R0R6SjdRRVR0aWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEALjISEHYQrLUgXMGZuBwJSZFfbCX4T0Sk
UxohnWK/givWko/Fr8aYdKJJj00KtA8MvU/T2jdXvJ1VZ2gqp4IPEA3KOBct8qUA
NpQp5UtuZhFKWgxd+gMopPtzAp5e+c+2RfORHMtxrBj+NAi0vIC/j6IyjhlXPDUb
Zsxtyp//ekPL0zk79xx4pwK0BDptVbWee0nZ+JN1D0syut3QbjO/YXrXBActxPrU
dA1tvlUtETAlDUZTqxiLWaIAuH0KejOlWL99Mca8uFpI5yBZvCNftpw/jquTHX4e
0Ysimf62sMOLAZv1dU2WifN+RBQT2dEUzfSZl0zuxuEv6VqLQjETjg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:51 2026 by rpki-client