Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HDqZ2oNcdcj-AsP0XQ7qRpu6Wqo.roa
File: HDqZ2oNcdcj-AsP0XQ7qRpu6Wqo.roa (raw, json)
Hash identifier: YzNi+OS0DwIDNrPXCBLl4/2OoY/vQl1dQxAYGpK//Ww=
Subject key identifier: 1C:3A:99:DA:83:5C:75:C8:FE:02:C3:F4:5D:0E:EA:46:9B:BA:5A:AA
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82E0A5226D3A6918FB90E5A69A80B6
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HDqZ2oNcdcj-AsP0XQ7qRpu6Wqo.roa
Signing time: Thu 26 Mar 2026 14:18:33 +0000
ROA not before: Thu 26 Mar 2026 14:18:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397209
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:e0:a5:22:6d:3a:69:18:fb:90:e5:a6:9a:80:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c3a99da835c75c8fe02c3f45d0eea469bba5aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d3:65:65:bd:6a:70:70:75:7b:82:59:2a:ed:
ca:73:1f:c0:0b:ec:4a:e9:ee:16:56:dd:99:b7:5b:
70:90:a0:33:26:60:7f:cf:4c:5b:9f:65:d7:f5:b7:
d9:31:f7:68:98:f3:3b:87:15:d5:55:2b:42:6d:8a:
e4:59:62:be:1a:2a:39:a8:66:09:c7:d3:5e:7e:a8:
84:78:76:1f:7a:ce:80:76:c9:0a:d4:8c:5f:4f:9e:
2b:31:46:a4:c2:ad:2b:a6:5c:29:35:1c:7e:dc:a2:
f2:e5:82:56:6f:3c:5e:53:08:4c:7c:44:b1:e3:f0:
b3:b5:ed:4e:8a:dc:70:b8:b7:a4:e3:98:34:9d:8e:
e3:18:c5:2c:b7:bd:63:0b:de:fb:cc:46:fd:f7:9a:
d1:81:bb:6a:e0:6f:8a:36:75:7b:d1:76:0a:93:57:
bc:f0:ee:76:8b:c8:96:0e:bf:85:95:a0:c0:82:80:
dd:63:0f:bd:4d:1f:15:b0:63:52:51:2a:ca:dd:1a:
a6:43:ed:f8:a3:72:15:01:6d:23:56:7f:c4:88:eb:
ef:7e:70:e1:81:aa:b7:a5:f3:aa:ca:91:47:22:b7:
44:00:e6:bc:c7:42:f7:57:18:3d:2a:54:0a:bb:5f:
1c:d2:48:0c:9a:10:c7:c3:c9:56:f9:b8:67:e0:19:
06:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3A:99:DA:83:5C:75:C8:FE:02:C3:F4:5D:0E:EA:46:9B:BA:5A:AA
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/HDqZ2oNcdcj-AsP0XQ7qRpu6Wqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:2b:2a:9b:3a:46:28:c6:3c:ec:28:0e:c5:8c:25:43:90:eb:
70:35:d3:06:14:e8:66:30:96:c4:4f:64:a7:bd:21:82:4d:09:
fa:c5:78:15:05:db:31:df:d7:27:30:35:48:82:a4:37:89:54:
6f:ab:80:b7:d9:8b:53:31:5d:77:b3:aa:f5:b4:4e:fb:1b:cc:
72:67:0c:17:a1:fa:7e:b5:02:2c:64:f4:1e:5b:b4:82:8b:ab:
ae:3f:45:c8:44:ba:98:36:39:48:d2:91:97:4b:12:4c:70:17:
8f:97:83:af:d7:53:cd:78:17:ce:78:2b:a0:18:c2:53:ea:d6:
9c:57:2f:2b:ab:94:5d:46:6e:64:4c:d7:28:5b:77:9e:2b:d6:
55:13:c3:02:ba:8c:73:fd:80:15:99:c5:2a:23:49:b7:4e:08:
7e:7c:85:0c:10:ec:bb:d6:28:a6:d4:12:98:b3:3f:8b:d0:4e:
71:9d:b5:d6:08:ec:5a:ca:55:41:c8:49:24:78:ac:38:75:84:
bf:aa:3c:c8:39:5c:e9:97:ad:52:88:9b:7c:3a:36:a4:c2:3a:
18:da:2b:a7:50:4c:42:35:1c:47:f7:dd:51:5d:5a:cd:0a:eb:
a9:21:e7:ce:9a:f1:87:e4:08:bb:37:99:a5:ed:96:9e:5e:f5:
04:21:13:17
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qguClIm06aRj7kOWmmoC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzNhOTlkYTgzNWM3NWM4ZmUwMmMzZjQ1ZDBlZWE0NjliYmE1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9NlZb1qcHB1e4JZKu3Kcx/AC+xK
6e4WVt2Zt1twkKAzJmB/z0xbn2XX9bfZMfdomPM7hxXVVStCbYrkWWK+Gio5qGYJ
x9NefqiEeHYfes6AdskK1IxfT54rMUakwq0rplwpNRx+3KLy5YJWbzxeUwhMfESx
4/Czte1OitxwuLek45g0nY7jGMUst71jC977zEb995rRgbtq4G+KNnV70XYKk1e8
8O52i8iWDr+FlaDAgoDdYw+9TR8VsGNSUSrK3RqmQ+34o3IVAW0jVn/EiOvvfnDh
gaq3pfOqypFHIrdEAOa8x0L3Vxg9KlQKu18c0kgMmhDHw8lW+bhn4BkGXwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFBw6mdqDXHXI/gLD9F0O6kabulqqMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvSERxWjJvTmNkY2otQXNQMFhRN3FScHU2V3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAbCsqmzpGKMY87CgOxYwlQ5DrcDXTBhTo
ZjCWxE9kp70hgk0J+sV4FQXbMd/XJzA1SIKkN4lUb6uAt9mLUzFdd7Oq9bRO+xvM
cmcMF6H6frUCLGT0Hlu0gourrj9FyES6mDY5SNKRl0sSTHAXj5eDr9dTzXgXzngr
oBjCU+rWnFcvK6uUXUZuZEzXKFt3nivWVRPDArqMc/2AFZnFKiNJt04IfnyFDBDs
u9YoptQSmLM/i9BOcZ211gjsWspVQchJJHisOHWEv6o8yDlc6ZetUoibfDo2pMI6
GNorp1BMQjUcR/fdUV1azQrrqSHnzprxh+QIuzeZpe2Wnl71BCETFw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:48 2026 by rpki-client