Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KIi_oj8ClqdGHYZIvwqdXsdbJWM.roa
File: KIi_oj8ClqdGHYZIvwqdXsdbJWM.roa (raw, json)
Hash identifier: 8WlgrN6j+CLFDYVu/+wjq0KSB+6xwHueGYIJ63kQd/E=
Subject key identifier: 28:88:BF:A2:3F:02:96:A7:46:1D:86:48:BF:0A:9D:5E:C7:5B:25:63
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82C0FE6CD7D5401A3981AB65D130E4
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KIi_oj8ClqdGHYZIvwqdXsdbJWM.roa
Signing time: Thu 26 Mar 2026 14:18:25 +0000
ROA not before: Thu 26 Mar 2026 14:18:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396564
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:c0:fe:6c:d7:d5:40:1a:39:81:ab:65:d1:30:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2888bfa23f0296a7461d8648bf0a9d5ec75b2563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e6:5e:49:aa:70:5a:6c:af:4e:66:ad:4e:40:
4f:4d:4b:ce:43:9f:98:e5:6a:02:2b:98:71:68:4b:
94:23:ca:df:6d:4e:7b:72:cc:95:38:e0:c0:3b:e8:
2e:e4:25:52:44:8a:47:f3:ce:94:11:a6:c6:96:15:
e3:f1:7c:8b:75:2c:d0:d6:12:04:f5:22:2e:dd:7b:
1d:8c:a2:18:46:21:d8:ef:bb:b9:2b:aa:60:eb:0e:
64:26:f9:21:e7:57:b1:2a:3e:6f:af:78:30:11:55:
93:5f:3a:73:5a:85:ab:dc:98:95:7f:0a:01:06:79:
d7:c7:75:23:9d:1b:9a:e1:b4:71:3f:c2:cf:a7:73:
c1:87:55:aa:30:81:2c:66:b1:85:ae:ff:0a:17:75:
c6:f8:a1:b4:46:8c:aa:8c:ce:de:cf:a4:46:e9:6f:
15:60:e4:98:11:dd:9d:a6:ca:c2:90:29:8a:7a:7c:
d4:fe:0a:a3:41:1b:80:ae:e5:f5:a1:87:25:74:38:
91:cb:5c:bc:f3:3c:7d:b4:89:17:15:21:17:01:b5:
cc:7e:c2:eb:db:4f:5d:98:d4:bf:e5:93:b0:ef:78:
6a:b1:d6:28:d0:3e:24:af:66:f6:2f:5c:f5:4a:7e:
30:ca:40:1a:28:e3:a8:b4:13:a5:3a:23:07:22:aa:
86:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:88:BF:A2:3F:02:96:A7:46:1D:86:48:BF:0A:9D:5E:C7:5B:25:63
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/KIi_oj8ClqdGHYZIvwqdXsdbJWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
74:fe:a5:ef:5b:7f:78:43:14:51:ca:ad:d7:0b:6d:3d:dc:e4:
6f:7d:f9:52:ad:71:cc:6e:49:da:a8:d9:9c:85:19:6c:bf:c1:
48:cb:dd:83:46:c9:28:3e:9a:fb:de:8d:e8:cf:09:ad:4a:d0:
07:15:85:7f:77:ba:8b:42:4e:6f:14:d6:7e:67:d5:ba:a1:23:
85:bf:92:49:54:ef:b1:43:b2:4b:34:87:4b:cf:93:e8:7d:3a:
a1:b8:53:16:b4:98:59:e5:90:b4:0a:c9:6d:25:50:36:ca:19:
1a:d9:0d:69:81:bd:9e:5e:87:44:76:0d:78:c9:8d:df:ac:34:
77:66:e0:ab:27:87:07:2e:2a:96:05:4b:de:34:a6:8f:47:3c:
46:f3:cb:d5:01:c4:88:14:73:4d:1d:3b:54:41:d5:f4:3f:2e:
fa:63:b2:e1:dd:c0:8c:66:4d:7d:38:83:90:79:35:b1:98:10:
05:eb:9b:f8:33:81:72:22:f2:ff:cf:ac:df:a1:bb:82:f4:1e:
8a:3c:87:61:a7:a1:0f:0b:1c:25:d7:83:98:e3:31:8b:0b:c4:
66:67:d8:8f:10:59:07:68:85:12:dd:fc:0c:95:de:11:0e:3a:
97:b3:38:c6:fd:84:8f:ef:d8:5c:1c:45:90:56:c9:36:aa:31:
5e:5e:00:bb
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgsD+bNfVQBo5gatl0TDkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODg4YmZhMjNmMDI5NmE3NDYxZDg2NDhiZjBhOWQ1ZWM3NWIyNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eZeSapwWmyvTmatTkBPTUvOQ5+Y
5WoCK5hxaEuUI8rfbU57csyVOODAO+gu5CVSRIpH886UEabGlhXj8XyLdSzQ1hIE
9SIu3XsdjKIYRiHY77u5K6pg6w5kJvkh51exKj5vr3gwEVWTXzpzWoWr3JiVfwoB
BnnXx3UjnRua4bRxP8LPp3PBh1WqMIEsZrGFrv8KF3XG+KG0RoyqjM7ez6RG6W8V
YOSYEd2dpsrCkCmKenzU/gqjQRuAruX1oYcldDiRy1y88zx9tIkXFSEXAbXMfsLr
209dmNS/5ZOw73hqsdYo0D4kr2b2L1z1Sn4wykAaKOOotBOlOiMHIqqGAQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFCiIv6I/ApanRh2GSL8KnV7HWyVjMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvS0lpX29qOENscWRHSFlaSXZ3cWRYc2RiSldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAdP6l71t/eEMUUcqt1wttPdzkb335Uq1x
zG5J2qjZnIUZbL/BSMvdg0bJKD6a+96N6M8JrUrQBxWFf3e6i0JObxTWfmfVuqEj
hb+SSVTvsUOySzSHS8+T6H06obhTFrSYWeWQtArJbSVQNsoZGtkNaYG9nl6HRHYN
eMmN36w0d2bgqyeHBy4qlgVL3jSmj0c8RvPL1QHEiBRzTR07VEHV9D8u+mOy4d3A
jGZNfTiDkHk1sZgQBeub+DOBciLy/8+s36G7gvQeijyHYaehDwscJdeDmOMxiwvE
ZmfYjxBZB2iFEt38DJXeEQ46l7M4xv2Ej+/YXBxFkFbJNqoxXl4Auw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:54 2026 by rpki-client