Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XPDXDQ7vlzWMMe4aZ3ZqNDBuXRE.roa
File: XPDXDQ7vlzWMMe4aZ3ZqNDBuXRE.roa (raw, json)
Hash identifier: zTjV4kJAxWSQCG3NcHYhP27djlMNxnYHNKmzI9FIhDg=
Subject key identifier: 5C:F0:D7:0D:0E:EF:97:35:8C:31:EE:1A:67:76:6A:34:30:6E:5D:11
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82B9BBB77761548FF0FBE43DEA977E
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XPDXDQ7vlzWMMe4aZ3ZqNDBuXRE.roa
Signing time: Thu 26 Mar 2026 14:18:23 +0000
ROA not before: Thu 26 Mar 2026 14:18:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396547
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:b9:bb:b7:77:61:54:8f:f0:fb:e4:3d:ea:97:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5cf0d70d0eef97358c31ee1a67766a34306e5d11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:a8:9d:98:e0:72:34:9a:01:9d:f1:96:0f:
57:9a:16:a3:c5:1a:fb:1d:f6:af:57:fb:fa:d0:a1:
35:c4:35:0c:d8:5f:58:38:1b:a8:4d:41:47:cc:db:
88:a7:45:76:b9:41:ca:99:18:4d:e3:c7:37:73:18:
9a:41:d8:09:7f:d3:15:14:38:1f:50:f3:7d:b9:d7:
45:7c:2c:d0:d6:1e:7e:c2:dc:3b:5b:20:25:49:a2:
e9:64:5b:44:dd:60:d0:51:65:63:2f:05:65:02:60:
c6:93:fb:27:13:90:41:7d:92:86:ce:42:61:fe:22:
10:60:7c:fb:0d:26:88:60:07:f9:70:ad:2b:fa:99:
ea:1d:bd:a4:20:ef:91:a3:d1:cb:da:f2:0a:2e:8b:
ae:a9:ae:90:ed:e1:7b:a9:dc:22:52:5e:f2:ea:b1:
b7:72:27:99:f0:cd:9c:01:1e:14:96:c6:53:bc:ee:
e1:d5:c3:8d:c2:10:7c:76:59:05:50:d8:7f:99:06:
82:74:92:06:6c:56:88:d0:89:ad:6b:96:a3:6b:6f:
a6:2c:83:98:4f:8e:83:73:7d:f0:46:9c:73:ef:8a:
20:b7:2c:df:94:a1:25:22:fe:82:6c:e3:7c:81:12:
63:a4:db:c1:d5:ca:af:ba:6a:7c:0e:98:9a:6e:37:
35:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F0:D7:0D:0E:EF:97:35:8C:31:EE:1A:67:76:6A:34:30:6E:5D:11
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/XPDXDQ7vlzWMMe4aZ3ZqNDBuXRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:93:21:8d:1c:1a:39:00:32:af:f4:f4:ba:ac:3c:d9:17:54:
d1:e1:98:55:25:1b:8f:ff:db:e9:42:fc:ed:b8:33:63:ec:83:
87:3c:83:55:1e:04:44:54:1a:93:d8:32:ac:70:b9:66:cf:84:
75:4a:cb:5c:c8:e9:98:14:30:91:26:31:1a:8a:48:9a:51:47:
a2:6d:cd:25:de:ed:b2:a0:ce:ea:d9:c5:8c:7c:83:34:ef:7e:
3a:4a:cc:d9:ab:dd:e8:6e:b4:aa:3e:70:9d:4b:93:4a:c4:65:
37:67:01:85:01:da:16:65:09:68:5b:74:7f:04:55:d1:5e:a0:
06:36:a4:12:25:3a:1e:7d:b5:de:a0:9b:45:e3:9e:8e:35:e9:
5d:02:fc:75:2d:c3:0e:75:c0:a6:c6:45:11:fe:6d:eb:7a:df:
6e:c8:a2:ec:1a:f1:f1:66:67:fe:b9:57:9d:91:d6:5a:d8:0d:
34:0a:29:8e:72:d6:f8:da:9b:d3:52:4c:4b:f8:dd:80:c3:85:
0d:cc:18:37:e2:1f:b9:90:f2:c1:31:92:97:04:bf:5e:dc:46:
60:db:ef:a9:88:46:8f:ec:4d:5c:b1:2f:15:bf:fa:72:0e:e2:
76:e8:67:05:05:98:7d:36:d1:98:03:a9:9f:85:fa:b3:50:45:
89:41:a6:81
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgrm7t3dhVI/w++Q96pd+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2YwZDcwZDBlZWY5NzM1OGMzMWVlMWE2Nzc2NmEzNDMwNmU1ZDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBaonZjgcjSaAZ3xlg9XmhajxRr7
HfavV/v60KE1xDUM2F9YOBuoTUFHzNuIp0V2uUHKmRhN48c3cxiaQdgJf9MVFDgf
UPN9uddFfCzQ1h5+wtw7WyAlSaLpZFtE3WDQUWVjLwVlAmDGk/snE5BBfZKGzkJh
/iIQYHz7DSaIYAf5cK0r+pnqHb2kIO+Ro9HL2vIKLouuqa6Q7eF7qdwiUl7y6rG3
cieZ8M2cAR4UlsZTvO7h1cONwhB8dlkFUNh/mQaCdJIGbFaI0Imta5aja2+mLIOY
T46Dc33wRpxz74ogtyzflKElIv6CbON8gRJjpNvB1cqvump8Dpiabjc14wIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFFzw1w0O75c1jDHuGmd2ajQwbl0RMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvWFBEWERRN3ZseldNTWU0YVozWnFOREJ1WFJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAL5MhjRwaOQAyr/T0uqw82RdU0eGYVSUb
j//b6UL87bgzY+yDhzyDVR4ERFQak9gyrHC5Zs+EdUrLXMjpmBQwkSYxGopImlFH
om3NJd7tsqDO6tnFjHyDNO9+OkrM2avd6G60qj5wnUuTSsRlN2cBhQHaFmUJaFt0
fwRV0V6gBjakEiU6Hn213qCbReOejjXpXQL8dS3DDnXApsZFEf5t63rfbsii7Brx
8WZn/rlXnZHWWtgNNAopjnLW+Nqb01JMS/jdgMOFDcwYN+IfuZDywTGSlwS/XtxG
YNvvqYhGj+xNXLEvFb/6cg7iduhnBQWYfTbRmAOpn4X6s1BFiUGmgQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:49 2026 by rpki-client