Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/aAPkr1mbCIoxytOqvgFzVB1iUUw.roa
File: aAPkr1mbCIoxytOqvgFzVB1iUUw.roa (raw, json)
Hash identifier: gem4IJrXaglF6p54j7pEhpaGrTaqRzJd+7LPRhEnRok=
Subject key identifier: 68:03:E4:AF:59:9B:08:8A:31:CA:D3:AA:BE:01:73:54:1D:62:51:4C
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82B13F3987A4C80623AE616933AABB
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/aAPkr1mbCIoxytOqvgFzVB1iUUw.roa
Signing time: Thu 26 Mar 2026 14:18:21 +0000
ROA not before: Thu 26 Mar 2026 14:18:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36624
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:b1:3f:39:87:a4:c8:06:23:ae:61:69:33:aa:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6803e4af599b088a31cad3aabe0173541d62514c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7c:85:72:f5:49:82:82:9f:85:d7:e2:6a:b5:
92:05:d0:ab:c9:1d:58:91:e9:e8:1f:b7:ac:73:57:
83:3f:d8:d5:e0:20:4b:1d:26:81:ee:b6:33:ff:e2:
1b:d0:0a:08:42:6e:1c:ab:fb:fc:e3:e8:f1:50:0a:
c6:cb:62:92:35:e2:80:fa:39:92:e1:5e:43:05:26:
12:c8:fe:04:35:1a:ad:03:e0:3a:69:15:c0:bc:07:
7b:79:25:73:9d:60:21:f6:06:80:b2:fc:5d:19:1f:
66:90:0b:52:3c:d1:cc:6e:96:09:7a:c8:3c:15:62:
64:06:5e:fd:3e:84:38:81:69:df:72:0b:9e:d0:f7:
b4:6d:47:11:a3:84:ed:59:f6:fc:be:39:77:c4:a1:
7b:bf:b1:88:b8:c4:5a:b4:1b:d1:58:68:22:46:11:
b0:80:77:20:26:24:e8:da:79:57:76:48:7e:71:8a:
80:63:2a:47:41:37:bd:08:eb:77:88:82:ee:ea:18:
ed:f9:0f:e0:c5:6d:da:4a:30:4a:ee:14:88:4d:2a:
7d:c7:f7:b1:f8:74:d5:10:19:34:9b:f9:68:54:a7:
b1:76:c6:98:ad:cf:10:50:9f:52:7b:06:1d:61:15:
05:54:d7:8e:3f:17:af:d7:04:ee:9c:08:2b:82:1c:
27:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:03:E4:AF:59:9B:08:8A:31:CA:D3:AA:BE:01:73:54:1D:62:51:4C
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/aAPkr1mbCIoxytOqvgFzVB1iUUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f5:d9:00:85:77:6c:30:79:49:03:62:c6:80:38:26:fd:a6:
b5:76:1d:56:ae:b9:56:2c:37:76:fe:b1:fb:81:d8:84:96:42:
bc:82:07:9a:32:18:35:e9:08:d0:b7:42:92:05:41:56:09:10:
e9:b2:1c:2e:35:f1:cc:82:16:81:13:76:ce:b5:f6:6d:ce:74:
34:6c:5a:51:28:38:ae:c1:86:2d:ec:fd:6a:77:29:d2:a4:cb:
07:0a:27:d6:80:39:1a:09:6b:7e:11:71:ca:5f:f5:29:82:40:
48:49:8e:77:15:80:8f:e2:cf:72:e4:d7:65:47:50:76:f7:5c:
01:d4:9c:f3:3d:4c:ea:00:7b:61:12:cb:7c:c9:3d:12:6b:74:
c4:bd:3a:06:56:5b:27:9b:75:b6:2b:c7:2a:b3:14:1e:19:7d:
e1:c3:6d:e3:c5:7f:96:bc:79:e6:3e:3e:78:ca:18:f9:68:b9:
c9:61:99:a4:08:27:36:6a:48:55:96:6d:f7:9b:d3:3a:13:22:
ee:8a:93:00:b6:dc:b5:9e:fb:eb:7a:c4:7f:4f:50:8b:5e:6f:
78:36:5d:f5:ef:82:bb:43:d9:f4:15:74:eb:8d:aa:5c:92:4d:
d9:fc:e2:26:27:2e:fc:95:b5:3f:6a:81:cb:37:a1:25:16:58:
03:ed:ea:d1
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgrE/OYekyAYjrmFpM6q7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODAzZTRhZjU5OWIwODhhMzFjYWQzYWFiZTAxNzM1NDFkNjI1MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nyFcvVJgoKfhdfiarWSBdCryR1Y
kenoH7esc1eDP9jV4CBLHSaB7rYz/+Ib0AoIQm4cq/v84+jxUArGy2KSNeKA+jmS
4V5DBSYSyP4ENRqtA+A6aRXAvAd7eSVznWAh9gaAsvxdGR9mkAtSPNHMbpYJesg8
FWJkBl79PoQ4gWnfcgue0Pe0bUcRo4TtWfb8vjl3xKF7v7GIuMRatBvRWGgiRhGw
gHcgJiTo2nlXdkh+cYqAYypHQTe9COt3iILu6hjt+Q/gxW3aSjBK7hSITSp9x/ex
+HTVEBk0m/loVKexdsaYrc8QUJ9SewYdYRUFVNeOPxev1wTunAgrghwnAQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFGgD5K9ZmwiKMcrTqr4Bc1QdYlFMMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvYUFQa3IxbWJDSW94eXRPcXZnRnpWQjFpVVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAcPXZAIV3bDB5SQNixoA4Jv2mtXYdVq65
Viw3dv6x+4HYhJZCvIIHmjIYNekI0LdCkgVBVgkQ6bIcLjXxzIIWgRN2zrX2bc50
NGxaUSg4rsGGLez9ancp0qTLBwon1oA5GglrfhFxyl/1KYJASEmOdxWAj+LPcuTX
ZUdQdvdcAdSc8z1M6gB7YRLLfMk9Emt0xL06BlZbJ5t1tivHKrMUHhl94cNt48V/
lrx55j4+eMoY+Wi5yWGZpAgnNmpIVZZt95vTOhMi7oqTALbctZ7763rEf09Qi15v
eDZd9e+Cu0PZ9BV0642qXJJN2fziJicu/JW1P2qByzehJRZYA+3q0Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:54 2026 by rpki-client