Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/duah5v2Eadd4a4O2pRkJ_KH7YyE.roa
File: duah5v2Eadd4a4O2pRkJ_KH7YyE.roa (raw, json)
Hash identifier: rpy5k6RCl2d2O/rRW3+6g32u5M6+5EG8wBhyMH+RHNA=
Subject key identifier: 76:E6:A1:E6:FD:84:69:D7:78:6B:83:B6:A5:19:09:FC:A1:FB:63:21
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82D9A7B7CB939B5BF7A057EB614457
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/duah5v2Eadd4a4O2pRkJ_KH7YyE.roa
Signing time: Thu 26 Mar 2026 14:18:31 +0000
ROA not before: Thu 26 Mar 2026 14:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397196
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:d9:a7:b7:cb:93:9b:5b:f7:a0:57:eb:61:44:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=76e6a1e6fd8469d7786b83b6a51909fca1fb6321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d6:b5:1d:bc:6d:df:be:ea:dd:06:2c:9e:31:
cd:19:99:54:e6:a8:34:6f:4d:7d:50:d0:cb:32:4e:
87:47:ef:d5:5f:30:05:c4:60:cc:32:9f:c5:22:2a:
45:08:62:4a:8d:70:43:00:40:d4:4a:c3:19:f5:4c:
81:bd:a2:cd:87:f6:af:82:78:a2:bd:29:b5:93:d5:
86:87:8d:4d:c2:d5:66:53:5d:26:f5:e5:de:e1:71:
91:84:75:c6:41:24:7b:ad:27:ac:22:e7:7b:6f:63:
d0:5d:27:08:c7:39:4e:3e:60:96:cd:95:af:7c:19:
e3:d9:9f:f7:48:8d:18:9b:f2:8e:bb:f8:6f:c4:40:
96:6b:5c:df:ad:58:54:dc:25:8c:2e:18:3d:37:f3:
52:85:44:9c:52:d5:61:05:63:0e:ec:42:08:2b:43:
ca:d3:72:4a:2d:a1:34:be:8c:ea:53:cf:f4:ff:0d:
8a:69:c3:c3:7e:43:a5:dc:d0:2c:a2:f1:b6:2e:2b:
d5:2c:df:38:62:7f:d9:f7:2a:92:58:bb:ba:b3:7f:
92:c0:ad:c9:45:60:72:cc:75:e9:54:93:ac:45:56:
c4:f5:b7:a4:02:a0:5a:20:d2:b3:7f:06:58:b8:15:
1b:bd:0a:8a:78:69:6a:01:f3:d5:35:74:73:f2:3c:
be:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E6:A1:E6:FD:84:69:D7:78:6B:83:B6:A5:19:09:FC:A1:FB:63:21
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/duah5v2Eadd4a4O2pRkJ_KH7YyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:2a:15:29:34:e7:59:5f:ea:eb:74:94:e8:d9:08:87:78:0e:
2d:42:50:e2:c4:4b:9b:86:df:c5:0c:22:65:23:5f:88:18:68:
d8:89:56:bb:01:64:c0:c4:88:8d:6d:71:4f:5a:31:fb:47:aa:
10:98:40:03:ea:07:1c:0d:e7:a8:70:a6:58:4f:c3:f3:6d:bd:
d3:1b:c6:d9:18:94:15:fb:f7:33:66:41:58:e1:4b:6d:0f:09:
34:09:87:f7:78:c6:3e:e8:e6:13:b7:60:c6:1e:22:d0:99:bd:
f4:f7:ce:b2:c7:31:b2:18:08:9b:c7:67:5f:a2:d5:a8:e5:18:
37:29:ff:5f:cf:5c:29:a2:0a:e4:b3:d1:0e:93:82:24:3c:ad:
df:d2:71:76:45:42:c2:15:de:57:ed:13:95:d7:36:33:43:6a:
48:24:e1:f6:55:4a:8a:e9:b6:4f:1a:2b:bb:dc:cf:94:2d:e6:
e1:0d:84:c8:92:67:4c:d2:1e:4e:c2:79:eb:4b:9e:fa:cd:1d:
76:65:9a:c2:34:c6:7a:71:1e:48:a1:36:c4:61:c3:06:a2:5f:
09:d9:01:b1:f8:1e:96:9f:0e:d4:ec:d2:b1:5c:83:de:7a:42:
e4:fb:38:c6:8c:e7:8b:53:2e:88:d9:c5:ec:a5:29:73:f9:e8:
30:5b:fe:15
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgtmnt8uTm1v3oFfrYURXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU2YTFlNmZkODQ2OWQ3Nzg2YjgzYjZhNTE5MDlmY2ExZmI2MzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNa1Hbxt377q3QYsnjHNGZlU5qg0
b019UNDLMk6HR+/VXzAFxGDMMp/FIipFCGJKjXBDAEDUSsMZ9UyBvaLNh/avgnii
vSm1k9WGh41NwtVmU10m9eXe4XGRhHXGQSR7rSesIud7b2PQXScIxzlOPmCWzZWv
fBnj2Z/3SI0Ym/KOu/hvxECWa1zfrVhU3CWMLhg9N/NShUScUtVhBWMO7EIIK0PK
03JKLaE0vozqU8/0/w2KacPDfkOl3NAsovG2LivVLN84Yn/Z9yqSWLu6s3+SwK3J
RWByzHXpVJOsRVbE9bekAqBaINKzfwZYuBUbvQqKeGlqAfPVNXRz8jy+cwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFHbmoeb9hGnXeGuDtqUZCfyh+2MhMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvZHVhaDV2MkVhZGQ0YTRPMnBSa0pfS0g3WXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEArioVKTTnWV/q63SU6NkIh3gOLUJQ4sRL
m4bfxQwiZSNfiBho2IlWuwFkwMSIjW1xT1ox+0eqEJhAA+oHHA3nqHCmWE/D8229
0xvG2RiUFfv3M2ZBWOFLbQ8JNAmH93jGPujmE7dgxh4i0Jm99PfOsscxshgIm8dn
X6LVqOUYNyn/X89cKaIK5LPRDpOCJDyt39JxdkVCwhXeV+0Tldc2M0NqSCTh9lVK
ium2Txoru9zPlC3m4Q2EyJJnTNIeTsJ560ue+s0ddmWawjTGenEeSKE2xGHDBqJf
CdkBsfgelp8O1OzSsVyD3npC5Ps4xozni1MuiNnF7KUpc/noMFv+FQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:58 2026 by rpki-client