Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/j_41rGy8GqDM3rf9Pln69qQpZ5k.roa
File: j_41rGy8GqDM3rf9Pln69qQpZ5k.roa (raw, json)
Hash identifier: Q+Fidyays/I1mrEzTHQdoJQBHFEaNiXYZdpovolwtrI=
Subject key identifier: 8F:FE:35:AC:6C:BC:1A:A0:CC:DE:B7:FD:3E:59:FA:F6:A4:29:67:99
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82D7566FD0A4BEFEA254A1E27230A0
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/j_41rGy8GqDM3rf9Pln69qQpZ5k.roa
Signing time: Thu 26 Mar 2026 14:18:30 +0000
ROA not before: Thu 26 Mar 2026 14:18:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396826
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:d7:56:6f:d0:a4:be:fe:a2:54:a1:e2:72:30:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ffe35ac6cbc1aa0ccdeb7fd3e59faf6a4296799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:bb:b7:7c:76:d4:70:fb:0c:d4:54:ab:9e:
90:b4:c7:92:67:5e:68:9c:77:88:18:65:dc:b2:4d:
cf:18:8a:fc:56:02:49:18:4b:6a:60:36:78:3a:4a:
4d:ee:bd:4a:31:ee:b1:d5:b1:1d:b7:90:52:6a:67:
86:a5:78:f5:39:b3:9a:32:ce:93:55:43:39:3d:79:
89:f7:ee:e4:6f:47:30:de:d5:d2:1c:da:45:7b:dc:
70:f5:82:4f:ee:21:bd:d0:e9:fd:f2:2e:0a:2f:14:
b4:3b:02:f6:8f:89:e9:be:37:61:8a:c2:47:70:62:
78:7a:45:db:82:a8:8e:05:1c:03:54:7f:8e:8f:bf:
1b:a8:61:83:57:8d:7b:a7:f6:47:10:8c:da:ea:ca:
f9:75:d0:48:69:6a:a9:8f:6b:cc:b2:5a:f4:cf:a2:
e4:e7:3d:32:e0:92:e5:b4:42:f9:ca:b5:28:a3:c9:
f8:fa:66:b2:44:8c:92:d9:37:0f:19:fc:99:83:75:
79:8b:c7:e6:0a:b5:41:b0:9f:b2:7b:31:28:8b:9e:
cc:5b:57:b0:00:41:3a:c6:29:df:e4:6d:38:ec:26:
88:98:da:a9:f2:4d:f6:e0:98:17:46:cd:c8:c3:c4:
27:88:e7:6b:4b:cb:71:90:31:74:cd:8f:1c:70:cd:
93:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:FE:35:AC:6C:BC:1A:A0:CC:DE:B7:FD:3E:59:FA:F6:A4:29:67:99
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/j_41rGy8GqDM3rf9Pln69qQpZ5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:5b:5f:68:8b:76:5c:cd:53:7e:26:00:cd:40:56:0d:35:a2:
e8:79:83:2e:50:32:9f:34:45:d4:32:90:f3:6d:25:c9:9f:b3:
9f:f8:3e:7d:3f:e2:c2:e5:1c:2d:2a:b5:19:99:a3:48:c9:87:
de:22:7c:74:29:35:ab:4a:5d:a1:bc:cf:45:c4:d4:da:37:3f:
f5:7b:b4:6d:f2:95:f3:24:1b:12:d8:c7:59:df:0a:ef:7d:60:
08:21:f2:e7:d8:f6:ed:f9:0b:b0:24:03:78:e8:90:3c:05:00:
45:dd:ec:24:e9:71:d2:5f:5f:70:33:39:60:bc:10:de:62:47:
4c:aa:c7:bb:a0:02:2a:d9:71:40:94:9e:66:af:2f:16:24:bd:
32:3d:06:81:ec:9f:7a:bd:1a:2c:e7:84:07:8a:a1:b7:23:ca:
14:99:65:1c:81:53:6b:13:1d:c2:e9:9a:b7:73:9a:a2:fb:d0:
f9:8b:4d:85:80:cb:49:5f:45:4c:83:2a:59:6c:29:80:ce:c1:
54:6e:39:45:6f:f3:e0:d1:b1:0b:81:28:00:0f:f7:41:ea:e7:
f2:e9:b4:96:2b:7d:9a:88:26:52:2b:27:9e:ed:71:b9:f1:ed:
e5:a6:15:3b:72:8a:df:ec:8d:ef:6e:63:5b:38:4c:48:5b:5d:
f0:70:6b:06
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgtdWb9Ckvv6iVKHicjCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmZlMzVhYzZjYmMxYWEwY2NkZWI3ZmQzZTU5ZmFmNmE0Mjk2Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/C7t3x21HD7DNRUq56QtMeSZ15o
nHeIGGXcsk3PGIr8VgJJGEtqYDZ4OkpN7r1KMe6x1bEdt5BSameGpXj1ObOaMs6T
VUM5PXmJ9+7kb0cw3tXSHNpFe9xw9YJP7iG90On98i4KLxS0OwL2j4npvjdhisJH
cGJ4ekXbgqiOBRwDVH+Oj78bqGGDV417p/ZHEIza6sr5ddBIaWqpj2vMslr0z6Lk
5z0y4JLltEL5yrUoo8n4+mayRIyS2TcPGfyZg3V5i8fmCrVBsJ+yezEoi57MW1ew
AEE6xinf5G047CaImNqp8k324JgXRs3Iw8QniOdrS8txkDF0zY8ccM2TpwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFI/+NaxsvBqgzN63/T5Z+vakKWeZMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEval80MXJHeThHcURNM3JmOVBsbjY5cVFwWjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAW1tfaIt2XM1TfiYAzUBWDTWi6HmDLlAy
nzRF1DKQ820lyZ+zn/g+fT/iwuUcLSq1GZmjSMmH3iJ8dCk1q0pdobzPRcTU2jc/
9Xu0bfKV8yQbEtjHWd8K731gCCHy59j27fkLsCQDeOiQPAUARd3sJOlx0l9fcDM5
YLwQ3mJHTKrHu6ACKtlxQJSeZq8vFiS9Mj0Ggeyfer0aLOeEB4qhtyPKFJllHIFT
axMdwumat3OaovvQ+YtNhYDLSV9FTIMqWWwpgM7BVG45RW/z4NGxC4EoAA/3Qern
8um0lit9mogmUisnnu1xufHt5aYVO3KK3+yN725jWzhMSFtd8HBrBg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:51 2026 by rpki-client