Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q-PW2ihuVxgmKz2DfEQ7aOJgWiE.roa
File: q-PW2ihuVxgmKz2DfEQ7aOJgWiE.roa (raw, json)
Hash identifier: yV17qrj5g8JEHoCqmPNQ3Ccm/19ndw074QTtJKq3vWQ=
Subject key identifier: AB:E3:D6:DA:28:6E:57:18:26:2B:3D:83:7C:44:3B:68:E2:60:5A:21
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82DC83F20A2945687AE6FB6B676A13
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q-PW2ihuVxgmKz2DfEQ7aOJgWiE.roa
Signing time: Thu 26 Mar 2026 14:18:32 +0000
ROA not before: Thu 26 Mar 2026 14:18:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397203
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:dc:83:f2:0a:29:45:68:7a:e6:fb:6b:67:6a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=abe3d6da286e5718262b3d837c443b68e2605a21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:93:e8:6e:eb:a1:78:4d:cd:79:fd:76:b8:0d:
b1:18:70:0c:ea:5f:1e:d0:51:8e:6e:36:3e:26:b6:
81:45:47:ad:93:24:50:6c:e5:c1:6b:f4:4d:0e:0f:
a0:07:f2:31:e0:b1:78:99:a0:c3:5b:00:96:0d:47:
19:7b:7a:cb:12:c2:9a:b6:31:d5:e7:bb:c7:f3:3a:
6c:a2:75:d5:ea:d5:c2:73:fd:3b:72:a8:72:da:22:
2c:dc:42:41:f5:a9:a5:d9:f1:db:55:c1:f6:d1:ee:
4b:6f:5c:58:9d:45:c5:3b:c8:5c:6c:8c:56:ac:56:
73:b5:0e:33:c4:a2:96:5d:e1:49:c3:61:aa:32:46:
66:54:fa:a5:d6:66:85:3b:60:90:c5:af:c3:76:9a:
6d:2f:5d:48:aa:68:ae:52:b9:86:d4:f1:5b:dc:cd:
93:2c:21:b5:f3:43:a4:cf:53:e8:ce:65:9d:8c:66:
7b:59:80:bf:8b:ee:8d:ec:15:d0:e7:26:b2:37:b3:
c5:5e:40:39:eb:37:3d:e7:04:ad:88:ce:02:08:e0:
af:1b:3a:cb:84:38:05:4e:eb:f3:ae:c6:b9:14:ee:
5e:df:9c:60:3b:f5:d6:ae:cf:fd:3a:2d:e2:7e:27:
01:78:d9:1d:fc:26:82:e9:0d:d2:18:43:3e:7e:22:
b6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:E3:D6:DA:28:6E:57:18:26:2B:3D:83:7C:44:3B:68:E2:60:5A:21
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/q-PW2ihuVxgmKz2DfEQ7aOJgWiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f8:3c:93:a9:18:6b:c7:a3:04:f6:2c:c7:ac:76:8b:3b:07:
d6:7e:7e:c2:91:1a:b8:32:8d:54:d3:ee:72:78:de:9f:f7:c6:
87:62:59:9d:1e:97:0b:42:58:ae:fa:15:c7:d9:8f:7c:89:3d:
34:36:ac:68:48:b3:9e:8a:1b:3d:ec:54:75:db:a8:09:92:e2:
04:dc:6e:90:5d:0b:dc:ac:b9:aa:14:7b:99:37:fc:2e:cb:b7:
5f:11:25:23:9a:9c:1d:52:45:02:d8:68:d4:2e:65:f1:b3:fa:
7c:73:96:fa:7b:35:11:49:18:46:17:a7:f9:44:23:55:f0:8e:
16:b8:60:12:af:89:ae:70:07:64:97:d2:e1:4c:7e:5c:75:4a:
80:e2:8d:03:e2:99:25:69:fd:57:2a:c1:5e:e4:ef:de:38:12:
cc:5d:78:e7:c6:f0:06:1c:9c:0a:46:a4:21:e3:3d:7a:35:13:
c4:39:39:4c:33:13:0a:2e:b5:11:21:b5:22:35:83:fa:c5:a3:
ac:4b:ef:b0:95:4a:de:72:a1:dc:d8:bc:5b:88:9e:b7:6e:40:
0f:0f:79:ab:b1:07:72:a7:92:73:47:e1:b5:1a:35:06:29:40:
b8:b2:37:7c:88:a9:0d:9c:34:f6:ad:f9:a7:86:e2:24:d4:ed:
73:04:e5:d4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qgtyD8gopRWh65vtrZ2oTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmUzZDZkYTI4NmU1NzE4MjYyYjNkODM3YzQ0M2I2OGUyNjA1YTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5PobuuheE3Nef12uA2xGHAM6l8e
0FGObjY+JraBRUetkyRQbOXBa/RNDg+gB/Ix4LF4maDDWwCWDUcZe3rLEsKatjHV
57vH8zpsonXV6tXCc/07cqhy2iIs3EJB9aml2fHbVcH20e5Lb1xYnUXFO8hcbIxW
rFZztQ4zxKKWXeFJw2GqMkZmVPql1maFO2CQxa/DdpptL11IqmiuUrmG1PFb3M2T
LCG180Okz1PozmWdjGZ7WYC/i+6N7BXQ5yayN7PFXkA56zc95wStiM4CCOCvGzrL
hDgFTuvzrsa5FO5e35xgO/XWrs/9Oi3ificBeNkd/CaC6Q3SGEM+fiK2CQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFKvj1tooblcYJis9g3xEO2jiYFohMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvcS1QVzJpaHVWeGdtS3oyRGZFUTdhT0pnV2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAE/g8k6kYa8ejBPYsx6x2izsH1n5+wpEa
uDKNVNPucnjen/fGh2JZnR6XC0JYrvoVx9mPfIk9NDasaEiznoobPexUdduoCZLi
BNxukF0L3Ky5qhR7mTf8Lsu3XxElI5qcHVJFAtho1C5l8bP6fHOW+ns1EUkYRhen
+UQjVfCOFrhgEq+JrnAHZJfS4Ux+XHVKgOKNA+KZJWn9VyrBXuTv3jgSzF1458bw
BhycCkakIeM9ejUTxDk5TDMTCi61ESG1IjWD+sWjrEvvsJVK3nKh3Ni8W4iet25A
Dw95q7EHcqeSc0fhtRo1BilAuLI3fIipDZw09q35p4biJNTtcwTl1A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:46 2026 by rpki-client