Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/xZmO-ct0LzuVrTngLTI9vMp87hs.roa
File: xZmO-ct0LzuVrTngLTI9vMp87hs.roa (raw, json)
Hash identifier: Z2lT7u6dRVegF/+T5strLSbS5fWdmsQw1y6A+/pFuxQ=
Subject key identifier: C5:99:8E:F9:CB:74:2F:3B:95:AD:39:E0:2D:32:3D:BC:CA:7C:EE:1B
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D2A82E025664E9FC94CE0225D6DA927CB
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/xZmO-ct0LzuVrTngLTI9vMp87hs.roa
Signing time: Thu 26 Mar 2026 14:18:33 +0000
ROA not before: Thu 26 Mar 2026 14:18:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397207
IP address blocks: 81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:e0:25:66:4e:9f:c9:4c:e0:22:5d:6d:a9:27:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Mar 26 14:18:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c5998ef9cb742f3b95ad39e02d323dbcca7cee1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:19:e5:f1:ea:0b:af:28:c8:e5:17:77:87:ca:
6a:d5:cf:fe:1f:02:54:d0:8f:db:23:20:a8:8a:d1:
09:c2:10:17:1d:b9:ad:fd:50:34:23:45:c5:e2:06:
ef:0f:38:8e:23:07:fe:e5:69:20:d0:cf:ac:e1:30:
7c:c4:29:d2:21:ea:03:49:02:e6:83:8c:d3:a0:6b:
d4:f9:be:47:b2:4d:af:43:4a:55:97:9e:4d:1e:84:
30:cf:16:c2:b0:ee:60:49:7f:7d:94:bb:37:1d:e8:
0b:08:a2:9e:9d:b5:03:b7:5b:0b:c2:dd:7c:92:ba:
70:be:e2:76:ec:f0:32:77:0d:51:de:24:2d:5c:6b:
e3:07:cd:26:f9:c2:7b:c0:c8:85:20:24:82:98:34:
c1:66:ce:74:ad:a9:e3:42:02:78:ab:40:aa:e0:d7:
be:34:c7:ea:b2:40:d4:1a:7d:40:d0:89:b1:bc:20:
fe:c2:60:b0:6d:fe:0e:f5:09:01:36:bc:c2:e5:41:
1b:7f:96:6b:4f:b5:8e:c5:2c:f4:fb:35:d2:a2:a8:
ae:8d:9e:0c:71:47:39:c1:c3:8c:1f:df:03:c2:a9:
fc:19:c4:49:d8:c0:27:67:97:85:be:2e:ed:5c:80:
51:db:1a:18:56:c4:12:c5:20:ff:70:8e:dc:ca:ba:
d8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:99:8E:F9:CB:74:2F:3B:95:AD:39:E0:2D:32:3D:BC:CA:7C:EE:1B
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/xZmO-ct0LzuVrTngLTI9vMp87hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.195.30/31
185.100.0.0/24
Signature Algorithm: sha256WithRSAEncryption
72:94:71:38:e1:c6:28:28:c5:93:41:45:a8:62:74:ae:48:93:
f0:98:15:ae:4d:cb:92:6e:bd:1d:fd:5e:f5:b4:4f:a1:e4:2d:
a6:af:88:cb:30:f3:4a:4b:e2:7f:61:4f:49:18:22:ba:b6:44:
f8:cc:ae:8c:f6:50:7e:fe:ae:50:21:2d:af:15:c9:e5:f7:fb:
4f:82:76:80:3a:cc:a8:3d:46:85:33:78:57:36:8c:e7:36:9e:
c5:95:ce:ed:d0:10:c2:a7:34:c2:90:76:bf:fa:0a:c5:2c:9e:
87:a0:8a:47:76:21:6d:3e:e8:83:b1:9d:2c:fe:09:53:73:80:
0c:a1:d5:25:35:36:b3:cb:24:3a:9a:74:32:2f:e5:70:4a:26:
61:10:99:ee:67:da:7b:02:4a:ea:c2:81:8d:45:17:c5:cf:74:
5b:f1:5c:d7:fe:c9:5f:e1:04:a8:41:94:63:8b:19:32:7a:74:
22:e8:43:ce:13:bc:a1:3d:c7:69:32:bd:77:b3:97:42:b8:42:
69:0b:80:61:cb:08:48:80:7b:ea:d4:e1:6e:a9:f4:11:8b:40:
34:fc:fd:50:ce:f4:3e:0d:23:4b:63:3a:6f:95:e3:e0:c1:7f:
5c:07:9a:ea:cd:71:dd:4c:f3:4f:a2:27:00:eb:45:69:42:6b:
7b:2e:bc:5b
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZ0qguAlZk6fyUzgIl1tqSfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwMzI2MTQxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk5OGVmOWNiNzQyZjNiOTVhZDM5ZTAyZDMyM2RiY2NhN2NlZTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBnl8eoLryjI5Rd3h8pq1c/+HwJU
0I/bIyCoitEJwhAXHbmt/VA0I0XF4gbvDziOIwf+5Wkg0M+s4TB8xCnSIeoDSQLm
g4zToGvU+b5Hsk2vQ0pVl55NHoQwzxbCsO5gSX99lLs3HegLCKKenbUDt1sLwt18
krpwvuJ27PAydw1R3iQtXGvjB80m+cJ7wMiFICSCmDTBZs50ranjQgJ4q0Cq4Ne+
NMfqskDUGn1A0ImxvCD+wmCwbf4O9QkBNrzC5UEbf5ZrT7WOxSz0+zXSoqiujZ4M
cUc5wcOMH98Dwqn8GcRJ2MAnZ5eFvi7tXIBR2xoYVsQSxSD/cI7cyrrYBQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFMWZjvnLdC87la054C0yPbzKfO4bMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEveFptTy1jdDBMenVWclRuZ0xUSTl2TXA4N2hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANAwUBURPDHgME
ALlkADANBgkqhkiG9w0BAQsFAAOCAQEAcpRxOOHGKCjFk0FFqGJ0rkiT8JgVrk3L
km69Hf1e9bRPoeQtpq+IyzDzSkvif2FPSRgiurZE+MyujPZQfv6uUCEtrxXJ5ff7
T4J2gDrMqD1GhTN4VzaM5zaexZXO7dAQwqc0wpB2v/oKxSyeh6CKR3YhbT7og7Gd
LP4JU3OADKHVJTU2s8skOpp0Mi/lcEomYRCZ7mfaewJK6sKBjUUXxc90W/Fc1/7J
X+EEqEGUY4sZMnp0IuhDzhO8oT3HaTK9d7OXQrhCaQuAYcsISIB76tThbqn0EYtA
NPz9UM70Pg0jS2M6b5Xj4MF/XAea6s1x3UzzT6InAOtFaUJrey68Ww==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:49:46 2026 by rpki-client