Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/cAmf4fFwxBOF5X-O_EChDpWAvt8.roa
File: cAmf4fFwxBOF5X-O_EChDpWAvt8.roa (raw, json)
Hash identifier: S1GNYBesOR3SinnMOoqnXekNsmRmZx3vpxOqHl53nP0=
Subject key identifier: 70:09:9F:E1:F1:70:C4:13:85:E5:7F:8E:FC:40:A1:0E:95:80:BE:DF
Certificate issuer: /CN=f83faec93d403f3713823fa39c7d27c62e921471
Certificate serial: 019B7911296E3AC15204B804C99641F11E31
Authority key identifier: F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/cAmf4fFwxBOF5X-O_EChDpWAvt8.roa
Signing time: Thu 01 Jan 2026 10:18:46 +0000
ROA not before: Thu 01 Jan 2026 10:18:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206712
IP address blocks: 185.174.168.0/24 maxlen: 24
185.174.169.0/24 maxlen: 24
185.174.170.0/24 maxlen: 24
2a0b:a900::/32 maxlen: 32
2a0b:a901::/32 maxlen: 32
2a0b:a902::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:11:29:6e:3a:c1:52:04:b8:04:c9:96:41:f1:1e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83faec93d403f3713823fa39c7d27c62e921471
Validity
Not Before: Jan 1 10:18:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=70099fe1f170c41385e57f8efc40a10e9580bedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:41:e9:fb:6a:bc:9c:a0:94:73:4d:28:85:
33:8f:fb:fc:59:77:ea:1f:4a:74:27:97:c3:d0:45:
d7:c5:33:0a:06:32:60:b8:32:a7:10:8d:c7:15:c9:
3e:ba:51:8c:23:89:20:1c:5b:c5:6c:52:54:8c:ca:
d7:ab:8d:04:7f:2e:81:0c:1e:2b:76:c0:b2:f5:93:
c4:6f:97:b4:e1:3a:44:79:fe:65:eb:d8:2c:f5:12:
c7:3f:b2:ad:59:c9:58:3b:f0:33:a9:00:15:ef:64:
90:6c:db:a0:ac:18:45:fa:0b:f6:97:0b:e2:a0:ed:
2c:56:bb:cf:87:17:cf:0f:2d:4e:dd:ed:1d:25:f4:
b3:bb:83:a9:92:58:9b:69:e2:4a:38:cd:fd:a8:de:
1d:68:e7:49:d9:e7:af:20:20:97:90:3f:96:3b:13:
dd:30:11:c6:be:9e:ca:f4:3c:e3:11:06:cb:05:b6:
4c:e6:81:d6:54:fa:d6:63:46:d8:7b:c5:8c:38:b2:
57:14:38:f5:7e:85:cf:73:2d:cf:bc:53:4d:27:a2:
48:7e:34:cb:bd:6f:e9:80:7e:02:c0:68:5d:66:f7:
1d:fc:04:b0:3b:3f:c9:3f:84:e5:44:f1:15:a5:1c:
45:11:fe:2e:ae:62:98:18:18:65:09:10:4f:7e:ea:
01:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:09:9F:E1:F1:70:C4:13:85:E5:7F:8E:FC:40:A1:0E:95:80:BE:DF
X509v3 Authority Key Identifier:
keyid:F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/cAmf4fFwxBOF5X-O_EChDpWAvt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.168.0-185.174.170.255
IPv6:
2a0b:a900::-2a0b:a902:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
59:68:5a:f0:5d:19:25:b9:b2:14:41:1e:dd:41:44:c9:bf:85:
61:4f:20:a9:25:2d:b4:82:a8:78:e9:74:d4:2b:38:82:89:e2:
d5:f6:fe:b5:3f:c0:39:53:4b:0e:1f:16:11:85:60:53:96:2d:
34:b0:0b:89:17:9c:75:f8:0d:d9:3c:20:d4:eb:57:4f:93:cd:
2e:28:a8:eb:45:f0:37:0c:ec:81:97:16:76:75:23:d5:5d:03:
f6:f4:26:ab:e4:e5:22:58:a1:b2:de:cd:0e:43:6e:bd:22:5f:
c0:52:40:06:ab:78:f8:79:ad:aa:92:db:fe:6a:b9:05:01:2f:
64:77:f8:f4:90:fc:f4:4a:03:a0:86:a6:26:29:b0:d1:d6:84:
1b:62:05:a8:6c:94:0c:55:be:3b:91:3c:0e:bb:c3:da:9b:88:
7a:25:18:96:08:15:78:e9:2a:35:22:60:01:65:39:89:e6:56:
85:69:6b:30:0c:d4:7b:eb:c3:55:5b:69:a3:40:16:e1:52:00:
af:03:9a:fc:ad:f7:d4:c3:43:ee:c1:7a:f3:4e:2f:a1:96:a2:
94:59:dd:28:dd:5c:30:23:5d:d8:f9:42:6a:6b:a3:71:9b:db:
f5:30:7f:07:4f:49:bb:e5:5e:41:78:7d:bc:ac:4a:9d:3c:a0:
40:e5:eb:a7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt5ESluOsFSBLgEyZZB8R4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2ZhZWM5M2Q0MDNmMzcxMzgyM2ZhMzljN2QyN2M2MmU5
MjE0NzEwHhcNMjYwMTAxMTAxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA5OWZlMWYxNzBjNDEzODVlNTdmOGVmYzQwYTEwZTk1ODBiZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJtB6ftqvJyglHNNKIUzj/v8WXfq
H0p0J5fD0EXXxTMKBjJguDKnEI3HFck+ulGMI4kgHFvFbFJUjMrXq40Efy6BDB4r
dsCy9ZPEb5e04TpEef5l69gs9RLHP7KtWclYO/AzqQAV72SQbNugrBhF+gv2lwvi
oO0sVrvPhxfPDy1O3e0dJfSzu4OpklibaeJKOM39qN4daOdJ2eevICCXkD+WOxPd
MBHGvp7K9DzjEQbLBbZM5oHWVPrWY0bYe8WMOLJXFDj1foXPcy3PvFNNJ6JIfjTL
vW/pgH4CwGhdZvcd/ASwOz/JP4TlRPEVpRxFEf4urmKYGBhlCRBPfuoB1wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHAJn+HxcMQTheV/jvxAoQ6VgL7fMB8GA1UdIwQY
MBaAFPg/rsk9QD83E4I/o5x9J8YukhRxMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ELXV5VDFBUHpjVGdqLWpuSDBueGk2U0ZIRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1
LTIxMGFlMDU2OWE0NS8xL2NBbWY0ZkZ3eEJPRjVYLU9fRUNoRHBXQXZ0OC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjkvOTcwY2YwLTkyOTgtNGZmMC1iYWY1LTIxMGFlMDU2OWE0
NS8xLzEtRC11eVQxQVB6Y1Rnai1qbkgwbnhpNlNGSEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPgYIKwYBBQUHAQcBAf8ELzAtMBQEAgABMA4wDAMEA7mu
qAMEALmuqjAVBAIAAjAPMA0DBAAqC6kDBQAqC6kCMA0GCSqGSIb3DQEBCwUAA4IB
AQBZaFrwXRklubIUQR7dQUTJv4VhTyCpJS20gqh46XTUKziCieLV9v61P8A5U0sO
HxYRhWBTli00sAuJF5x1+A3ZPCDU61dPk80uKKjrRfA3DOyBlxZ2dSPVXQP29Car
5OUiWKGy3s0OQ269Il/AUkAGq3j4ea2qktv+arkFAS9kd/j0kPz0SgOghqYmKbDR
1oQbYgWobJQMVb47kTwOu8Pam4h6JRiWCBV46So1ImABZTmJ5laFaWswDNR768NV
W2mjQBbhUgCvA5r8rffUw0PuwXrzTi+hlqKUWd0o3VwwI13Y+UJqa6Nxm9v1MH8H
T0m75V5BeH28rEqdPKBA5eun
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:27:46 2026 by rpki-client