Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/AMpB0MWbNNIQ3_J5_6gaThW8Xbo.roa
File: AMpB0MWbNNIQ3_J5_6gaThW8Xbo.roa (raw, json)
Hash identifier: jS5kuk+WsuTPgFicnLXFM5peUN4ZcRUVu4vz/M0ryjY=
Subject key identifier: 00:CA:41:D0:C5:9B:34:D2:10:DF:F2:79:FF:A8:1A:4E:15:BC:5D:BA
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D9054A995E8C7701F98D0AF67B12CAF7C
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/AMpB0MWbNNIQ3_J5_6gaThW8Xbo.roa
Signing time: Wed 15 Apr 2026 08:49:20 +0000
ROA not before: Wed 15 Apr 2026 08:49:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48018
IP address blocks: 31.172.64.0/24 maxlen: 24
31.172.66.0/24 maxlen: 24
31.172.67.0/24 maxlen: 24
31.172.76.0/24 maxlen: 24
81.85.78.0/24 maxlen: 24
89.127.197.0/24 maxlen: 24
199.68.197.0/24 maxlen: 24
217.177.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:54:a9:95:e8:c7:70:1f:98:d0:af:67:b1:2c:af:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Apr 15 08:49:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=00ca41d0c59b34d210dff279ffa81a4e15bc5dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:47:57:7f:96:d6:61:0d:ea:18:ef:15:bb:
5f:53:6f:73:6b:2d:c1:e3:2d:65:f5:45:e0:1a:3c:
db:9a:70:da:fd:68:1c:56:40:08:b6:54:4f:42:ac:
92:e0:14:14:c8:7e:5d:66:9f:52:80:8b:e8:43:8b:
db:c5:5b:4e:de:65:6b:43:4d:a9:da:7d:a5:d5:5f:
dd:73:92:94:9e:cd:fb:63:78:bc:b8:c9:54:33:4e:
78:d2:af:17:83:7e:74:c3:88:a6:81:52:c2:c3:3c:
af:cf:c3:44:90:78:ae:ec:76:1f:96:76:52:9d:ed:
08:a0:ca:36:6a:5b:f6:f7:a3:b0:62:b3:f8:1f:20:
16:1e:e6:d5:c0:d8:47:e8:a8:4f:b6:00:cf:2f:79:
c3:d5:7b:b0:28:a2:d9:fb:60:2a:aa:3c:e7:11:56:
92:1f:cb:5c:f9:a6:56:1f:aa:74:6d:42:b7:5c:46:
f6:7c:98:83:e0:d6:bc:6c:4c:f2:a9:c6:d3:07:a3:
c2:bc:18:fa:d6:f6:7d:e2:76:05:55:19:08:a3:66:
7b:e3:91:76:0d:9e:72:99:85:e9:34:ae:87:6c:90:
03:2f:8f:db:8c:2e:23:83:0f:64:31:e0:41:6f:06:
3b:2d:c0:d9:59:ab:5b:b2:5a:8f:60:14:3a:f1:2e:
c0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CA:41:D0:C5:9B:34:D2:10:DF:F2:79:FF:A8:1A:4E:15:BC:5D:BA
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/AMpB0MWbNNIQ3_J5_6gaThW8Xbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.64.0/24
31.172.66.0/23
31.172.76.0/24
81.85.78.0/24
89.127.197.0/24
199.68.197.0/24
217.177.74.0/24
Signature Algorithm: sha256WithRSAEncryption
55:30:ab:36:f9:d8:42:36:87:48:a9:32:6b:b2:48:19:57:c3:
a3:e7:91:31:83:89:d0:69:e1:f9:21:bf:58:9b:de:df:9e:55:
bc:97:27:b6:a8:ea:a9:2b:a0:c9:e9:24:f1:2e:e4:03:43:10:
3f:57:91:db:d4:38:8a:ad:dd:64:1c:ec:83:88:bf:73:43:d3:
64:71:6d:bd:0f:c4:3b:16:7c:6e:38:58:95:c0:79:3f:c6:78:
0e:82:e5:de:e8:c1:f2:d7:4d:a3:c5:37:31:87:5b:f0:3f:1c:
a1:3d:61:c3:8f:f0:2a:c8:eb:b9:b9:c1:83:86:85:96:a7:3f:
fb:6e:4b:2d:b4:1d:ca:5c:d1:cd:e0:8c:4b:43:72:3d:03:f6:
29:90:6b:98:2d:cb:e9:0e:57:b1:fe:6f:07:42:3f:0d:5d:b9:
5c:f5:84:bc:aa:3f:3a:94:3a:9b:d8:0c:87:38:69:ce:8f:48:
94:4d:f5:47:35:72:a0:94:c7:6f:a0:6f:9f:cd:06:2b:ac:27:
df:db:2f:44:77:36:2c:00:b7:b0:83:db:37:f8:4d:91:ec:57:
80:f9:36:fd:5f:be:51:2f:e5:b8:9b:61:85:37:0d:bd:8f:63:
c1:21:5e:50:d7:50:bb:b9:71:9a:ee:b1:56:93:77:eb:32:f5:
37:5d:48:4d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ2QVKmV6MdwH5jQr2exLK98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNDE1MDg0OTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNhNDFkMGM1OWIzNGQyMTBkZmYyNzlmZmE4MWE0ZTE1YmM1ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq29HV3+W1mEN6hjvFbtfU29zay3B
4y1l9UXgGjzbmnDa/WgcVkAItlRPQqyS4BQUyH5dZp9SgIvoQ4vbxVtO3mVrQ02p
2n2l1V/dc5KUns37Y3i8uMlUM0540q8Xg350w4imgVLCwzyvz8NEkHiu7HYflnZS
ne0IoMo2alv296OwYrP4HyAWHubVwNhH6KhPtgDPL3nD1XuwKKLZ+2AqqjznEVaS
H8tc+aZWH6p0bUK3XEb2fJiD4Na8bEzyqcbTB6PCvBj61vZ94nYFVRkIo2Z745F2
DZ5ymYXpNK6HbJADL4/bjC4jgw9kMeBBbwY7LcDZWatbslqPYBQ68S7ANwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFADKQdDFmzTSEN/yef+oGk4VvF26MB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvQU1wQjBNV2JOTklRM19KNV82Z2FUaFc4WGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAH6xAAwQB
H6xCAwQAH6xMAwQAUVVOAwQAWX/FAwQAx0TFAwQA2bFKMA0GCSqGSIb3DQEBCwUA
A4IBAQBVMKs2+dhCNodIqTJrskgZV8Oj55Exg4nQaeH5Ib9Ym97fnlW8lye2qOqp
K6DJ6STxLuQDQxA/V5Hb1DiKrd1kHOyDiL9zQ9NkcW29D8Q7FnxuOFiVwHk/xngO
guXe6MHy102jxTcxh1vwPxyhPWHDj/AqyOu5ucGDhoWWpz/7bksttB3KXNHN4IxL
Q3I9A/YpkGuYLcvpDlex/m8HQj8NXblc9YS8qj86lDqb2AyHOGnOj0iUTfVHNXKg
lMdvoG+fzQYrrCff2y9EdzYsALewg9s3+E2R7FeA+Tb9X75RL+W4m2GFNw29j2PB
IV5Q11C7uXGa7rFWk3frMvU3XUhN
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:28 2026 by rpki-client