Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/AmHNgRf9ejRyBkiPMXfdWQYwc5I.roa
File: AmHNgRf9ejRyBkiPMXfdWQYwc5I.roa (raw, json)
Hash identifier: GVna+l1h2VWTV7bNMp3Q/yH4TrNQafsQElZc2u46GSs=
Subject key identifier: 02:61:CD:81:17:FD:7A:34:72:06:48:8F:31:77:DD:59:06:30:73:92
Certificate issuer: /CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Certificate serial: 019D7292C21443BC69D58FC07A83A94B63ED
Authority key identifier: B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/AmHNgRf9ejRyBkiPMXfdWQYwc5I.roa
Signing time: Thu 09 Apr 2026 14:08:33 +0000
ROA not before: Thu 09 Apr 2026 14:08:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396617
IP address blocks: 81.19.194.0/24 maxlen: 24
81.19.194.30/32 maxlen: 32
81.19.195.0/24 maxlen: 24
81.19.195.30/32 maxlen: 32
81.19.195.31/32 maxlen: 32
185.100.0.0/24 maxlen: 24
185.100.0.53/32 maxlen: 32
2a10:eec0:abcd::/48 maxlen: 48
2a10:eec0:abcd::30/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:92:c2:14:43:bc:69:d5:8f:c0:7a:83:a9:4b:63:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4380b9b8c070457ed54bc45d12dddd244e06d52
Validity
Not Before: Apr 9 14:08:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0261cd8117fd7a347206488f3177dd5906307392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:7a:9c:34:7a:f1:45:1f:ba:82:b5:88:a3:86:
e3:dd:27:24:9a:0c:0c:1e:47:0a:a9:31:78:8c:e3:
e0:df:1f:98:a3:87:25:bb:09:b7:fa:0b:4a:61:8a:
59:e0:cc:f5:a3:39:82:49:d8:19:2f:d5:46:01:7d:
db:57:5c:6e:b1:71:e9:48:fc:de:d4:c3:ad:b4:05:
df:95:6f:a5:df:66:5f:ba:f5:a9:5a:1c:9a:e9:11:
69:30:57:5f:c3:59:7f:a7:00:81:78:51:4a:65:fe:
1f:12:d2:72:07:ed:16:d7:67:12:b4:e4:d3:be:5b:
c4:20:07:dc:b5:e1:f2:90:99:a4:60:c1:c8:93:3a:
22:63:79:30:27:c5:5f:f3:e1:94:ef:a6:2d:52:6b:
03:df:e3:05:ab:35:b0:ad:27:35:d2:c1:e5:1e:ab:
75:7b:8d:32:57:51:d4:7f:32:3e:f3:8a:dc:8d:43:
fa:8b:16:fb:fd:39:33:d5:6a:19:c9:fc:25:7d:61:
c2:99:99:27:07:b5:a2:68:86:e2:84:53:58:14:90:
05:7e:39:1c:8d:e2:b2:5d:4b:5f:d9:eb:70:57:31:
81:87:8f:25:c3:f5:77:05:a8:55:37:01:f1:06:41:
a7:2e:3f:8c:d7:9a:17:34:f9:22:a7:00:4c:c0:7e:
92:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:61:CD:81:17:FD:7A:34:72:06:48:8F:31:77:DD:59:06:30:73:92
X509v3 Authority Key Identifier:
keyid:B4:38:0B:9B:8C:07:04:57:ED:54:BC:45:D1:2D:DD:D2:44:E0:6D:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDgLm4wHBFftVLxF0S3d0kTgbVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/AmHNgRf9ejRyBkiPMXfdWQYwc5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/bc92e6-c8ee-48f0-ae7f-36ccb5a06195/1/tDgLm4wHBFftVLxF0S3d0kTgbVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.194.0/23
185.100.0.0/24
IPv6:
2a10:eec0:abcd::/48
Signature Algorithm: sha256WithRSAEncryption
af:ce:03:77:cb:ad:c1:6a:1e:df:5d:c1:74:d1:b0:33:c0:fe:
16:39:99:6d:8e:9c:9e:8a:61:27:c0:64:07:99:8b:8d:f7:44:
aa:c4:71:53:dd:3f:11:d9:62:1a:02:a1:80:09:46:77:1e:83:
ce:8d:0c:3f:ea:cf:80:52:bd:2a:9e:16:34:e9:8f:89:04:01:
3f:cb:08:4a:c9:f8:1b:ca:8b:08:ee:86:d7:d4:1c:4f:8c:88:
16:a1:e2:52:49:c0:4a:29:97:5a:db:fb:3f:d9:e1:1a:df:7e:
9d:a8:38:e1:b1:2e:e5:12:34:94:88:27:fb:81:3b:16:7a:88:
a8:65:2d:90:91:ac:55:48:67:3c:86:f5:e7:99:26:9f:f1:b8:
4a:20:5c:4c:6d:49:20:9d:bf:cf:c1:63:3d:f4:aa:06:a0:f5:
fd:47:99:55:53:a8:24:80:3d:57:f3:be:f2:ad:b0:85:b3:d7:
2d:0a:24:3f:44:c1:aa:6a:c2:7f:f1:65:6f:25:1e:f5:45:fc:
43:e8:96:b7:0b:3e:3d:4c:13:ab:64:04:05:68:b6:7f:8a:a6:
f5:ad:bb:8a:9d:60:1c:a0:07:67:75:bf:6d:6a:82:56:ed:03:
fa:e8:74:5b:bf:54:d6:8a:6c:11:e4:d8:16:42:ab:df:84:b1:
61:46:1b:a5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1yksIUQ7xp1Y/AeoOpS2PtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MzgwYjliOGMwNzA0NTdlZDU0YmM0NWQxMmRkZGQyNDRl
MDZkNTIwHhcNMjYwNDA5MTQwODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYxY2Q4MTE3ZmQ3YTM0NzIwNjQ4OGYzMTc3ZGQ1OTA2MzA3MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnqcNHrxRR+6grWIo4bj3SckmgwM
HkcKqTF4jOPg3x+Yo4cluwm3+gtKYYpZ4Mz1ozmCSdgZL9VGAX3bV1xusXHpSPze
1MOttAXflW+l32ZfuvWpWhya6RFpMFdfw1l/pwCBeFFKZf4fEtJyB+0W12cStOTT
vlvEIAfcteHykJmkYMHIkzoiY3kwJ8Vf8+GU76YtUmsD3+MFqzWwrSc10sHlHqt1
e40yV1HUfzI+84rcjUP6ixb7/Tkz1WoZyfwlfWHCmZknB7WiaIbihFNYFJAFfjkc
jeKyXUtf2etwVzGBh48lw/V3BahVNwHxBkGnLj+M15oXNPkipwBMwH6S6wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAJhzYEX/Xo0cgZIjzF33VkGMHOSMB8GA1UdIwQY
MBaAFLQ4C5uMBwRX7VS8RdEt3dJE4G1SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2Yt
MzZjY2I1YTA2MTk1LzEvQW1ITmdSZjllalJ5QmtpUE1YZmRXUVl3YzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iYzkyZTYtYzhlZS00OGYwLWFlN2YtMzZjY2I1YTA2MTk1
LzEvdERnTG00d0hCRmZ0Vkx4RjBTM2Qwa1RnYlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBURPCAwQA
uWQAMA8EAgACMAkDBwAqEO7Aq80wDQYJKoZIhvcNAQELBQADggEBAK/OA3fLrcFq
Ht9dwXTRsDPA/hY5mW2OnJ6KYSfAZAeZi433RKrEcVPdPxHZYhoCoYAJRnceg86N
DD/qz4BSvSqeFjTpj4kEAT/LCErJ+BvKiwjuhtfUHE+MiBah4lJJwEopl1rb+z/Z
4Rrffp2oOOGxLuUSNJSIJ/uBOxZ6iKhlLZCRrFVIZzyG9eeZJp/xuEogXExtSSCd
v8/BYz30qgag9f1HmVVTqCSAPVfzvvKtsIWz1y0KJD9Ewapqwn/xZW8lHvVF/EPo
lrcLPj1ME6tkBAVotn+KpvWtu4qdYBygB2d1v21qglbtA/rodFu/VNaKbBHk2BZC
q9+EsWFGG6U=
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:31:16 2026 by rpki-client