Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/AWmyBfEOalcHCOLrcaFKG5HFPHE.roa
File: AWmyBfEOalcHCOLrcaFKG5HFPHE.roa (raw, json)
Hash identifier: Y3J3g1nZc/ySJRqWRNCSEkDtupM7uhV4dfm4QnSVJmk=
Subject key identifier: 01:69:B2:05:F1:0E:6A:57:07:08:E2:EB:71:A1:4A:1B:91:C5:3C:71
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E4650706817BFE9EB6F8F7E93AF57D83E
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/AWmyBfEOalcHCOLrcaFKG5HFPHE.roa
Signing time: Wed 20 May 2026 16:55:37 +0000
ROA not before: Wed 20 May 2026 16:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 24768
IP address blocks: 80.174.164.0/22 maxlen: 22
80.174.176.0/22 maxlen: 22
80.174.184.0/22 maxlen: 22
80.174.240.0/22 maxlen: 22
80.174.247.0/24 maxlen: 24
80.174.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:46:50:70:68:17:bf:e9:eb:6f:8f:7e:93:af:57:d8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 20 16:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0169b205f10e6a570708e2eb71a14a1b91c53c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dc:72:6f:c7:62:32:73:b9:b6:ed:4d:3b:59:
62:40:2e:8f:df:46:96:85:42:71:2e:82:b2:a4:a3:
46:61:e6:e6:a8:6c:bd:c9:64:e1:41:75:e1:28:c0:
17:69:2c:90:df:2d:ba:df:02:ec:9f:9f:3c:75:5f:
29:7d:94:40:5c:6b:c0:f2:b5:2f:58:00:1b:be:77:
30:3b:19:01:13:dc:cb:9e:db:93:fa:90:bb:2d:67:
06:0b:06:d6:37:7e:d7:74:f9:16:0e:59:e7:40:cd:
a7:cf:fd:9c:49:69:5c:a9:26:69:37:01:47:4b:4b:
31:04:3b:66:95:ed:61:8a:e9:8c:67:30:95:8a:b5:
f6:16:d4:05:ed:16:2e:19:d3:da:1d:75:34:92:ae:
09:10:e3:73:bc:8f:53:88:22:01:96:c7:55:67:54:
c5:83:82:68:72:6f:86:9f:89:2c:db:a8:8a:8b:3d:
bc:a2:e0:c4:01:a0:9b:4e:87:fa:eb:7d:e1:7a:a1:
af:29:b7:11:5b:6e:b4:ee:c4:0b:56:78:6b:8b:47:
e1:41:e7:a2:71:d3:b8:d5:a8:fd:52:2f:9f:5e:c0:
bb:d5:d5:be:5c:63:7f:ca:f9:34:77:89:c0:a1:b5:
27:94:78:97:fb:43:53:bb:0d:b2:50:bb:c3:fd:79:
47:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:69:B2:05:F1:0E:6A:57:07:08:E2:EB:71:A1:4A:1B:91:C5:3C:71
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/AWmyBfEOalcHCOLrcaFKG5HFPHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.164.0/22
80.174.176.0/22
80.174.184.0/22
80.174.240.0/22
80.174.247.0/24
80.174.255.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:46:fd:04:48:2f:fb:25:ef:3f:f0:bb:8a:32:fa:48:52:e0:
a2:1c:8f:e3:65:a3:f8:e0:89:0a:cb:71:a4:e5:0a:9c:75:34:
96:68:b5:34:56:80:24:65:72:1b:80:df:6c:a0:28:11:67:5b:
67:f8:f9:69:23:ad:da:3b:51:94:71:69:0f:77:49:50:ab:1b:
88:69:e3:29:85:84:2f:e9:39:fe:f2:cd:67:e1:06:e5:67:8f:
74:45:51:b2:25:66:1d:b9:98:01:b9:e1:7c:b0:ad:90:c5:b1:
ab:c3:4c:c4:77:e3:db:84:da:c2:8d:64:68:a9:d6:13:b5:38:
fd:26:22:16:ae:1e:72:24:cd:30:7c:22:53:e5:1a:47:df:a0:
e7:1c:25:0c:47:e6:a3:c8:f1:b6:d5:0a:85:d5:75:d3:8c:8b:
cc:02:ca:de:9e:a3:2e:7c:d8:9f:ae:fc:a7:35:a7:4c:e3:ea:
88:85:ce:db:eb:cb:1e:e8:41:81:ec:d9:c6:9e:d0:f5:d2:be:
04:c1:d9:bf:26:9a:6e:42:28:fc:2b:ab:24:73:c8:7a:9c:9d:
63:8a:57:9e:21:a7:ac:aa:7d:66:3f:ef:bd:94:d5:f4:fd:fd:
d5:07:80:40:99:67:0c:b4:4e:c0:ea:8d:c8:e9:9c:53:b4:6d:
40:a8:52:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5GUHBoF7/p62+PfpOvV9g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTIwMTY1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY5YjIwNWYxMGU2YTU3MDcwOGUyZWI3MWExNGExYjkxYzUzYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldxyb8diMnO5tu1NO1liQC6P30aW
hUJxLoKypKNGYebmqGy9yWThQXXhKMAXaSyQ3y263wLsn588dV8pfZRAXGvA8rUv
WAAbvncwOxkBE9zLntuT+pC7LWcGCwbWN37XdPkWDlnnQM2nz/2cSWlcqSZpNwFH
S0sxBDtmle1hiumMZzCVirX2FtQF7RYuGdPaHXU0kq4JEONzvI9TiCIBlsdVZ1TF
g4Jocm+Gn4ks26iKiz28ouDEAaCbTof6633heqGvKbcRW2607sQLVnhri0fhQeei
cdO41aj9Ui+fXsC71dW+XGN/yvk0d4nAobUnlHiX+0NTuw2yULvD/XlHWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAFpsgXxDmpXBwji63GhShuRxTxxMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvQVdteUJmRU9hbGNIQ09McmNhRktHNUhGUEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCUK6kAwQC
UK6wAwQCUK64AwQCUK7wAwQAUK73AwQAUK7/MA0GCSqGSIb3DQEBCwUAA4IBAQDI
Rv0ESC/7Je8/8LuKMvpIUuCiHI/jZaP44IkKy3Gk5QqcdTSWaLU0VoAkZXIbgN9s
oCgRZ1tn+PlpI63aO1GUcWkPd0lQqxuIaeMphYQv6Tn+8s1n4QblZ490RVGyJWYd
uZgBueF8sK2QxbGrw0zEd+PbhNrCjWRoqdYTtTj9JiIWrh5yJM0wfCJT5RpH36Dn
HCUMR+ajyPG21QqF1XXTjIvMAsrenqMufNifrvynNadM4+qIhc7b68se6EGB7NnG
ntD10r4Ewdm/JppuQij8K6skc8h6nJ1jileeIaesqn1mP++9lNX0/f3VB4BAmWcM
tE7A6o3I6ZxTtG1AqFLq
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:42 2026 by rpki-client