Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ob-POfaVSw15K5Do9RLQm2YgXlw.roa
File: ob-POfaVSw15K5Do9RLQm2YgXlw.roa (raw, json)
Hash identifier: ouG1N61w0Az8wGB3/0L1P2rIhuEcCaDWm5igC0250tA=
Subject key identifier: A1:BF:8F:39:F6:95:4B:0D:79:2B:90:E8:F5:12:D0:9B:66:20:5E:5C
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 019D99716CD8DBE9A495CF373FE4A9E68EA3
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ob-POfaVSw15K5Do9RLQm2YgXlw.roa
Signing time: Fri 17 Apr 2026 03:17:20 +0000
ROA not before: Fri 17 Apr 2026 03:17:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 185.56.47.0/24 maxlen: 24
185.87.57.0/24 maxlen: 24
188.246.211.0/24 maxlen: 24
188.246.213.0/24 maxlen: 24
188.246.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:71:6c:d8:db:e9:a4:95:cf:37:3f:e4:a9:e6:8e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Apr 17 03:17:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1bf8f39f6954b0d792b90e8f512d09b66205e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a1:42:1f:69:db:cd:f5:85:ab:b7:0a:27:83:
0c:f8:47:9a:91:22:5f:ae:d2:85:77:00:4d:25:4a:
2d:85:25:af:69:eb:3a:f6:d3:91:1d:40:fb:27:71:
ea:59:57:13:28:90:9d:c1:67:58:e4:fb:e2:ec:31:
d8:c2:89:1c:ef:47:e3:f9:1b:21:bb:ab:63:cf:dd:
c8:f5:0b:f0:4c:d9:8a:b7:a0:c8:c7:cf:a9:32:45:
30:6f:0c:48:83:ce:c0:e4:24:0f:f4:14:b6:aa:fb:
e4:67:e7:ff:69:b2:7d:90:c8:c1:f9:8d:3f:6d:3d:
3e:3f:0b:df:1b:90:c8:9e:5e:a6:97:04:14:f1:2e:
80:de:1e:48:4a:a2:2d:b5:2f:90:e3:fe:ee:87:83:
07:e2:24:da:38:db:d5:13:8c:f9:21:af:6f:c6:7a:
4e:e5:20:19:0a:60:b0:30:03:e4:35:39:39:4c:56:
8d:7c:01:3b:6b:9a:5f:16:58:90:49:3c:f3:33:ac:
dd:8c:64:3e:a3:38:0f:a1:71:68:81:55:a0:5e:b1:
ef:55:d0:e5:09:e9:e4:ba:33:ee:62:e9:7e:22:a9:
9e:ae:e1:10:44:e6:62:9a:04:2f:b9:bf:68:83:9a:
2f:f1:3f:9d:4a:fb:96:53:84:91:6b:fe:3e:20:a8:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BF:8F:39:F6:95:4B:0D:79:2B:90:E8:F5:12:D0:9B:66:20:5E:5C
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/ob-POfaVSw15K5Do9RLQm2YgXlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.47.0/24
185.87.57.0/24
188.246.211.0/24
188.246.213.0/24
188.246.215.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:93:d8:31:80:cc:c8:98:99:d4:c6:2c:64:3d:29:64:c5:24:
a0:65:14:af:9f:96:03:7e:05:a9:5e:95:49:9f:a1:e9:c6:f6:
0d:84:e9:20:d4:0a:e4:6d:61:c8:9c:f6:f5:a8:7d:67:3f:a8:
d7:2f:48:f2:43:1c:b3:eb:4e:f2:d2:72:06:e2:94:f7:01:c8:
d0:dd:2e:72:bf:0f:81:17:0f:53:72:e7:fc:52:1c:cd:be:cc:
7c:a6:00:ad:ff:82:31:ea:79:c4:4f:fc:d3:1b:8e:2e:e6:e0:
a2:0a:76:ae:05:3a:db:92:b1:e1:dd:82:4c:1f:a2:9f:86:00:
83:64:47:33:a9:e7:86:a1:37:72:cd:e6:fb:2d:97:49:e5:75:
bf:c3:d3:19:c8:39:89:0f:59:01:89:31:7a:b4:ae:9f:7e:09:
ed:7d:06:07:1f:71:43:f1:c4:b2:42:28:cf:7f:ad:81:15:07:
7f:d5:be:02:60:38:cc:d6:97:67:52:9a:7c:48:b4:34:c9:b7:
fd:a2:b3:6e:ff:49:26:a6:91:9b:71:7b:7d:76:26:0c:03:d7:
63:d4:e4:69:d2:52:1e:22:4f:07:75:ff:4f:d1:f6:8c:5d:d8:
7a:a3:4b:b5:84:52:a3:d4:32:a6:75:53:be:9a:5c:3e:92:51:
4c:46:44:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2ZcWzY2+mklc83P+Sp5o6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMjdhNjMxYmI2NzM4ZWI2OGJiNmVhNmM0MjRlZjRhN2Qx
NGMzY2IwHhcNMjYwNDE3MDMxNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJmOGYzOWY2OTU0YjBkNzkyYjkwZThmNTEyZDA5YjY2MjA1ZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaFCH2nbzfWFq7cKJ4MM+EeakSJf
rtKFdwBNJUothSWvaes69tORHUD7J3HqWVcTKJCdwWdY5Pvi7DHYwokc70fj+Rsh
u6tjz93I9QvwTNmKt6DIx8+pMkUwbwxIg87A5CQP9BS2qvvkZ+f/abJ9kMjB+Y0/
bT0+PwvfG5DInl6mlwQU8S6A3h5ISqIttS+Q4/7uh4MH4iTaONvVE4z5Ia9vxnpO
5SAZCmCwMAPkNTk5TFaNfAE7a5pfFliQSTzzM6zdjGQ+ozgPoXFogVWgXrHvVdDl
CenkujPuYul+IqmeruEQROZimgQvub9og5ov8T+dSvuWU4SRa/4+IKgBgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKG/jzn2lUsNeSuQ6PUS0JtmIF5cMB8GA1UdIwQY
MBaAFDAnpjG7ZzjraLtupsQk70p9FMPLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYt
MWRkNmQyODFjODhhLzEvb2ItUE9mYVZTdzE1SzVEbzlSTFFtMllnWGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS84ZDc4ZWItMjgzMi00MDgzLWFlMWYtMWRkNmQyODFjODhh
LzEvTUNlbU1idG5PT3RvdTI2bXhDVHZTbjBVdzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuTgvAwQA
uVc5AwQAvPbTAwQAvPbVAwQAvPbXMA0GCSqGSIb3DQEBCwUAA4IBAQDLk9gxgMzI
mJnUxixkPSlkxSSgZRSvn5YDfgWpXpVJn6HpxvYNhOkg1ArkbWHInPb1qH1nP6jX
L0jyQxyz607y0nIG4pT3AcjQ3S5yvw+BFw9Tcuf8UhzNvsx8pgCt/4Ix6nnET/zT
G44u5uCiCnauBTrbkrHh3YJMH6KfhgCDZEczqeeGoTdyzeb7LZdJ5XW/w9MZyDmJ
D1kBiTF6tK6ffgntfQYHH3FD8cSyQijPf62BFQd/1b4CYDjM1pdnUpp8SLQ0ybf9
orNu/0kmppGbcXt9diYMA9dj1ORp0lIeIk8Hdf9P0faMXdh6o0u1hFKj1DKmdVO+
mlw+klFMRkSd
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:50:17 2026 by rpki-client