Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/b07UfMEb7bgqS9YVKg3FeyWplBY.roa
File: b07UfMEb7bgqS9YVKg3FeyWplBY.roa (raw, json)
Hash identifier: 5La9pjg5nSt4KkLswON450P9sRutO7xwpRh6hKJ6x+Q=
Subject key identifier: 6F:4E:D4:7C:C1:1B:ED:B8:2A:4B:D6:15:2A:0D:C5:7B:25:A9:94:16
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 019B7C7FA2242FD299CABA45AF68206D8921
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/b07UfMEb7bgqS9YVKg3FeyWplBY.roa
Signing time: Fri 02 Jan 2026 02:18:17 +0000
ROA not before: Fri 02 Jan 2026 02:18:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211720
IP address blocks: 185.56.81.0/24 maxlen: 24
185.56.83.0/24 maxlen: 24
185.231.32.0/24 maxlen: 24
185.231.33.0/24 maxlen: 24
2a0c:4d00::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:a2:24:2f:d2:99:ca:ba:45:af:68:20:6d:89:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Jan 2 02:18:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f4ed47cc11bedb82a4bd6152a0dc57b25a99416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:10:cd:67:eb:18:19:39:66:18:5f:71:82:83:
e1:eb:eb:7e:84:05:87:db:35:97:5b:ef:7f:6f:56:
10:72:7d:79:f4:d0:08:f2:64:10:c5:73:dc:c5:68:
a3:23:0e:0f:3c:ef:21:ce:17:3c:a3:dd:07:6f:7c:
0f:d2:d6:b5:ab:bd:92:39:f9:31:53:01:41:2d:48:
f9:4d:18:2a:3c:d0:3f:82:68:c0:aa:40:57:0f:a5:
e2:7c:30:bf:fe:6e:b8:7e:35:f5:35:08:a3:7d:06:
ae:7b:84:82:17:9e:3b:49:30:08:af:48:61:08:81:
cb:f7:11:76:c2:b1:9a:be:c4:ab:71:c2:7c:e9:ce:
c0:c1:79:3a:7e:76:bf:3a:32:e9:dd:ee:fc:c4:52:
3f:3e:1b:2d:e1:f6:08:1d:2b:25:6a:6e:92:d5:7a:
93:30:51:41:7d:66:0a:8e:db:0e:98:94:73:a6:5d:
d8:70:36:7b:28:9d:2b:5d:b6:2b:4e:10:15:9e:34:
8c:0d:10:06:2d:e5:4a:83:31:3a:e5:37:3d:65:cf:
b8:e9:1d:74:cd:e2:61:9c:9f:a9:03:4e:06:01:aa:
9b:63:26:25:20:a6:7d:32:21:37:d0:ea:d4:92:0d:
f7:31:4e:d3:1a:68:fb:83:4c:73:5e:9d:26:99:b0:
04:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:4E:D4:7C:C1:1B:ED:B8:2A:4B:D6:15:2A:0D:C5:7B:25:A9:94:16
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/b07UfMEb7bgqS9YVKg3FeyWplBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.81.0/24
185.56.83.0/24
185.231.32.0/23
IPv6:
2a0c:4d00::/36
Signature Algorithm: sha256WithRSAEncryption
ac:64:13:96:dd:ae:14:5b:d9:7f:fd:f8:8f:60:81:52:ac:49:
8b:ab:a8:61:92:3a:a2:d5:ff:a8:47:09:1b:ff:59:6d:6c:1a:
1f:fa:29:05:58:65:31:fe:d5:fb:d9:d2:e5:ba:73:2e:0c:2d:
d9:7f:7a:f0:e8:50:88:56:3f:ac:e4:db:8e:cb:bb:cc:28:2e:
21:39:3d:36:f8:71:4e:c9:35:c2:71:94:24:25:42:60:2c:55:
0f:c6:57:e2:55:4a:23:ba:20:1c:2e:60:68:d9:57:62:82:0d:
e5:56:3b:a4:dc:85:4b:dc:b0:99:7c:ed:85:fe:f1:b9:90:b5:
8d:7c:89:95:ce:c5:70:b5:79:3c:cc:f6:40:6e:94:f2:99:a0:
e7:10:2c:3a:67:b0:81:a1:47:0e:0d:c7:aa:9b:30:15:ad:14:
42:4c:8a:49:c6:a1:f8:85:8e:a3:3d:4d:41:f7:91:8f:bc:9a:
93:ed:e0:1a:ec:c7:be:f4:33:1e:25:dc:e2:63:47:32:de:c5:
33:a7:52:41:32:eb:df:59:3f:57:e5:5d:92:bf:05:ab:97:d8:
59:f5:8e:65:97:8d:7e:7c:40:2b:3c:99:61:dc:ac:10:2f:3b:
06:51:28:60:e5:a2:f0:1a:51:47:c7:b1:d4:dc:c7:46:e4:ec:
41:90:f4:a5
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt8f6IkL9KZyrpFr2ggbYkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjYwMTAyMDIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjRlZDQ3Y2MxMWJlZGI4MmE0YmQ2MTUyYTBkYzU3YjI1YTk5NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4hDNZ+sYGTlmGF9xgoPh6+t+hAWH
2zWXW+9/b1YQcn159NAI8mQQxXPcxWijIw4PPO8hzhc8o90Hb3wP0ta1q72SOfkx
UwFBLUj5TRgqPNA/gmjAqkBXD6XifDC//m64fjX1NQijfQaue4SCF547STAIr0hh
CIHL9xF2wrGavsSrccJ86c7AwXk6fna/OjLp3e78xFI/Phst4fYIHSslam6S1XqT
MFFBfWYKjtsOmJRzpl3YcDZ7KJ0rXbYrThAVnjSMDRAGLeVKgzE65Tc9Zc+46R10
zeJhnJ+pA04GAaqbYyYlIKZ9MiE30OrUkg33MU7TGmj7g0xzXp0mmbAESwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG9O1HzBG+24KkvWFSoNxXslqZQWMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvYjA3VWZNRWI3YmdxUzlZVktnM0ZleVdwbEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAuThRAwQA
uThTAwQBuecgMA4EAgACMAgDBgQqDE0AADANBgkqhkiG9w0BAQsFAAOCAQEArGQT
lt2uFFvZf/34j2CBUqxJi6uoYZI6otX/qEcJG/9ZbWwaH/opBVhlMf7V+9nS5bpz
Lgwt2X968OhQiFY/rOTbjsu7zCguITk9NvhxTsk1wnGUJCVCYCxVD8ZX4lVKI7og
HC5gaNlXYoIN5VY7pNyFS9ywmXzthf7xuZC1jXyJlc7FcLV5PMz2QG6U8pmg5xAs
OmewgaFHDg3HqpswFa0UQkyKScah+IWOoz1NQfeRj7yak+3gGuzHvvQzHiXc4mNH
Mt7FM6dSQTLr31k/V+Vdkr8Fq5fYWfWOZZeNfnxAKzyZYdysEC87BlEoYOWi8BpR
R8ex1NzHRuTsQZD0pQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:42:19 2026 by rpki-client