Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/wEwtO0NZ6TXQX8gg0IJb0VzbQ-Q.roa
File: wEwtO0NZ6TXQX8gg0IJb0VzbQ-Q.roa (raw, json)
Hash identifier: FcEEWrJiS8yPWJa3yj7NmskgZezjJ7BeD2/PrD66/Oc=
Subject key identifier: C0:4C:2D:3B:43:59:E9:35:D0:5F:C8:20:D0:82:5B:D1:5C:DB:43:E4
Certificate issuer: /CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Certificate serial: 019880F24C8D3982E2628E0892354538EA63
Authority key identifier: 30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/wEwtO0NZ6TXQX8gg0IJb0VzbQ-Q.roa
Signing time: Wed 06 Aug 2025 19:53:39 +0000
ROA not before: Wed 06 Aug 2025 19:53:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211720
IP address blocks: 185.56.83.0/24 maxlen: 24
185.231.32.0/24 maxlen: 24
185.231.33.0/24 maxlen: 24
2a06:e80:3000::/36 maxlen: 36
2a0c:4d00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:f2:4c:8d:39:82:e2:62:8e:08:92:35:45:38:ea:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306c0866dc25208e6c07d4a21d7d8050b508d6a2
Validity
Not Before: Aug 6 19:53:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c04c2d3b4359e935d05fc820d0825bd15cdb43e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a2:91:c0:58:e0:50:5d:b9:50:19:9e:a1:08:
91:cb:21:de:f2:51:af:8c:d2:7b:79:d9:3f:ae:df:
7f:70:3a:1d:a1:19:ca:86:06:d6:b1:0a:24:49:f1:
64:81:11:67:c3:fd:3f:8b:26:dc:e1:c0:c1:8c:04:
fd:f2:b7:2f:86:80:9e:17:e6:32:b8:a5:1c:66:18:
6e:69:1d:fb:de:77:2c:6e:60:fd:5e:c1:a0:34:4f:
ae:b1:24:96:76:57:e5:28:ee:c6:e0:58:b1:29:1d:
73:87:3f:d0:d3:98:c3:ed:6e:17:4f:83:47:af:64:
69:25:c3:81:ae:2a:88:d9:2a:17:f3:f8:0d:a6:2a:
fc:08:84:5f:2f:6a:3d:a7:f4:c1:02:b5:37:8a:97:
0f:2f:a6:2c:b5:03:f4:f5:7c:de:6f:25:23:08:91:
7b:4b:f9:51:dd:60:db:f2:cf:68:41:cc:98:f3:f1:
cd:bd:4e:2e:8c:7f:33:44:a9:c7:40:da:7f:3d:cf:
e3:fa:15:d7:ae:14:a1:20:c6:e0:84:e0:3a:30:31:
45:c8:17:32:88:98:7c:eb:78:4c:48:df:5c:48:3a:
aa:7c:e2:8d:9b:99:fe:f8:33:19:9a:dc:bc:8d:11:
5d:94:c1:f6:f9:d0:a9:57:ec:20:27:cd:f5:b0:c6:
06:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4C:2D:3B:43:59:E9:35:D0:5F:C8:20:D0:82:5B:D1:5C:DB:43:E4
X509v3 Authority Key Identifier:
keyid:30:6C:08:66:DC:25:20:8E:6C:07:D4:A2:1D:7D:80:50:B5:08:D6:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGwIZtwlII5sB9SiHX2AULUI1qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/wEwtO0NZ6TXQX8gg0IJb0VzbQ-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/badedf-d0e9-45a9-af75-10edb541e6ff/1/MGwIZtwlII5sB9SiHX2AULUI1qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.83.0/24
185.231.32.0/23
IPv6:
2a06:e80:3000::/36
2a0c:4d00::/36
Signature Algorithm: sha256WithRSAEncryption
a5:c3:85:f5:fa:c9:1f:c7:1e:33:91:6a:d2:b2:db:38:12:19:
dc:15:9b:de:f1:0c:d6:b8:e9:38:5c:4b:2f:1c:b6:e1:0b:53:
71:ac:26:fd:d0:73:28:93:05:f8:03:20:d2:ba:43:a6:39:5a:
44:e4:49:e0:6d:ea:4f:d1:91:ad:45:0e:46:4a:c3:63:b1:a1:
3b:a9:a8:51:8b:8a:c3:dd:db:13:00:25:3a:d4:83:d8:eb:3d:
0d:87:f6:2e:3f:19:f2:c4:17:8f:4e:40:97:34:e6:06:de:9f:
82:2d:f7:28:85:9d:f3:1c:87:55:01:e7:3e:d3:d9:00:1f:c0:
23:18:cc:8f:cc:cf:bc:81:8d:4c:ca:03:a9:bd:9d:0f:18:1a:
d2:f3:b0:13:b1:17:ec:d8:51:76:ab:46:20:26:57:19:b4:94:
81:bc:db:6c:7a:9a:cd:bd:22:2e:82:4a:dc:fc:aa:a8:f0:37:
1a:a8:29:5f:30:55:7c:4e:28:01:5a:51:29:b0:b6:e1:a2:13:
51:ae:c2:4c:d1:8b:49:fb:9f:ce:03:b2:69:76:4d:f8:9d:5a:
3d:d2:85:02:85:72:7c:56:b9:fb:dd:c1:19:dd:66:7c:70:27:
1a:7c:7e:ec:79:0b:f2:32:d2:07:4a:4c:38:12:af:f1:cc:a6:
c4:cc:45:43
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZiA8kyNOYLiYo4IkjVFOOpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmMwODY2ZGMyNTIwOGU2YzA3ZDRhMjFkN2Q4MDUwYjUw
OGQ2YTIwHhcNMjUwODA2MTk1MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRjMmQzYjQzNTllOTM1ZDA1ZmM4MjBkMDgyNWJkMTVjZGI0M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KKRwFjgUF25UBmeoQiRyyHe8lGv
jNJ7edk/rt9/cDodoRnKhgbWsQokSfFkgRFnw/0/iybc4cDBjAT98rcvhoCeF+Yy
uKUcZhhuaR373ncsbmD9XsGgNE+usSSWdlflKO7G4FixKR1zhz/Q05jD7W4XT4NH
r2RpJcOBriqI2SoX8/gNpir8CIRfL2o9p/TBArU3ipcPL6YstQP09XzebyUjCJF7
S/lR3WDb8s9oQcyY8/HNvU4ujH8zRKnHQNp/Pc/j+hXXrhShIMbghOA6MDFFyBcy
iJh863hMSN9cSDqqfOKNm5n++DMZmty8jRFdlMH2+dCpV+wgJ831sMYGGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMBMLTtDWek10F/IINCCW9Fc20PkMB8GA1UdIwQY
MBaAFDBsCGbcJSCObAfUoh19gFC1CNaiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUt
MTBlZGI1NDFlNmZmLzEvd0V3dE8wTlo2VFhRWDhnZzBJSmIwVnpiUS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9iYWRlZGYtZDBlOS00NWE5LWFmNzUtMTBlZGI1NDFlNmZm
LzEvTUd3SVp0d2xJSTVzQjlTaUhYMkFVTFVJMXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuThTAwQB
uecgMBYEAgACMBADBgQqBg6AMAMGBCoMTQAAMA0GCSqGSIb3DQEBCwUAA4IBAQCl
w4X1+skfxx4zkWrSsts4EhncFZve8QzWuOk4XEsvHLbhC1NxrCb90HMokwX4AyDS
ukOmOVpE5EngbepP0ZGtRQ5GSsNjsaE7qahRi4rD3dsTACU61IPY6z0Nh/YuPxny
xBePTkCXNOYG3p+CLfcohZ3zHIdVAec+09kAH8AjGMyPzM+8gY1MygOpvZ0PGBrS
87ATsRfs2FF2q0YgJlcZtJSBvNtseprNvSIugkrc/Kqo8DcaqClfMFV8TigBWlEp
sLbhohNRrsJM0YtJ+5/OA7Jpdk34nVo90oUChXJ8Vrn73cEZ3WZ8cCcafH7seQvy
MtIHSkw4Eq/xzKbEzEVD
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:22:33 2025 by rpki-client