Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BUYMXKImIWtBhegu5QgNR9LHQMg.roa
File: BUYMXKImIWtBhegu5QgNR9LHQMg.roa (raw, json)
Hash identifier: cdt35kwi+iVy/51zxOXBeOKvc3AmFeggxz1CX6LmR3A=
Subject key identifier: 05:46:0C:5C:A2:26:21:6B:41:85:E8:2E:E5:08:0D:47:D2:C7:40:C8
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 019CD6D99BAF890DAD6B7936BC032F9E2CC7
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BUYMXKImIWtBhegu5QgNR9LHQMg.roa
Signing time: Tue 10 Mar 2026 08:25:11 +0000
ROA not before: Tue 10 Mar 2026 08:25:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56534
IP address blocks: 82.179.248.0/22 maxlen: 22
85.142.82.0/24 maxlen: 24
85.142.84.0/24 maxlen: 24
85.142.88.0/22 maxlen: 24
85.142.136.0/24 maxlen: 24
85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.142.192.0/22 maxlen: 24
85.142.208.0/22 maxlen: 22
85.142.244.0/24 maxlen: 24
85.142.252.0/24 maxlen: 24
85.143.144.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 05:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d6:d9:9b:af:89:0d:ad:6b:79:36:bc:03:2f:9e:2c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Mar 10 08:25:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05460c5ca226216b4185e82ee5080d47d2c740c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:55:80:78:90:af:ec:ab:02:86:f3:7e:50:0f:
d6:4f:c4:78:df:61:d3:0e:3e:ae:5c:6d:85:0c:9f:
68:6d:40:41:25:3b:1f:3c:d4:0a:89:48:88:99:f6:
3d:1f:f4:0a:9b:38:ab:59:e4:4e:4e:79:35:b5:9d:
88:7e:16:ee:b7:32:6a:8e:b1:cc:be:ad:9b:2e:9f:
3c:20:37:eb:62:78:4d:d1:19:cb:90:1e:a1:a8:ac:
d3:1b:95:8f:26:89:03:c2:5d:1e:b7:36:de:de:3c:
f5:72:b5:e9:8c:3f:61:f1:19:b2:36:51:c5:fa:69:
ce:10:50:c9:e6:ab:71:9d:2e:4f:63:de:0b:da:a4:
3d:7e:41:51:1d:42:c5:6a:84:3b:95:7f:2c:1d:ec:
66:7d:d3:25:23:b8:1e:b2:78:a8:53:44:16:ad:e7:
38:c9:dd:fb:d7:33:0b:19:be:62:82:29:86:50:45:
88:8c:67:e0:1e:4a:b7:bd:20:3e:48:1d:75:bc:6f:
32:a3:df:b3:02:a6:32:4a:87:ce:73:8f:af:0a:54:
13:8a:34:bc:25:f3:be:4a:bc:78:d4:1d:47:1c:8f:
00:b4:fa:09:e7:96:52:a1:74:e9:90:17:5d:28:51:
ec:d4:e1:5f:2d:ce:f6:b5:f2:f0:27:3e:09:b9:f7:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:46:0C:5C:A2:26:21:6B:41:85:E8:2E:E5:08:0D:47:D2:C7:40:C8
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/BUYMXKImIWtBhegu5QgNR9LHQMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.82.0/24
85.142.84.0/24
85.142.88.0/22
85.142.136.0/24
85.142.164.0-85.142.179.255
85.142.192.0/22
85.142.208.0/22
85.142.244.0/24
85.142.252.0/24
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:86:fc:25:77:9d:9a:a6:6a:b5:ec:98:e8:8c:a2:a9:34:21:
48:2e:75:be:ad:92:50:45:56:06:c0:4b:6d:e8:5c:45:0f:8c:
6d:94:16:66:05:8a:f3:2a:2a:df:8b:8e:05:17:c7:a1:57:74:
4f:8d:61:af:7a:62:48:50:ed:b6:41:d6:a8:f7:4a:71:ba:1f:
44:9f:2e:87:9d:25:79:c4:8c:1c:d5:59:f9:90:5e:24:e8:fe:
0c:42:aa:27:c6:30:28:9e:23:73:54:5c:b9:c5:17:e3:7f:53:
ea:1e:d6:23:92:a3:65:87:0a:f2:2d:21:d5:2a:4e:bc:e5:37:
eb:e3:f6:73:54:ae:b6:c8:d1:19:0a:5e:b0:48:c2:ae:e8:35:
7b:6f:ff:c3:ec:ba:b1:ea:c4:d0:6f:31:a9:47:f2:b9:21:70:
3d:a3:e1:aa:06:0e:61:38:48:65:5f:b0:0a:da:ad:da:6c:f2:
8c:06:bf:bf:47:c1:6f:90:36:c3:7f:0e:d3:3e:8b:53:c1:ac:
85:89:d2:a9:f7:11:61:bd:2f:ce:c2:f7:89:4f:28:de:02:8b:
93:64:c0:b0:09:06:a9:10:b7:59:84:7c:29:75:98:f2:3e:01:
81:94:76:13:fb:11:f0:3a:89:61:78:3e:bc:cc:c9:59:d5:54:
c8:14:4f:a6
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZzW2ZuviQ2ta3k2vAMvnizHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjYwMzEwMDgyNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ2MGM1Y2EyMjYyMTZiNDE4NWU4MmVlNTA4MGQ0N2QyYzc0MGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1WAeJCv7KsChvN+UA/WT8R432HT
Dj6uXG2FDJ9obUBBJTsfPNQKiUiImfY9H/QKmzirWeROTnk1tZ2IfhbutzJqjrHM
vq2bLp88IDfrYnhN0RnLkB6hqKzTG5WPJokDwl0etzbe3jz1crXpjD9h8RmyNlHF
+mnOEFDJ5qtxnS5PY94L2qQ9fkFRHULFaoQ7lX8sHexmfdMlI7gesnioU0QWrec4
yd371zMLGb5igimGUEWIjGfgHkq3vSA+SB11vG8yo9+zAqYySofOc4+vClQTijS8
JfO+Srx41B1HHI8AtPoJ55ZSoXTpkBddKFHs1OFfLc72tfLwJz4JufcDPQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFAVGDFyiJiFrQYXoLuUIDUfSx0DIMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvQlVZTVhLSW1JV3RCaGVndTVRZ05SOUxIUU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAJSs/gD
BABVjlIDBABVjlQDBAJVjlgDBABVjogwDAMEAlWOpAMEAlWOsAMEAlWOwAMEAlWO
0AMEAFWO9AMEAFWO/AMEAlWPkAMEA1WPoAMEAlWPsAMEAlWPuDAMAwQAVY/LAwQE
VY/AAwQAVY/6AwQCVY/8MA0GCSqGSIb3DQEBCwUAA4IBAQCPhvwld52apmq17Jjo
jKKpNCFILnW+rZJQRVYGwEtt6FxFD4xtlBZmBYrzKirfi44FF8ehV3RPjWGvemJI
UO22Qdao90pxuh9Eny6HnSV5xIwc1Vn5kF4k6P4MQqonxjAoniNzVFy5xRfjf1Pq
HtYjkqNlhwryLSHVKk685Tfr4/ZzVK62yNEZCl6wSMKu6DV7b//D7Lqx6sTQbzGp
R/K5IXA9o+GqBg5hOEhlX7AK2q3abPKMBr+/R8FvkDbDfw7TPotTwayFidKp9xFh
vS/OwveJTyjeAouTZMCwCQapELdZhHwpdZjyPgGBlHYT+xHwOolheD68zMlZ1VTI
FE+m
-----END CERTIFICATE-----
Generated at Thu Mar 12 10:57:00 2026 by rpki-client