
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/VHCbgB2ATThahBAQ0_Wyxf0owhM.roa
File: VHCbgB2ATThahBAQ0_Wyxf0owhM.roa (raw, json)
Hash identifier: hCVwSy59RxrE+Tg9Np1iqXmZk/e5opFjdQ7TOzl8JOk=
Subject key identifier: 54:70:9B:80:1D:80:4D:38:5A:84:10:10:D3:F5:B2:C5:FD:28:C2:13
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 019F12833649A7CD564606BE1F263FD212CF
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/VHCbgB2ATThahBAQ0_Wyxf0owhM.roa
Signing time: Mon 29 Jun 2026 08:33:36 +0000
ROA not before: Mon 29 Jun 2026 08:33:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.203.0/24 maxlen: 24
89.249.205.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
89.249.206.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 Jul 2026 05:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:83:36:49:a7:cd:56:46:06:be:1f:26:3f:d2:12:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 29 08:33:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54709b801d804d385a841010d3f5b2c5fd28c213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2e:8c:b4:ac:93:a6:96:3e:9c:c0:e1:2c:33:
29:03:52:70:06:36:23:4d:52:8d:da:de:68:f4:76:
6f:ac:3f:2c:1d:cb:48:d1:a4:ae:ef:d7:02:29:e3:
ba:25:93:6c:9f:a1:0b:60:07:8c:65:e7:3a:40:49:
c8:74:8c:bf:f8:4b:cb:34:3e:5f:93:1f:ff:11:92:
4d:df:fa:af:50:df:70:07:ee:0a:1b:15:f2:bf:1d:
4b:60:13:de:bf:b9:ff:e4:f4:76:46:bc:58:eb:7c:
7e:74:5b:10:07:4e:27:5b:37:47:c8:96:41:a4:8a:
19:90:cc:bc:89:49:a3:6c:e6:c0:c3:d4:73:28:54:
76:c6:9c:36:76:6d:9b:05:f6:7e:d3:de:81:9e:22:
89:cc:0b:09:e1:4f:62:d0:cb:f8:82:c8:db:49:db:
65:93:d5:f1:af:c2:26:61:92:c6:9a:e4:b2:0e:41:
b1:ef:0e:af:b0:d5:87:f5:1b:fa:98:ac:25:af:2e:
74:2e:e2:e3:16:59:1e:b1:35:db:d9:38:b5:1d:d5:
a5:df:b7:6a:72:ec:bd:ad:07:22:ef:31:f1:55:9a:
8e:77:93:f1:de:22:b4:22:7f:70:d4:45:a4:38:18:
6c:43:91:9c:55:89:25:9d:87:cd:ae:2f:65:cc:bf:
97:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:70:9B:80:1D:80:4D:38:5A:84:10:10:D3:F5:B2:C5:FD:28:C2:13
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/VHCbgB2ATThahBAQ0_Wyxf0owhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.203.0/24
89.249.205.0-89.249.207.255
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
06:f7:65:5f:e6:9d:2c:bb:3c:62:48:88:23:93:af:c9:2d:70:
f6:36:17:59:3f:5b:d9:da:fb:b8:45:d3:50:17:8a:3c:1e:e7:
c8:7d:09:f6:12:46:ce:e9:7e:22:2b:ad:1f:f9:bc:df:5c:2e:
a0:4e:f5:be:7b:67:33:c1:61:4d:a6:a2:03:0f:3d:56:2c:6f:
d3:0b:fe:a3:5b:ef:fd:1f:49:69:d7:c3:c2:2a:b7:8e:fc:25:
18:3a:bd:87:98:8e:ca:e5:f8:cf:b7:d1:05:47:e9:a3:d7:42:
73:4d:32:4d:e1:59:0b:35:2d:f0:2a:ca:b1:3c:65:22:ef:96:
9e:4f:0e:72:42:91:e1:e7:f6:1a:b3:7f:c5:d7:3b:04:b9:de:
96:3d:fa:2e:0c:63:4f:f5:fc:b3:20:a4:f2:2f:23:71:1c:ad:
36:1b:8e:89:d7:01:2d:83:4b:9e:dc:ac:5a:dc:c6:1a:76:32:
85:b9:8a:d2:74:c6:ac:75:9f:f7:91:38:4d:3c:37:38:16:ef:
af:8a:6e:0c:b0:34:1f:c7:13:89:ff:e2:85:21:f0:a7:c9:0a:
fa:56:2e:c0:6f:77:01:bf:bd:74:ee:49:7d:15:4a:09:1c:dd:
03:57:89:54:3e:70:de:eb:3c:53:33:42:78:fd:24:7a:2d:46:
17:a9:34:b9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ8SgzZJp81WRga+HyY/0hLPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjYwNjI5MDgzMzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcwOWI4MDFkODA0ZDM4NWE4NDEwMTBkM2Y1YjJjNWZkMjhjMjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry6MtKyTppY+nMDhLDMpA1JwBjYj
TVKN2t5o9HZvrD8sHctI0aSu79cCKeO6JZNsn6ELYAeMZec6QEnIdIy/+EvLND5f
kx//EZJN3/qvUN9wB+4KGxXyvx1LYBPev7n/5PR2RrxY63x+dFsQB04nWzdHyJZB
pIoZkMy8iUmjbObAw9RzKFR2xpw2dm2bBfZ+096BniKJzAsJ4U9i0Mv4gsjbSdtl
k9Xxr8ImYZLGmuSyDkGx7w6vsNWH9Rv6mKwlry50LuLjFlkesTXb2Ti1HdWl37dq
cuy9rQci7zHxVZqOd5Px3iK0In9w1EWkOBhsQ5GcVYklnYfNri9lzL+X5wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFRwm4AdgE04WoQQENP1ssX9KMITMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVkhDYmdCMkFUVGhhaEJBUTBfV3l4ZjBvd2hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDWfnAAwQA
WfnLMAwDBABZ+c0DBARZ+cADBATUKsAwDQYJKoZIhvcNAQELBQADggEBAAb3ZV/m
nSy7PGJIiCOTr8ktcPY2F1k/W9na+7hF01AXijwe58h9CfYSRs7pfiIrrR/5vN9c
LqBO9b57ZzPBYU2mogMPPVYsb9ML/qNb7/0fSWnXw8Iqt478JRg6vYeYjsrl+M+3
0QVH6aPXQnNNMk3hWQs1LfAqyrE8ZSLvlp5PDnJCkeHn9hqzf8XXOwS53pY9+i4M
Y0/1/LMgpPIvI3EcrTYbjonXAS2DS57crFrcxhp2MoW5itJ0xqx1n/eROE08NzgW
76+KbgywNB/HE4n/4oUh8KfJCvpWLsBvdwG/vXTuSX0VSgkc3QNXiVQ+cN7rPFMz
Qnj9JHotRhepNLk=
-----END CERTIFICATE-----
Generated at Sat Jul 4 06:26:39 2026 by rpki-client