
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1YArWEQ33degjogB_YF0fddst34.roa
File: 1YArWEQ33degjogB_YF0fddst34.roa (raw, json)
Hash identifier: vgKflzGeJzIgAsCEFDLdWmBZkXsUIBtuL1OK3H+aOL4=
Subject key identifier: D5:80:2B:58:44:37:DD:D7:A0:8E:88:01:FD:81:74:7D:D7:6C:B7:7E
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2369140C1B425D6A2C2CD24F826A449C
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1YArWEQ33degjogB_YF0fddst34.roa
Signing time: Thu 02 Jul 2026 15:18:36 +0000
ROA not before: Thu 02 Jul 2026 15:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216200
IP address blocks: 109.176.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:14:0c:1b:42:5d:6a:2c:2c:d2:4f:82:6a:44:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d5802b584437ddd7a08e8801fd81747dd76cb77e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c0:82:b0:1c:3d:6b:43:e8:4d:87:f7:39:78:
c3:7e:01:a9:7b:79:24:7f:49:0c:ba:99:78:5c:4e:
97:3a:57:95:db:ae:60:15:01:e7:83:5d:c8:b1:16:
26:70:fb:f7:55:2d:44:37:d8:d7:52:c1:84:62:5f:
15:72:3f:30:08:bf:0c:73:b5:1c:76:0a:de:71:5b:
16:23:ad:61:35:78:af:2a:83:29:b7:1a:97:73:d9:
d1:d3:17:9c:94:74:d9:53:27:90:25:f1:5c:af:41:
81:b6:cc:47:c1:fa:9e:d1:49:be:a5:0a:d0:d2:41:
d2:98:97:93:f3:45:4a:67:dd:8c:30:bf:f6:27:be:
fe:c8:b6:57:02:3e:19:c4:a8:3e:34:76:2a:90:a9:
27:87:99:d7:22:77:46:70:81:15:08:47:88:af:b5:
20:76:de:7b:59:cc:e8:0b:c4:e3:4e:d0:81:ab:47:
ae:98:5d:99:01:cd:83:c1:f1:66:69:3e:a9:8c:b2:
eb:97:40:55:dc:ee:46:de:ca:3e:db:05:ba:27:23:
0a:b9:f1:fc:b8:b1:7f:26:98:ca:96:a3:ba:ac:d5:
82:a6:31:b3:f6:f3:2d:37:cd:9e:c4:f3:58:ea:7c:
45:b4:7f:17:2e:23:cb:43:2f:a8:36:ff:a1:70:9f:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:80:2B:58:44:37:DD:D7:A0:8E:88:01:FD:81:74:7D:D7:6C:B7:7E
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1YArWEQ33degjogB_YF0fddst34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:9d:98:8d:fe:a7:cb:21:d4:66:f2:22:09:21:b5:95:7c:08:
51:41:33:7d:08:62:fc:ae:f6:82:ce:9d:27:30:c3:bd:2b:99:
5c:e5:66:3f:13:12:bb:64:bb:cf:a5:0e:11:b7:b1:c9:a7:fc:
c8:5b:cf:52:e9:37:49:20:9d:83:10:62:b3:32:0d:f7:1c:0b:
c9:2d:82:f7:d0:1d:51:86:29:23:c1:1d:0d:66:b5:af:05:43:
ed:78:7e:a3:9e:76:7b:c2:df:94:d3:82:4a:98:f0:1a:12:14:
da:5b:42:d9:f1:30:43:03:36:fa:a3:93:93:5b:d7:18:f2:62:
9c:07:60:da:19:d5:49:03:98:e5:f6:0b:99:47:38:41:93:61:
fc:8c:aa:76:f8:9e:fd:4f:9f:8c:f8:03:9f:f8:0e:86:fb:4b:
72:13:8e:51:25:77:45:b9:ea:f8:e3:7c:6c:a3:91:a4:57:8e:
0c:87:b7:c3:dd:13:bb:fa:74:f8:f3:3e:02:64:e9:ae:82:e2:
bc:19:a9:ed:7e:52:75:05:21:02:0a:34:68:bd:c5:6d:bb:c2:
59:5c:16:3e:f4:3a:49:48:e5:5c:8e:ad:f5:a0:1a:0b:60:32:
e5:aa:c6:89:94:6f:86:58:f0:79:4c:93:4b:fd:e9:17:18:56:
52:66:a2:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaRQMG0Jdaiws0k+CakScMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTgwMmI1ODQ0MzdkZGQ3YTA4ZTg4MDFmZDgxNzQ3ZGQ3NmNiNzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cCCsBw9a0PoTYf3OXjDfgGpe3kk
f0kMupl4XE6XOleV265gFQHng13IsRYmcPv3VS1EN9jXUsGEYl8Vcj8wCL8Mc7Uc
dgrecVsWI61hNXivKoMptxqXc9nR0xeclHTZUyeQJfFcr0GBtsxHwfqe0Um+pQrQ
0kHSmJeT80VKZ92MML/2J77+yLZXAj4ZxKg+NHYqkKknh5nXIndGcIEVCEeIr7Ug
dt57WczoC8TjTtCBq0eumF2ZAc2DwfFmaT6pjLLrl0BV3O5G3so+2wW6JyMKufH8
uLF/JpjKlqO6rNWCpjGz9vMtN82exPNY6nxFtH8XLiPLQy+oNv+hcJ9MdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNWAK1hEN93XoI6IAf2BdH3XbLd+MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMVlBcldFUTMzZGVnam9nQl9ZRjBmZGRzdDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDwMA0G
CSqGSIb3DQEBCwUAA4IBAQBOnZiN/qfLIdRm8iIJIbWVfAhRQTN9CGL8rvaCzp0n
MMO9K5lc5WY/ExK7ZLvPpQ4Rt7HJp/zIW89S6TdJIJ2DEGKzMg33HAvJLYL30B1R
hikjwR0NZrWvBUPteH6jnnZ7wt+U04JKmPAaEhTaW0LZ8TBDAzb6o5OTW9cY8mKc
B2DaGdVJA5jl9guZRzhBk2H8jKp2+J79T5+M+AOf+A6G+0tyE45RJXdFuer443xs
o5GkV44Mh7fD3RO7+nT48z4CZOmuguK8GantflJ1BSECCjRovcVtu8JZXBY+9DpJ
SOVcjq31oBoLYDLlqsaJlG+GWPB5TJNL/ekXGFZSZqJY
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:18:32 2026 by rpki-client