
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2GET_y72NpaZWeDJq3i0nn_o07Y.roa
File: 2GET_y72NpaZWeDJq3i0nn_o07Y.roa (raw, json)
Hash identifier: AkH8JeNdvPKd8O56zWjGFhZyMl7mrLj03608uYfwOlE=
Subject key identifier: D8:61:13:FF:2E:F6:36:96:99:59:E0:C9:AB:78:B4:9E:7F:E8:D3:B6
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F23690FAE15000281A2EE09636E343FF5
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2GET_y72NpaZWeDJq3i0nn_o07Y.roa
Signing time: Thu 02 Jul 2026 15:18:35 +0000
ROA not before: Thu 02 Jul 2026 15:18:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215638
IP address blocks: 89.213.96.0/24 maxlen: 24
109.176.243.0/24 maxlen: 24
213.218.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:0f:ae:15:00:02:81:a2:ee:09:63:6e:34:3f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d86113ff2ef636969959e0c9ab78b49e7fe8d3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:51:73:56:ae:54:1c:75:5c:5c:92:5d:f8:bd:
83:70:76:4d:c9:48:5f:79:1b:5f:81:dd:a0:b6:d5:
04:a5:e5:cd:ef:f1:81:8e:39:a1:5c:8d:93:29:c2:
4a:29:30:dd:83:b2:0a:99:0a:58:30:fb:f2:c6:e7:
79:75:8f:7e:2d:04:7f:b6:fd:73:f3:1b:f4:0f:d5:
05:d1:f2:dd:ca:ee:2d:c4:61:59:96:5a:03:c0:98:
b4:28:05:27:a1:25:d1:6f:cc:a2:16:29:c7:63:12:
cc:00:02:99:8a:c0:3d:59:66:1e:d0:d5:32:5b:39:
c9:e6:89:90:fc:7a:0d:29:0d:b4:36:78:da:cd:5d:
28:af:b9:da:0c:b6:f4:bf:52:79:78:7e:41:38:4f:
19:67:f3:5b:33:d4:e2:a6:71:33:86:f3:6a:c5:6d:
fc:21:72:ac:1c:1f:4a:f1:8c:bc:77:a5:2d:74:82:
db:b1:9f:02:90:55:c9:de:30:4a:88:f7:ae:42:1f:
fd:83:40:f1:c2:9b:aa:03:7c:f3:3a:b7:ea:a8:f3:
53:80:6f:89:28:61:db:0d:52:80:27:03:9b:9d:59:
7c:8e:b3:b5:14:ef:ae:d1:f9:24:2d:d6:92:45:85:
b7:6f:e3:ae:58:c8:eb:26:0b:5a:09:cd:c8:b0:4f:
bf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:61:13:FF:2E:F6:36:96:99:59:E0:C9:AB:78:B4:9E:7F:E8:D3:B6
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2GET_y72NpaZWeDJq3i0nn_o07Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.96.0/24
109.176.243.0/24
213.218.252.0/23
Signature Algorithm: sha256WithRSAEncryption
06:45:c2:d0:54:38:63:68:48:87:9f:94:e5:ec:22:bb:b8:36:
55:ad:27:65:28:98:c6:db:aa:6c:e0:99:cb:ff:34:c6:7a:c5:
fd:84:45:f1:7a:4d:75:5e:68:5f:69:87:0f:38:c1:64:dd:51:
35:7a:ad:7a:88:c1:86:38:f4:9c:19:cf:ae:54:e8:89:f4:bc:
16:94:3e:42:a3:3c:be:e0:a7:e8:80:4e:ae:41:e1:51:74:99:
8d:19:70:2f:96:58:7a:11:ae:69:d2:09:50:d2:fd:a3:a3:ef:
5b:40:55:cd:86:8c:b4:0b:26:c7:2e:4f:7b:e6:0a:a2:08:30:
09:83:3f:ca:c1:a8:71:c3:ff:a2:0e:aa:0c:99:06:30:9d:65:
71:c1:b5:f7:03:2e:a4:e4:39:26:3e:61:11:ed:01:bd:1d:dc:
67:22:92:c8:51:90:6a:01:73:ae:0c:09:0f:dc:ee:78:e6:f5:
64:70:ce:b8:77:35:13:e2:8e:f7:d6:7a:29:f1:9f:5e:b7:b7:
dc:59:4c:50:08:75:04:5e:8a:47:ad:78:75:69:01:78:24:14:
d5:89:87:7b:bf:46:09:74:32:b0:22:13:17:ea:c3:90:de:68:
5b:63:b6:71:40:50:4f:9a:3a:09:93:16:7a:53:cb:5c:06:f3:
9a:99:09:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8jaQ+uFQACgaLuCWNuND/1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYxMTNmZjJlZjYzNjk2OTk1OWUwYzlhYjc4YjQ5ZTdmZThkM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVFzVq5UHHVcXJJd+L2DcHZNyUhf
eRtfgd2gttUEpeXN7/GBjjmhXI2TKcJKKTDdg7IKmQpYMPvyxud5dY9+LQR/tv1z
8xv0D9UF0fLdyu4txGFZlloDwJi0KAUnoSXRb8yiFinHYxLMAAKZisA9WWYe0NUy
WznJ5omQ/HoNKQ20NnjazV0or7naDLb0v1J5eH5BOE8ZZ/NbM9TipnEzhvNqxW38
IXKsHB9K8Yy8d6UtdILbsZ8CkFXJ3jBKiPeuQh/9g0DxwpuqA3zzOrfqqPNTgG+J
KGHbDVKAJwObnVl8jrO1FO+u0fkkLdaSRYW3b+OuWMjrJgtaCc3IsE+/NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNhhE/8u9jaWmVngyat4tJ5/6NO2MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkdFVF95NzJOcGFaV2VESnEzaTBubl9vMDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdVgAwQA
bbDzAwQB1dr8MA0GCSqGSIb3DQEBCwUAA4IBAQAGRcLQVDhjaEiHn5Tl7CK7uDZV
rSdlKJjG26ps4JnL/zTGesX9hEXxek11XmhfaYcPOMFk3VE1eq16iMGGOPScGc+u
VOiJ9LwWlD5Cozy+4KfogE6uQeFRdJmNGXAvllh6Ea5p0glQ0v2jo+9bQFXNhoy0
CybHLk975gqiCDAJgz/Kwahxw/+iDqoMmQYwnWVxwbX3Ay6k5DkmPmER7QG9Hdxn
IpLIUZBqAXOuDAkP3O545vVkcM64dzUT4o731nop8Z9et7fcWUxQCHUEXopHrXh1
aQF4JBTViYd7v0YJdDKwIhMX6sOQ3mhbY7ZxQFBPmjoJkxZ6U8tcBvOamQmn
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:48 2026 by rpki-client