
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3WgmMG0x0p94QBvrMWC9P1MaJQ8.roa
File: 3WgmMG0x0p94QBvrMWC9P1MaJQ8.roa (raw, json)
Hash identifier: KzaACleKGfJ96AfWbO0Wz1eZX1qr2EYL6p+SAMfJdzY=
Subject key identifier: DD:68:26:30:6D:31:D2:9F:78:40:1B:EB:31:60:BD:3F:53:1A:25:0F
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368AB551550B3E9ED253F7B67488B7B
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3WgmMG0x0p94QBvrMWC9P1MaJQ8.roa
Signing time: Thu 02 Jul 2026 15:18:09 +0000
ROA not before: Thu 02 Jul 2026 15:18:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 81.5.156.0/24 maxlen: 24
81.168.41.0/24 maxlen: 24
81.168.123.0/24 maxlen: 24
82.152.111.0/24 maxlen: 24
82.153.67.0/24 maxlen: 24
82.153.73.0/24 maxlen: 24
82.153.78.0/24 maxlen: 24
82.153.137.0/24 maxlen: 24
82.153.139.0/24 maxlen: 24
82.153.140.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
82.153.240.0/24 maxlen: 24
82.153.250.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
109.176.209.0/24 maxlen: 24
109.176.211.0/24 maxlen: 24
109.176.216.0/24 maxlen: 24
109.176.217.0/24 maxlen: 24
109.176.218.0/24 maxlen: 24
109.176.219.0/24 maxlen: 24
109.176.220.0/24 maxlen: 24
109.176.221.0/24 maxlen: 24
109.176.222.0/24 maxlen: 24
109.176.223.0/24 maxlen: 24
109.176.249.0/24 maxlen: 24
213.152.61.0/24 maxlen: 24
213.152.62.0/24 maxlen: 24
213.210.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:ab:55:15:50:b3:e9:ed:25:3f:7b:67:48:8b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dd6826306d31d29f78401beb3160bd3f531a250f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:58:8d:39:07:0a:26:cf:7b:11:e7:f7:7b:28:
ec:a8:67:83:fa:61:05:5d:7b:97:1a:40:55:17:87:
c7:2a:f6:37:5b:07:e9:7e:e4:9c:2d:42:c8:cd:bf:
80:34:3f:ee:42:35:0a:9c:89:f7:fd:57:d3:23:21:
e7:c4:ab:8a:d8:95:c9:90:2f:95:11:b9:07:bf:3b:
5d:f8:c7:d1:0e:3d:a4:35:0a:f1:f5:04:76:22:65:
bc:be:c7:84:51:2f:8b:0c:70:e3:6a:55:25:e5:e3:
be:d9:48:b3:73:74:9d:60:27:41:60:29:a4:59:70:
b2:c6:bd:9a:08:42:75:42:d9:de:88:1b:28:7d:fa:
a8:53:76:d3:50:ce:76:7f:4e:28:2c:a8:78:ec:18:
a9:aa:3b:54:c0:5f:21:10:3b:f6:7a:3f:b1:62:d4:
05:12:5e:5a:7b:fb:db:6a:d1:cd:f3:bb:de:5f:80:
a2:e8:6d:f2:c7:70:65:6b:39:89:a3:22:90:82:e7:
e1:ef:4b:58:2a:6d:5a:56:f8:67:2e:f8:6b:ed:bd:
17:3b:a8:bd:eb:75:83:49:85:61:95:29:e2:31:4f:
8b:a0:be:38:fe:6b:08:c1:38:73:1f:81:24:af:cb:
2b:98:ba:79:10:f6:66:c1:35:c2:56:43:c5:a5:c7:
71:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:68:26:30:6D:31:D2:9F:78:40:1B:EB:31:60:BD:3F:53:1A:25:0F
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/3WgmMG0x0p94QBvrMWC9P1MaJQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.156.0/24
81.168.41.0/24
81.168.123.0/24
82.152.111.0/24
82.153.67.0/24
82.153.73.0/24
82.153.78.0/24
82.153.137.0/24
82.153.139.0-82.153.140.255
82.153.221.0/24
82.153.223.0/24
82.153.240.0/24
82.153.250.0/24
89.213.153.0/24
109.176.209.0/24
109.176.211.0/24
109.176.216.0/21
109.176.249.0/24
213.152.61.0-213.152.62.255
213.210.40.0/24
Signature Algorithm: sha256WithRSAEncryption
23:6b:74:b8:4f:a8:0e:18:b9:e2:aa:94:71:72:94:72:80:9d:
ce:b1:aa:aa:6a:30:d0:c0:63:20:71:9a:35:64:07:13:96:e3:
9f:57:0d:d8:32:df:ff:81:8b:4f:78:0c:ae:a1:35:9b:5e:a6:
80:36:c1:d2:12:db:1b:71:1a:3d:65:7f:75:12:65:86:e6:3e:
0d:dd:6b:96:00:3a:77:84:51:d9:21:70:43:e2:0f:fa:47:6c:
4e:fb:09:d8:76:2c:d9:2b:d4:6b:21:2b:ef:7b:b8:61:8c:1c:
d9:38:b1:70:f2:c9:31:bd:50:13:16:82:2b:09:7c:c7:80:37:
d8:86:84:48:46:47:cc:98:67:be:02:a7:ef:53:9b:16:21:e8:
16:70:fb:58:5e:93:6f:23:2b:65:38:4a:de:ca:fa:0b:76:44:
7d:1b:e0:d8:87:f5:fd:f9:90:db:15:97:f4:32:56:d6:0b:bc:
4b:0e:6e:60:4b:74:1e:03:0b:6a:3e:c2:0e:0b:a9:1c:da:df:
8c:fb:5b:4e:3e:cb:50:00:c4:a3:89:9c:21:95:e3:4b:c7:e9:
1b:5b:a0:99:55:83:aa:47:a4:72:8f:ca:ab:2f:e7:16:d5:1d:
3e:d1:7d:31:56:9b:1f:4e:0c:83:4d:f7:c5:56:01:38:2b:ab:
90:a9:8a:7f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZ8jaKtVFVCz6e0lP3tnSIt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDY4MjYzMDZkMzFkMjlmNzg0MDFiZWIzMTYwYmQzZjUzMWEyNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1iNOQcKJs97Eef3eyjsqGeD+mEF
XXuXGkBVF4fHKvY3WwfpfuScLULIzb+AND/uQjUKnIn3/VfTIyHnxKuK2JXJkC+V
EbkHvztd+MfRDj2kNQrx9QR2ImW8vseEUS+LDHDjalUl5eO+2Uizc3SdYCdBYCmk
WXCyxr2aCEJ1QtneiBsoffqoU3bTUM52f04oLKh47BipqjtUwF8hEDv2ej+xYtQF
El5ae/vbatHN87veX4Ci6G3yx3BlazmJoyKQgufh70tYKm1aVvhnLvhr7b0XO6i9
63WDSYVhlSniMU+LoL44/msIwThzH4Ekr8srmLp5EPZmwTXCVkPFpcdx4QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFN1oJjBtMdKfeEAb6zFgvT9TGiUPMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvM1dnbU1HMHgwcDk0UUJ2ck1XQzlQMU1hSlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABR
BZwDBABRqCkDBABRqHsDBABSmG8DBABSmUMDBABSmUkDBABSmU4DBABSmYkwDAME
AFKZiwMEAFKZjAMEAFKZ3QMEAFKZ3wMEAFKZ8AMEAFKZ+gMEAFnVmQMEAG2w0QME
AG2w0wMEA22w2AMEAG2w+TAMAwQA1Zg9AwQA1Zg+AwQA1dIoMA0GCSqGSIb3DQEB
CwUAA4IBAQAja3S4T6gOGLniqpRxcpRygJ3OsaqqajDQwGMgcZo1ZAcTluOfVw3Y
Mt//gYtPeAyuoTWbXqaANsHSEtsbcRo9ZX91EmWG5j4N3WuWADp3hFHZIXBD4g/6
R2xO+wnYdizZK9RrISvve7hhjBzZOLFw8skxvVATFoIrCXzHgDfYhoRIRkfMmGe+
AqfvU5sWIegWcPtYXpNvIytlOEreyvoLdkR9G+DYh/X9+ZDbFZf0MlbWC7xLDm5g
S3QeAwtqPsIOC6kc2t+M+1tOPstQAMSjiZwhleNLx+kbW6CZVYOqR6Ryj8qrL+cW
1R0+0X0xVpsfTgyDTffFVgE4K6uQqYp/
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:48 2026 by rpki-client