
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/48ku9AY3hNBbYCHCL-bgvQbBhfw.roa
File: 48ku9AY3hNBbYCHCL-bgvQbBhfw.roa (raw, json)
Hash identifier: qCXQz112+bFc9eJ7QG87pWUXq6I2Qfm2c/ExbRAL5Dg=
Subject key identifier: E3:C9:2E:F4:06:37:84:D0:5B:60:21:C2:2F:E6:E0:BD:06:C1:85:FC
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368C7281F9185C8C4844C2CF4DAB7DF
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/48ku9AY3hNBbYCHCL-bgvQbBhfw.roa
Signing time: Thu 02 Jul 2026 15:18:17 +0000
ROA not before: Thu 02 Jul 2026 15:18:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 77.93.142.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:c7:28:1f:91:85:c8:c4:84:4c:2c:f4:da:b7:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e3c92ef4063784d05b6021c22fe6e0bd06c185fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:84:a1:57:fc:17:46:c2:44:1a:87:ad:be:7b:
ef:1d:38:e1:c6:20:4d:4d:58:12:7c:aa:89:40:45:
d1:8c:e7:8e:5b:96:69:63:62:b8:cb:5f:fa:c8:d8:
3e:b0:c4:9e:91:bc:1d:3d:e3:97:d2:16:b7:ea:7f:
cc:27:46:18:04:83:d8:49:6e:ae:eb:bc:39:99:de:
83:26:48:c2:56:27:09:c3:85:a9:6e:d1:ff:49:d8:
21:72:e2:31:46:eb:f0:e0:93:25:ff:cc:10:c9:40:
e1:14:a6:b2:01:10:5f:db:0b:42:c4:1d:bb:02:47:
cb:3f:58:ae:df:21:a3:da:fb:40:bf:16:4a:28:45:
c1:a2:68:77:09:17:de:28:41:04:0f:96:a5:17:9f:
02:f9:0f:b8:fa:a9:8f:41:f7:00:48:87:ce:62:1e:
c0:50:94:eb:38:82:c7:95:9a:c4:6e:30:c0:00:71:
94:97:16:17:be:94:1e:0a:1a:2e:ba:0f:f9:78:ad:
bf:24:18:9a:22:a8:10:f4:60:d0:01:9d:9e:fa:10:
12:92:ec:99:d3:e2:29:90:21:92:e0:c7:f6:b1:38:
e9:df:0e:12:2a:ea:b3:dc:ad:00:19:f9:8b:b2:9a:
c0:42:15:f1:8a:be:57:d6:e5:80:7e:f1:aa:30:d0:
7b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C9:2E:F4:06:37:84:D0:5B:60:21:C2:2F:E6:E0:BD:06:C1:85:FC
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/48ku9AY3hNBbYCHCL-bgvQbBhfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.142.0/24
89.213.229.0/24
89.213.249.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:7b:29:88:95:05:d5:26:13:d3:d0:21:73:b2:76:02:d4:35:
15:35:52:71:40:68:a3:0b:9f:33:65:c6:12:80:e8:a5:89:8e:
ea:a3:ae:4e:6f:76:1b:47:90:30:f2:12:f0:ea:5d:36:10:ff:
5d:15:47:6e:92:c2:a5:e5:37:2d:8e:d2:46:13:93:45:7a:2a:
97:a3:b6:1c:0f:36:bf:76:12:b0:60:0b:e0:ad:05:a2:07:c8:
bd:12:1b:fb:c9:b0:40:3e:1c:11:55:73:e7:47:8b:44:06:e6:
b1:e6:02:24:50:5b:35:b8:50:bb:1c:4f:33:72:ce:06:c4:58:
9c:59:5d:42:f6:41:3d:44:45:eb:e3:bc:b2:ec:fd:05:d7:c1:
19:a0:9b:2d:15:2f:65:dc:37:f8:be:26:8c:d3:b6:69:ca:e0:
cc:3e:ae:7c:ae:a7:71:6c:55:7c:05:cc:91:c2:d0:2c:27:4f:
75:92:06:85:86:48:39:c0:dd:dc:bd:8e:93:a5:63:33:63:60:
d8:a9:25:db:22:40:b1:c7:27:b0:d0:b5:c6:47:98:0c:40:9a:
ec:3f:a1:0e:41:58:ef:2b:5d:ca:08:4a:fa:f0:56:2e:ec:1c:
a3:a6:4b:a7:b1:78:da:08:da:77:f1:a3:74:75:cf:15:d8:19:
27:ee:33:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ8jaMcoH5GFyMSETCz02rffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2M5MmVmNDA2Mzc4NGQwNWI2MDIxYzIyZmU2ZTBiZDA2YzE4NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIShV/wXRsJEGoetvnvvHTjhxiBN
TVgSfKqJQEXRjOeOW5ZpY2K4y1/6yNg+sMSekbwdPeOX0ha36n/MJ0YYBIPYSW6u
67w5md6DJkjCVicJw4WpbtH/SdghcuIxRuvw4JMl/8wQyUDhFKayARBf2wtCxB27
AkfLP1iu3yGj2vtAvxZKKEXBomh3CRfeKEEED5alF58C+Q+4+qmPQfcASIfOYh7A
UJTrOILHlZrEbjDAAHGUlxYXvpQeChouug/5eK2/JBiaIqgQ9GDQAZ2e+hASkuyZ
0+IpkCGS4Mf2sTjp3w4SKuqz3K0AGfmLsprAQhXxir5X1uWAfvGqMNB72wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOPJLvQGN4TQW2Ahwi/m4L0GwYX8MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNDhrdTlBWTNoTkJiWUNIQ0wtYmd2UWJCaGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2OAwQA
WdXlAwQAWdX5AwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQAaeymIlQXVJhPT0CFz
snYC1DUVNVJxQGijC58zZcYSgOiliY7qo65Ob3YbR5Aw8hLw6l02EP9dFUduksKl
5TctjtJGE5NFeiqXo7YcDza/dhKwYAvgrQWiB8i9Ehv7ybBAPhwRVXPnR4tEBuax
5gIkUFs1uFC7HE8zcs4GxFicWV1C9kE9REXr47yy7P0F18EZoJstFS9l3Df4viaM
07ZpyuDMPq58rqdxbFV8BcyRwtAsJ091kgaFhkg5wN3cvY6TpWMzY2DYqSXbIkCx
xyew0LXGR5gMQJrsP6EOQVjvK13KCEr68FYu7ByjpkunsXjaCNp38aN0dc8V2Bkn
7jOW
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:19:18 2026 by rpki-client