
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FCsrCopaW0B9htwkDeOkUZSz_kI.roa
File: FCsrCopaW0B9htwkDeOkUZSz_kI.roa (raw, json)
Hash identifier: 8NXrHpNl/COJzSp3fKq1eyp0oe1RcfPE/ABu9H2XPsQ=
Subject key identifier: 14:2B:2B:0A:8A:5A:5B:40:7D:86:DC:24:0D:E3:A4:51:94:B3:FE:42
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2369013CEFC42102C35A1385A31C70B3
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FCsrCopaW0B9htwkDeOkUZSz_kI.roa
Signing time: Thu 02 Jul 2026 15:18:31 +0000
ROA not before: Thu 02 Jul 2026 15:18:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213607
IP address blocks: 81.168.8.0/24 maxlen: 24
81.168.9.0/24 maxlen: 24
81.168.11.0/24 maxlen: 24
81.168.16.0/24 maxlen: 24
81.168.29.0/24 maxlen: 24
81.168.85.0/24 maxlen: 24
81.168.101.0/24 maxlen: 24
82.153.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:01:3c:ef:c4:21:02:c3:5a:13:85:a3:1c:70:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=142b2b0a8a5a5b407d86dc240de3a45194b3fe42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6a:10:df:24:4b:02:a8:b0:02:44:aa:4e:9a:
eb:17:ae:da:26:c7:03:6c:56:60:84:f8:06:a5:83:
31:07:4c:bc:8f:6e:0f:c1:a8:ab:cf:8f:9e:b9:7b:
13:93:e9:7b:ab:4c:c2:6a:c8:9a:5f:2d:4b:37:04:
0b:36:99:90:bc:bf:f3:a5:95:43:16:4d:8a:15:73:
90:49:84:58:28:dd:ff:30:17:10:61:27:fd:36:b5:
56:ff:0f:90:03:25:ea:bc:67:7a:f3:64:65:62:53:
1a:c2:fc:3a:bc:b6:d5:1f:e3:92:27:36:eb:3c:22:
be:9d:11:78:dd:93:f0:b2:35:ed:99:45:cf:15:50:
ff:2c:8f:fd:13:a0:cb:86:42:39:1b:b4:ba:42:d6:
2f:d1:3e:57:69:76:21:4e:d3:f6:58:42:fc:4d:36:
56:48:69:10:dd:03:21:87:ad:5b:a2:24:94:25:a0:
59:b1:56:83:b4:5d:2d:16:19:ce:15:7b:8a:73:41:
f5:4a:9d:61:bc:b4:7d:d0:0b:3c:d4:2a:59:a0:82:
49:d5:99:c7:0e:c9:07:03:54:db:ab:fc:e5:d4:0a:
57:09:52:44:29:11:8c:dc:4b:8d:3d:54:9b:56:cf:
43:89:3c:2f:bc:b6:d6:f1:f8:e8:f6:5a:a6:f6:0e:
ce:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2B:2B:0A:8A:5A:5B:40:7D:86:DC:24:0D:E3:A4:51:94:B3:FE:42
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FCsrCopaW0B9htwkDeOkUZSz_kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.8.0/23
81.168.11.0/24
81.168.16.0/24
81.168.29.0/24
81.168.85.0/24
81.168.101.0/24
82.153.236.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f3:57:56:e2:2e:72:bb:57:72:f6:eb:50:6c:f8:19:81:a7:
3d:bf:76:6c:24:d4:01:3e:ce:e1:2e:71:9e:e4:f8:08:ed:e2:
ae:0e:5d:a9:7b:2d:67:01:df:00:38:d5:e9:7f:2c:f5:9e:c2:
d4:61:79:0c:2b:45:a5:c0:30:7b:b7:44:c8:e1:1b:73:53:9e:
91:97:23:52:96:e4:ca:01:16:8b:54:37:be:56:b2:2a:31:04:
48:64:09:86:15:b4:bc:6b:44:ef:8d:63:ad:3b:9c:05:84:2f:
ba:22:1e:0c:94:b7:74:9b:57:51:2c:81:f1:d9:c6:fc:39:bc:
cb:4a:dc:be:11:85:42:72:dd:e0:30:18:0c:0f:c0:92:87:a9:
41:2b:0f:30:87:52:b7:d5:4f:2f:26:1e:c8:f9:07:91:43:03:
06:81:1d:64:92:d7:61:91:35:a6:7e:f3:d5:f6:d6:30:db:9d:
1d:6a:b9:95:e9:f4:3b:e9:6b:2a:52:a0:84:28:c9:be:72:c7:
68:da:66:e5:b7:18:db:c1:6d:a1:92:b2:ad:cc:e9:60:21:ce:
a9:fd:d6:60:f9:71:cb:be:7a:d8:06:a6:65:57:e6:18:8c:bd:
0b:8e:f7:c1:cf:00:95:06:7c:f5:2b:e7:5d:15:f2:e7:a8:4a:
e7:2a:cd:92
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ8jaQE878QhAsNaE4WjHHCzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDJiMmIwYThhNWE1YjQwN2Q4NmRjMjQwZGUzYTQ1MTk0YjNmZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWoQ3yRLAqiwAkSqTprrF67aJscD
bFZghPgGpYMxB0y8j24Pwairz4+euXsTk+l7q0zCasiaXy1LNwQLNpmQvL/zpZVD
Fk2KFXOQSYRYKN3/MBcQYSf9NrVW/w+QAyXqvGd682RlYlMawvw6vLbVH+OSJzbr
PCK+nRF43ZPwsjXtmUXPFVD/LI/9E6DLhkI5G7S6QtYv0T5XaXYhTtP2WEL8TTZW
SGkQ3QMhh61boiSUJaBZsVaDtF0tFhnOFXuKc0H1Sp1hvLR90As81CpZoIJJ1ZnH
DskHA1Tbq/zl1ApXCVJEKRGM3EuNPVSbVs9DiTwvvLbW8fjo9lqm9g7OZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBQrKwqKWltAfYbcJA3jpFGUs/5CMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRkNzckNvcGFXMEI5aHR3a0RlT2tVWlN6X2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBUagIAwQA
UagLAwQAUagQAwQAUagdAwQAUahVAwQAUahlAwQAUpnsMA0GCSqGSIb3DQEBCwUA
A4IBAQAW81dW4i5yu1dy9utQbPgZgac9v3ZsJNQBPs7hLnGe5PgI7eKuDl2pey1n
Ad8AONXpfyz1nsLUYXkMK0WlwDB7t0TI4RtzU56RlyNSluTKARaLVDe+VrIqMQRI
ZAmGFbS8a0TvjWOtO5wFhC+6Ih4MlLd0m1dRLIHx2cb8ObzLSty+EYVCct3gMBgM
D8CSh6lBKw8wh1K31U8vJh7I+QeRQwMGgR1kktdhkTWmfvPV9tYw250darmV6fQ7
6WsqUqCEKMm+csdo2mbltxjbwW2hkrKtzOlgIc6p/dZg+XHLvnrYBqZlV+YYjL0L
jvfBzwCVBnz1K+ddFfLnqErnKs2S
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:37 2026 by rpki-client