
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NQ40bMibwT0a11IYc0uLWXxFaxs.roa
File: NQ40bMibwT0a11IYc0uLWXxFaxs.roa (raw, json)
Hash identifier: ytcccO5HeK+wHfAn0WM607U+GFVVLqLnhP131aH+3hM=
Subject key identifier: 35:0E:34:6C:C8:9B:C1:3D:1A:D7:52:18:73:4B:8B:59:7C:45:6B:1B
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368C694AA6B5BA232DBABA0E4796B6C
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NQ40bMibwT0a11IYc0uLWXxFaxs.roa
Signing time: Thu 02 Jul 2026 15:18:16 +0000
ROA not before: Thu 02 Jul 2026 15:18:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 82.153.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:c6:94:aa:6b:5b:a2:32:db:ab:a0:e4:79:6b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=350e346cc89bc13d1ad75218734b8b597c456b1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:15:f0:6c:79:c5:5e:ae:a9:55:67:3a:fd:90:
9c:9e:eb:00:59:9e:1c:fb:99:f6:49:fe:a8:db:ef:
b5:cd:a7:1c:a4:49:43:2b:94:45:98:cc:eb:b3:69:
eb:f1:70:22:81:6e:3f:5a:78:3c:df:5b:57:d9:74:
71:b1:98:d8:00:8f:40:48:eb:b0:b0:74:3d:02:4a:
a5:f8:9b:37:c8:e6:f3:1f:bb:bb:df:15:de:f8:73:
68:5a:b5:cb:a6:51:49:11:9c:63:3b:d3:11:13:89:
b4:4f:e6:b1:ce:76:10:c6:e7:b6:bc:cb:ea:c3:a8:
9d:e8:25:ec:da:84:a6:c9:d7:9b:3f:e0:f9:c8:79:
94:05:ca:5b:4e:b2:10:43:3e:0e:b2:c3:a4:9c:aa:
11:b1:8d:8e:51:de:dc:15:97:b6:a9:a2:8e:6d:41:
99:f6:34:32:7a:40:70:c8:bb:b1:de:52:04:43:72:
b4:08:7f:61:cb:11:07:74:c6:02:91:40:7f:69:f2:
15:75:7f:c9:30:04:ef:47:d8:3f:cd:b9:38:52:b4:
5b:8d:14:da:81:18:36:9e:61:36:22:41:19:b5:5d:
7b:d3:aa:71:cd:4f:9e:1b:a7:7c:5c:c2:fe:47:f7:
e6:5d:d4:3d:40:80:4f:44:87:5d:c8:86:04:2d:ea:
0e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0E:34:6C:C8:9B:C1:3D:1A:D7:52:18:73:4B:8B:59:7C:45:6B:1B
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NQ40bMibwT0a11IYc0uLWXxFaxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.216.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:33:9f:91:2c:1c:c0:7f:85:74:f0:04:8d:43:c7:c4:6e:59:
0b:ee:ff:67:af:e4:8d:88:ca:d2:5c:d0:d3:4b:2a:d7:fc:b9:
d5:85:fc:a7:9c:56:0f:15:c5:9a:c1:f1:57:a9:7f:02:09:e1:
91:aa:cc:fd:99:96:b9:07:68:ab:43:1b:7f:80:7a:8c:f1:94:
55:f2:19:0f:21:7c:d1:b2:8a:e8:db:12:76:72:98:29:07:fa:
8b:06:9e:8f:4d:2f:c4:f5:c7:3b:cf:71:10:55:67:6d:3e:81:
d6:e1:89:f4:57:d9:56:3c:3f:1b:4f:4d:61:c2:4d:14:c0:98:
87:41:1c:3a:44:67:f5:3b:1f:97:ef:54:4a:7e:bb:e0:21:fc:
17:08:a1:32:12:e7:7b:16:0f:c6:c1:6e:a3:15:34:2f:98:dc:
2c:fa:e6:48:be:10:cc:af:24:a3:4f:68:6a:eb:d3:fa:5f:85:
67:6f:11:01:88:44:d2:f3:86:03:f1:fd:8e:0d:21:1e:62:d7:
3b:0f:29:8f:5d:26:28:45:b7:44:ca:a3:55:dc:59:e4:75:e1:
91:4e:b0:fa:f9:4a:d2:82:2f:4a:64:f2:f2:f3:a1:18:ef:1f:
f0:af:4d:82:f2:84:3d:a7:94:67:92:ce:5a:49:59:12:a5:a5:
a6:e0:13:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaMaUqmtbojLbq6DkeWtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTBlMzQ2Y2M4OWJjMTNkMWFkNzUyMTg3MzRiOGI1OTdjNDU2YjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRXwbHnFXq6pVWc6/ZCcnusAWZ4c
+5n2Sf6o2++1zaccpElDK5RFmMzrs2nr8XAigW4/Wng831tX2XRxsZjYAI9ASOuw
sHQ9Akql+Js3yObzH7u73xXe+HNoWrXLplFJEZxjO9MRE4m0T+axznYQxue2vMvq
w6id6CXs2oSmydebP+D5yHmUBcpbTrIQQz4OssOknKoRsY2OUd7cFZe2qaKObUGZ
9jQyekBwyLux3lIEQ3K0CH9hyxEHdMYCkUB/afIVdX/JMATvR9g/zbk4UrRbjRTa
gRg2nmE2IkEZtV1706pxzU+eG6d8XML+R/fmXdQ9QIBPRIddyIYELeoO3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDUONGzIm8E9GtdSGHNLi1l8RWsbMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTlE0MGJNaWJ3VDBhMTFJWWMwdUxXWHhGYXhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnYMA0G
CSqGSIb3DQEBCwUAA4IBAQBsM5+RLBzAf4V08ASNQ8fEblkL7v9nr+SNiMrSXNDT
SyrX/LnVhfynnFYPFcWawfFXqX8CCeGRqsz9mZa5B2irQxt/gHqM8ZRV8hkPIXzR
soro2xJ2cpgpB/qLBp6PTS/E9cc7z3EQVWdtPoHW4Yn0V9lWPD8bT01hwk0UwJiH
QRw6RGf1Ox+X71RKfrvgIfwXCKEyEud7Fg/GwW6jFTQvmNws+uZIvhDMrySjT2hq
69P6X4VnbxEBiETS84YD8f2ODSEeYtc7DymPXSYoRbdEyqNV3FnkdeGRTrD6+UrS
gi9KZPLy86EY7x/wr02C8oQ9p5Rnks5aSVkSpaWm4BNr
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:58 2026 by rpki-client