
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U2pFCOnQ0Sj1tOvYbfjZRWsaC5o.roa
File: U2pFCOnQ0Sj1tOvYbfjZRWsaC5o.roa (raw, json)
Hash identifier: rflD5FjVwEdWAbUAtnoGrejkmf9EFoL2N00n28g13r8=
Subject key identifier: 53:6A:45:08:E9:D0:D1:28:F5:B4:EB:D8:6D:F8:D9:45:6B:1A:0B:9A
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368F85B1CD95C108344A0BF8918DE39
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U2pFCOnQ0Sj1tOvYbfjZRWsaC5o.roa
Signing time: Thu 02 Jul 2026 15:18:29 +0000
ROA not before: Thu 02 Jul 2026 15:18:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212336
IP address blocks: 77.93.157.0/24 maxlen: 24
79.99.78.0/24 maxlen: 24
89.28.239.0/24 maxlen: 24
109.176.19.0/24 maxlen: 24
213.210.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:f8:5b:1c:d9:5c:10:83:44:a0:bf:89:18:de:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=536a4508e9d0d128f5b4ebd86df8d9456b1a0b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b5:f2:1d:5c:3d:7c:6e:25:ed:46:aa:9b:00:
04:de:d5:b1:aa:f2:27:9b:c6:43:8a:b2:82:72:47:
cc:15:74:e9:c5:12:51:44:16:73:5f:e8:3c:11:ac:
33:52:e2:e8:38:c9:24:b1:77:8f:a1:9f:85:56:1d:
9f:c0:b2:2d:43:26:f0:3f:e3:30:c9:a4:e4:0d:01:
9e:a3:f2:e0:12:36:a5:a0:64:9b:74:79:3f:ba:36:
8a:e6:1d:87:47:38:a8:b1:e6:18:d9:d8:0d:48:47:
f1:0f:f3:10:68:61:9e:b8:1a:03:43:69:8d:79:81:
af:ad:90:c1:e8:93:22:8d:25:98:4e:67:f3:6d:6a:
2c:fc:75:62:f5:b7:0d:83:ee:2c:68:d3:72:52:fe:
76:d0:de:fb:24:da:69:3b:e0:89:63:a0:de:60:3c:
e8:b0:0b:47:45:4e:90:2a:bf:e3:76:59:be:da:ee:
ce:79:fe:63:9a:13:27:65:14:ee:7f:52:6e:82:d5:
b5:3b:84:53:fb:5f:b7:fd:d3:bb:49:85:f5:24:5b:
0b:f1:9e:c7:3e:25:5b:e9:f6:65:eb:83:e3:b2:10:
e1:c1:1c:ac:8d:db:36:a8:ac:ac:5b:b3:60:30:ac:
cd:9f:1b:04:68:63:c4:15:e0:61:af:34:33:2e:d3:
f4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:6A:45:08:E9:D0:D1:28:F5:B4:EB:D8:6D:F8:D9:45:6B:1A:0B:9A
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U2pFCOnQ0Sj1tOvYbfjZRWsaC5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.157.0/24
79.99.78.0/24
89.28.239.0/24
109.176.19.0/24
213.210.4.0/23
Signature Algorithm: sha256WithRSAEncryption
0c:97:f1:47:8c:30:20:e2:9d:51:95:48:2c:92:23:da:49:25:
28:87:bd:ae:52:8b:45:05:36:23:f1:ec:f3:cd:79:1e:c2:1b:
32:2f:1f:aa:f1:c3:77:94:47:37:96:95:d2:79:22:df:a3:bf:
3b:1e:86:d9:07:d6:c9:a9:9b:60:a4:1f:3d:b4:01:88:1e:d8:
03:c9:61:56:65:da:72:e0:65:78:79:8c:40:f3:10:24:b4:3e:
e1:0a:00:4e:c7:13:ef:5d:16:21:79:70:66:9e:fb:8b:1e:cf:
50:b1:7c:b7:76:d2:1a:b2:15:02:79:9f:c9:64:7b:99:f9:0c:
8a:4f:40:8b:37:2d:cc:01:0a:3e:c6:74:af:d9:3e:a0:46:8d:
af:8b:9c:1f:63:eb:10:8d:75:99:f7:79:d3:a2:9c:16:69:ea:
b0:a8:0a:87:c7:5f:c4:cf:dc:e8:66:df:a3:a1:93:2c:95:9e:
7a:ae:50:20:3a:c4:03:f7:9b:c3:f5:f2:6e:0e:d3:f6:eb:65:
75:31:ef:5a:02:eb:2d:4a:1c:43:49:49:6e:2f:d7:dd:f3:36:
5a:ad:34:e5:e0:ec:20:fc:c2:99:fa:1e:55:ed:3e:36:17:e5:
50:44:ce:07:7a:c2:a5:de:59:0b:ef:1f:36:25:ad:c1:b8:98:
ea:41:7f:33
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8jaPhbHNlcEINEoL+JGN45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzZhNDUwOGU5ZDBkMTI4ZjViNGViZDg2ZGY4ZDk0NTZiMWEwYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbXyHVw9fG4l7UaqmwAE3tWxqvIn
m8ZDirKCckfMFXTpxRJRRBZzX+g8EawzUuLoOMkksXePoZ+FVh2fwLItQybwP+Mw
yaTkDQGeo/LgEjaloGSbdHk/ujaK5h2HRzioseYY2dgNSEfxD/MQaGGeuBoDQ2mN
eYGvrZDB6JMijSWYTmfzbWos/HVi9bcNg+4saNNyUv520N77JNppO+CJY6DeYDzo
sAtHRU6QKr/jdlm+2u7Oef5jmhMnZRTuf1JugtW1O4RT+1+3/dO7SYX1JFsL8Z7H
PiVb6fZl64PjshDhwRysjds2qKysW7NgMKzNnxsEaGPEFeBhrzQzLtP0bQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFNqRQjp0NEo9bTr2G342UVrGguaMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTJwRkNPblEwU2oxdE92WWJmalpSV3NhQzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATV2dAwQA
T2NOAwQAWRzvAwQAbbATAwQB1dIEMA0GCSqGSIb3DQEBCwUAA4IBAQAMl/FHjDAg
4p1RlUgskiPaSSUoh72uUotFBTYj8ezzzXkewhsyLx+q8cN3lEc3lpXSeSLfo787
HobZB9bJqZtgpB89tAGIHtgDyWFWZdpy4GV4eYxA8xAktD7hCgBOxxPvXRYheXBm
nvuLHs9QsXy3dtIashUCeZ/JZHuZ+QyKT0CLNy3MAQo+xnSv2T6gRo2vi5wfY+sQ
jXWZ93nTopwWaeqwqAqHx1/Ez9zoZt+joZMslZ56rlAgOsQD95vD9fJuDtP262V1
Me9aAustShxDSUluL9fd8zZarTTl4Owg/MKZ+h5V7T42F+VQRM4HesKl3lkL7x82
Ja3BuJjqQX8z
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:38 2026 by rpki-client