
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U7fhnCTO17QtwOEDL2uPDUlwoKM.roa
File: U7fhnCTO17QtwOEDL2uPDUlwoKM.roa (raw, json)
Hash identifier: jCdcYakgwlqYqZvZDivGOxD4yL+982tnWxT9vBwfss0=
Subject key identifier: 53:B7:E1:9C:24:CE:D7:B4:2D:C0:E1:03:2F:6B:8F:0D:49:70:A0:A3
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368D410001B83C078094B4FAFB20140
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U7fhnCTO17QtwOEDL2uPDUlwoKM.roa
Signing time: Thu 02 Jul 2026 15:18:20 +0000
ROA not before: Thu 02 Jul 2026 15:18:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197200
IP address blocks: 81.5.141.0/24 maxlen: 24
82.152.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:d4:10:00:1b:83:c0:78:09:4b:4f:af:b2:01:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=53b7e19c24ced7b42dc0e1032f6b8f0d4970a0a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:14:84:90:bf:14:36:39:c9:3c:50:57:b7:93:
79:56:38:6e:bc:0a:1c:89:ba:fe:9a:30:10:0c:37:
7f:8b:7f:b4:1c:52:36:6b:52:3a:1f:7c:e5:8a:f3:
fd:b3:b4:da:f3:73:bc:65:b1:8d:8c:c0:09:72:59:
5d:a7:fd:1e:e7:30:6a:40:04:0a:40:6c:a8:a5:db:
de:71:4a:fd:23:64:cb:80:4b:ce:a3:77:d5:ea:e1:
20:a5:cc:01:b7:86:39:da:7b:b8:b5:2b:c8:14:a4:
a0:bf:04:61:ab:b5:4d:69:86:d0:3d:92:a5:d1:0c:
d2:ec:d7:b9:1e:5e:c5:eb:e7:17:ba:c4:35:a1:7c:
24:f4:05:33:f0:e8:c1:ea:f5:01:4a:e3:22:59:e0:
29:53:bf:5a:f4:61:f9:7c:8b:42:5a:82:f3:3c:5b:
26:d1:b9:ca:67:9d:ce:e8:6c:05:c4:e4:a6:5c:95:
8c:2e:86:70:2b:92:1b:54:5a:09:d7:47:4a:ca:4f:
bf:07:7b:a9:cd:40:8a:2e:28:0d:67:c2:42:b9:d3:
3d:3c:6c:94:52:9f:1e:1b:58:93:ce:75:75:8a:9a:
a9:a8:7f:64:2e:27:0b:b1:4c:41:c9:ec:a7:7c:44:
9d:67:90:8d:5e:a0:4a:18:a4:b0:1f:d4:08:b3:66:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B7:E1:9C:24:CE:D7:B4:2D:C0:E1:03:2F:6B:8F:0D:49:70:A0:A3
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U7fhnCTO17QtwOEDL2uPDUlwoKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.141.0/24
82.152.222.0/24
Signature Algorithm: sha256WithRSAEncryption
51:70:76:22:f8:d2:77:66:28:0a:f0:a7:12:38:74:0b:f2:7d:
18:6a:cb:3a:de:b2:9b:7b:ef:00:02:9a:aa:36:25:f2:30:90:
d1:2f:9b:23:51:53:28:4a:5b:bc:1b:65:bb:7c:6c:ae:8f:17:
51:45:aa:bf:40:02:47:f3:75:61:92:8b:f1:17:5c:1c:23:c5:
2d:08:a5:8c:3c:99:ca:52:ce:ad:1a:b0:b6:8e:fe:82:db:5c:
a8:77:4f:5a:32:fe:b5:3f:64:65:de:1b:fa:a4:b6:16:c0:e8:
49:0a:11:75:dc:21:8f:de:cb:3b:a1:2a:e4:6f:bc:62:7d:30:
48:95:63:d2:ff:ba:ca:aa:dd:61:3b:cc:2d:db:7c:a6:f5:48:
70:de:76:87:ba:a2:de:bb:7a:ad:26:2a:f2:e4:62:8c:de:3d:
8d:e8:82:03:dc:54:94:f1:35:b3:2f:f7:f6:b4:b4:03:eb:96:
7b:a3:2d:49:c9:47:aa:31:05:89:8d:c5:21:2e:f8:ab:3b:40:
b9:b2:4b:2d:c7:19:9d:f0:80:ea:a2:bf:50:16:bf:3c:56:05:
14:91:54:75:21:e0:46:a0:e0:a0:35:d6:dd:7e:2a:22:10:06:
0d:cc:37:e4:89:53:67:5c:cb:65:74:90:2d:71:1b:d0:55:b8:
f9:2a:76:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8jaNQQABuDwHgJS0+vsgFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2I3ZTE5YzI0Y2VkN2I0MmRjMGUxMDMyZjZiOGYwZDQ5NzBhMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRSEkL8UNjnJPFBXt5N5VjhuvAoc
ibr+mjAQDDd/i3+0HFI2a1I6H3zlivP9s7Ta83O8ZbGNjMAJclldp/0e5zBqQAQK
QGyopdvecUr9I2TLgEvOo3fV6uEgpcwBt4Y52nu4tSvIFKSgvwRhq7VNaYbQPZKl
0QzS7Ne5Hl7F6+cXusQ1oXwk9AUz8OjB6vUBSuMiWeApU79a9GH5fItCWoLzPFsm
0bnKZ53O6GwFxOSmXJWMLoZwK5IbVFoJ10dKyk+/B3upzUCKLigNZ8JCudM9PGyU
Up8eG1iTznV1ipqpqH9kLicLsUxByeynfESdZ5CNXqBKGKSwH9QIs2bSNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFO34Zwkzte0LcDhAy9rjw1JcKCjMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTdmaG5DVE8xN1F0d09FREwydVBEVWx3b0tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUQWNAwQA
UpjeMA0GCSqGSIb3DQEBCwUAA4IBAQBRcHYi+NJ3ZigK8KcSOHQL8n0Yass63rKb
e+8AApqqNiXyMJDRL5sjUVMoSlu8G2W7fGyujxdRRaq/QAJH83VhkovxF1wcI8Ut
CKWMPJnKUs6tGrC2jv6C21yod09aMv61P2Rl3hv6pLYWwOhJChF13CGP3ss7oSrk
b7xifTBIlWPS/7rKqt1hO8wt23ym9Uhw3naHuqLeu3qtJiry5GKM3j2N6IID3FSU
8TWzL/f2tLQD65Z7oy1JyUeqMQWJjcUhLvirO0C5skstxxmd8IDqor9QFr88VgUU
kVR1IeBGoOCgNdbdfioiEAYNzDfkiVNnXMtldJAtcRvQVbj5KnY7
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:56 2026 by rpki-client