
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_5IfhFnKm23PsnsMkJ03QbZcYlQ.roa
File: _5IfhFnKm23PsnsMkJ03QbZcYlQ.roa (raw, json)
Hash identifier: M1JAlJggmDOx3AQjDeSAeUnxLfch+VuC+IXEGBLxTNU=
Subject key identifier: FF:92:1F:84:59:CA:9B:6D:CF:B2:7B:0C:90:9D:37:41:B6:5C:62:54
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F236913969191A9FB6F9547910AB5D6B0
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_5IfhFnKm23PsnsMkJ03QbZcYlQ.roa
Signing time: Thu 02 Jul 2026 15:18:36 +0000
ROA not before: Thu 02 Jul 2026 15:18:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216138
IP address blocks: 82.152.114.0/24 maxlen: 24
82.152.143.0/24 maxlen: 24
82.152.186.0/24 maxlen: 24
82.153.114.0/24 maxlen: 24
82.153.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:13:96:91:91:a9:fb:6f:95:47:91:0a:b5:d6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff921f8459ca9b6dcfb27b0c909d3741b65c6254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:69:5c:12:cf:1c:ff:59:84:45:c0:3d:85:df:
0b:88:be:77:19:88:33:5c:3c:cc:ca:df:b1:a9:10:
10:52:57:8d:7f:48:10:a5:d5:12:9a:be:7b:94:b2:
4f:32:7e:49:60:04:eb:3e:dd:10:61:bb:30:f7:18:
54:a5:12:9a:23:2b:c1:a8:18:9b:92:9b:eb:f9:72:
f3:c3:1d:a5:fc:3e:19:c3:d1:76:67:76:01:38:c6:
bf:d5:8b:17:0f:a3:e9:c2:db:77:39:ec:e5:2f:2a:
ec:11:f0:21:62:fd:a6:ea:44:ac:58:59:59:29:86:
91:8b:83:78:9d:4b:ce:ac:2f:ac:62:30:09:5b:39:
f9:43:85:36:cd:a6:7c:2a:f9:ac:8e:23:4c:41:5a:
8b:79:be:e6:29:68:73:cf:57:a6:7f:9f:0d:ca:30:
e1:c2:a9:35:b6:3d:8c:f4:c0:4b:ef:f5:97:95:f0:
1a:3c:78:8f:e5:33:fc:3f:f5:61:42:8e:70:a5:78:
85:ec:76:4a:dd:46:20:7c:2f:af:1b:0c:9f:c9:da:
fc:58:7c:d1:1c:d2:c7:24:60:dc:22:11:d5:9e:fb:
20:dc:df:94:83:a6:05:f2:61:b8:7b:96:13:18:49:
9c:57:7b:5c:a9:b1:0d:52:08:fc:3a:85:5a:a5:9e:
a0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:92:1F:84:59:CA:9B:6D:CF:B2:7B:0C:90:9D:37:41:B6:5C:62:54
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_5IfhFnKm23PsnsMkJ03QbZcYlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.114.0/24
82.152.143.0/24
82.152.186.0/24
82.153.114.0/24
82.153.212.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e1:26:6d:05:3f:79:6a:c8:ff:02:98:c2:e0:ef:da:e5:81:
10:81:c3:23:20:86:83:f6:21:80:5f:c2:37:d7:c0:a0:fe:de:
0b:e4:5b:60:d7:d9:fc:25:04:5f:c4:21:bd:45:dc:f9:8c:ac:
3e:df:a6:71:1c:de:23:37:f2:5a:d5:c6:f0:8b:85:5c:cb:5c:
2c:7a:8b:e6:72:57:3c:1a:36:1c:56:e2:4a:d8:01:3b:f6:13:
1c:72:19:16:0b:90:2a:10:52:54:52:4c:5d:7a:56:db:fb:43:
f5:80:6a:87:6b:12:d4:8a:72:f6:a5:e3:2f:6a:53:a0:0e:2a:
42:ae:39:23:dd:ff:e2:1f:bb:d8:2d:ee:9e:de:6c:a5:9b:8f:
23:b5:c7:31:ba:79:7c:61:fa:92:9a:6e:1b:bf:52:a8:c1:d6:
43:84:f0:58:31:f3:57:b5:04:52:1b:9e:ea:0b:67:11:c6:0e:
46:c5:09:99:92:02:a7:50:fd:6f:ac:9d:6d:7a:92:e3:31:2a:
f3:be:fd:d2:80:ca:60:8b:c5:89:99:34:09:5e:77:11:80:9f:
dc:76:71:b9:bd:a5:c3:6d:12:7f:5a:f5:42:b8:e1:7b:58:43:
35:2d:9f:b4:42:df:c5:d5:ed:4c:d7:56:aa:51:a2:98:93:5b:
66:fd:ca:6b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8jaROWkZGp+2+VR5EKtdawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjkyMWY4NDU5Y2E5YjZkY2ZiMjdiMGM5MDlkMzc0MWI2NWM2MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGlcEs8c/1mERcA9hd8LiL53GYgz
XDzMyt+xqRAQUleNf0gQpdUSmr57lLJPMn5JYATrPt0QYbsw9xhUpRKaIyvBqBib
kpvr+XLzwx2l/D4Zw9F2Z3YBOMa/1YsXD6Ppwtt3OezlLyrsEfAhYv2m6kSsWFlZ
KYaRi4N4nUvOrC+sYjAJWzn5Q4U2zaZ8KvmsjiNMQVqLeb7mKWhzz1emf58NyjDh
wqk1tj2M9MBL7/WXlfAaPHiP5TP8P/VhQo5wpXiF7HZK3UYgfC+vGwyfydr8WHzR
HNLHJGDcIhHVnvsg3N+Ug6YF8mG4e5YTGEmcV3tcqbENUgj8OoVapZ6gRQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP+SH4RZypttz7J7DJCdN0G2XGJUMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzVJZmhGbkttMjNQc25zTWtKMDNRYlpjWWxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphyAwQA
UpiPAwQAUpi6AwQAUplyAwQAUpnUMA0GCSqGSIb3DQEBCwUAA4IBAQBV4SZtBT95
asj/ApjC4O/a5YEQgcMjIIaD9iGAX8I318Cg/t4L5Ftg19n8JQRfxCG9Rdz5jKw+
36ZxHN4jN/Ja1cbwi4Vcy1wseovmclc8GjYcVuJK2AE79hMcchkWC5AqEFJUUkxd
elbb+0P1gGqHaxLUinL2peMvalOgDipCrjkj3f/iH7vYLe6e3mylm48jtccxunl8
YfqSmm4bv1KowdZDhPBYMfNXtQRSG57qC2cRxg5GxQmZkgKnUP1vrJ1tepLjMSrz
vv3SgMpgi8WJmTQJXncRgJ/cdnG5vaXDbRJ/WvVCuOF7WEM1LZ+0Qt/F1e1M11aq
UaKYk1tm/cpr
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:19:01 2026 by rpki-client