
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bukuY6-GahnZgzE8JDfXPffWTdw.roa
File: bukuY6-GahnZgzE8JDfXPffWTdw.roa (raw, json)
Hash identifier: dybgu+bmTj7oRtNil1pS3/o0OX+3te0kHq0z3ay4mXg=
Subject key identifier: 6E:E9:2E:63:AF:86:6A:19:D9:83:31:3C:24:37:D7:3D:F7:D6:4D:DC
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368E1A7AAA12C10423BB48092A06AE7
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bukuY6-GahnZgzE8JDfXPffWTdw.roa
Signing time: Thu 02 Jul 2026 15:18:23 +0000
ROA not before: Thu 02 Jul 2026 15:18:23 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202736
IP address blocks: 82.152.114.0/24 maxlen: 24
82.152.143.0/24 maxlen: 24
82.152.186.0/24 maxlen: 24
82.153.114.0/24 maxlen: 24
82.153.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:e1:a7:aa:a1:2c:10:42:3b:b4:80:92:a0:6a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:23 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ee92e63af866a19d983313c2437d73df7d64ddc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:da:a0:93:f3:28:24:35:a1:2b:34:da:67:0c:
68:c1:c1:af:86:27:46:0e:c2:5a:eb:f1:44:3e:0b:
e4:24:57:c8:8c:6c:72:61:4e:a0:28:b9:e4:e3:3f:
de:a2:a5:17:11:33:0b:85:29:e3:70:0a:55:07:fb:
b2:ad:94:37:ed:99:2f:fd:a3:b8:9e:8a:f2:c8:51:
75:db:8c:98:88:5a:bf:93:df:42:77:f7:a0:2f:7d:
cf:fd:45:47:8f:52:2b:93:04:cc:9d:a1:70:49:a1:
0c:b2:fc:93:9e:83:c2:85:cb:3d:43:2b:ef:1b:61:
8e:98:8e:7a:da:83:0a:13:94:eb:67:cb:98:5c:0b:
b2:39:ba:47:20:ea:0a:ba:0d:d5:ce:9b:bf:05:b8:
53:30:08:bc:56:17:8f:0e:9f:26:7e:18:47:f5:57:
fd:05:f6:2b:be:a1:bd:36:e1:14:a9:00:f5:9a:ce:
14:6a:4d:44:da:0d:5d:42:64:b3:46:c2:d5:f5:cf:
db:86:98:fa:4d:dc:e3:05:68:62:d5:c0:d6:2d:44:
4d:86:49:3e:d4:f9:df:dc:c5:37:c3:ec:5f:58:99:
d3:e0:0a:56:ae:4d:aa:d2:2e:52:1f:c1:a3:90:6d:
48:80:bf:7f:9d:d7:c6:1d:05:de:ff:84:74:10:cf:
00:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E9:2E:63:AF:86:6A:19:D9:83:31:3C:24:37:D7:3D:F7:D6:4D:DC
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bukuY6-GahnZgzE8JDfXPffWTdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.114.0/24
82.152.143.0/24
82.152.186.0/24
82.153.114.0/24
82.153.212.0/24
Signature Algorithm: sha256WithRSAEncryption
26:01:bb:3e:8b:78:d6:74:f4:49:c1:f7:6b:84:8b:a1:c2:18:
39:c2:ca:5c:97:37:73:fa:c7:c0:a2:e1:4a:99:58:1a:60:75:
55:f2:18:95:38:6e:77:92:fd:5d:a3:61:91:06:47:92:0d:82:
67:53:74:2b:50:1e:8d:51:03:b0:0a:06:14:96:c6:a9:d5:e0:
33:85:6a:36:3f:80:70:90:33:b1:ab:af:45:e0:f6:e9:85:c3:
fb:0d:48:14:98:61:99:b8:9a:45:6e:ae:14:3c:84:b8:ce:67:
8d:0d:ed:9a:bd:a7:55:44:34:bb:bd:ea:7b:94:2d:83:35:0a:
2e:3a:4f:5a:48:9b:b4:52:f2:15:8f:73:8f:37:dd:ee:c9:aa:
b6:f7:3c:72:00:68:62:63:26:27:7d:f3:a3:8e:60:7e:e1:d6:
1c:55:10:bd:c9:81:02:bf:f3:2f:74:e2:4b:11:26:dc:35:c8:
ac:7a:7b:ba:67:85:1e:7d:b8:60:d4:f2:d5:11:0a:cc:8f:58:
e1:79:72:fb:0b:b2:cc:ad:fd:0b:44:db:43:2e:42:6b:50:1d:
a1:c2:fe:c9:65:c3:4d:82:32:50:ae:70:ff:ae:d2:13:24:48:
47:7b:fc:53:05:63:90:49:62:42:a3:30:af:fc:b2:64:e6:d2:
33:3a:96:5c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ8jaOGnqqEsEEI7tICSoGrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU5MmU2M2FmODY2YTE5ZDk4MzMxM2MyNDM3ZDczZGY3ZDY0ZGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNqgk/MoJDWhKzTaZwxowcGvhidG
DsJa6/FEPgvkJFfIjGxyYU6gKLnk4z/eoqUXETMLhSnjcApVB/uyrZQ37Zkv/aO4
noryyFF124yYiFq/k99Cd/egL33P/UVHj1IrkwTMnaFwSaEMsvyTnoPChcs9Qyvv
G2GOmI562oMKE5TrZ8uYXAuyObpHIOoKug3Vzpu/BbhTMAi8VhePDp8mfhhH9Vf9
BfYrvqG9NuEUqQD1ms4Uak1E2g1dQmSzRsLV9c/bhpj6TdzjBWhi1cDWLURNhkk+
1Pnf3MU3w+xfWJnT4ApWrk2q0i5SH8GjkG1IgL9/ndfGHQXe/4R0EM8AEQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG7pLmOvhmoZ2YMxPCQ31z331k3cMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYnVrdVk2LUdhaG5aZ3pFOEpEZlhQZmZXVGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUphyAwQA
UpiPAwQAUpi6AwQAUplyAwQAUpnUMA0GCSqGSIb3DQEBCwUAA4IBAQAmAbs+i3jW
dPRJwfdrhIuhwhg5wspclzdz+sfAouFKmVgaYHVV8hiVOG53kv1do2GRBkeSDYJn
U3QrUB6NUQOwCgYUlsap1eAzhWo2P4BwkDOxq69F4PbphcP7DUgUmGGZuJpFbq4U
PIS4zmeNDe2avadVRDS7vep7lC2DNQouOk9aSJu0UvIVj3OPN93uyaq29zxyAGhi
YyYnffOjjmB+4dYcVRC9yYECv/MvdOJLESbcNcisenu6Z4Uefbhg1PLVEQrMj1jh
eXL7C7LMrf0LRNtDLkJrUB2hwv7JZcNNgjJQrnD/rtITJEhHe/xTBWOQSWJCozCv
/LJk5tIzOpZc
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:12 2026 by rpki-client