
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h4ohMtCyih7r2JiGgVwsBaRkoTs.roa
File: h4ohMtCyih7r2JiGgVwsBaRkoTs.roa (raw, json)
Hash identifier: vmahCng7UxYx4jlUWSh57GtKfBBUCrA72EJqcuj6R5U=
Subject key identifier: 87:8A:21:32:D0:B2:8A:1E:EB:D8:98:86:81:5C:2C:05:A4:64:A1:3B
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2369209C48A0DE7CE583D2BB25D85204
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h4ohMtCyih7r2JiGgVwsBaRkoTs.roa
Signing time: Thu 02 Jul 2026 15:18:39 +0000
ROA not before: Thu 02 Jul 2026 15:18:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400031
IP address blocks: 82.152.140.0/24 maxlen: 24
82.152.179.0/24 maxlen: 24
82.153.35.0/24 maxlen: 24
82.153.134.0/24 maxlen: 24
82.153.207.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.114.0/24 maxlen: 24
89.213.117.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:20:9c:48:a0:de:7c:e5:83:d2:bb:25:d8:52:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=878a2132d0b28a1eebd89886815c2c05a464a13b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:40:43:da:ee:ad:88:07:0b:2c:9e:05:25:
c9:41:b9:e8:2a:7d:02:b2:ab:af:7b:d9:84:a9:5d:
59:ea:8f:bb:cc:91:a7:80:1d:2b:1f:21:c2:d0:9b:
45:4b:07:54:4d:de:83:74:0e:51:fb:f5:b5:e5:a6:
39:22:d9:c9:4a:53:b8:ff:24:7d:8c:6e:8c:6a:72:
7c:c8:1a:1a:fa:cd:78:72:95:68:f6:93:48:d0:a1:
85:28:a6:9c:03:4a:c1:e6:f9:5b:72:9e:b6:8f:4d:
21:43:dd:44:97:a7:45:3a:a4:95:90:a0:7c:92:f0:
a2:a4:b0:30:d6:a5:f5:3b:68:25:b9:b0:9c:22:94:
0d:0c:32:7f:96:5b:a2:4c:ed:ad:11:ab:a5:f0:bb:
55:13:56:b0:6e:a8:ee:ed:b5:57:04:b0:78:b4:42:
98:26:42:50:43:c6:d4:1a:e3:e7:24:6f:02:48:19:
44:84:0a:45:66:34:50:3b:6b:53:bd:02:e2:59:07:
04:16:22:90:dd:66:7a:fb:91:5c:49:63:8f:1e:af:
ea:9f:bf:c8:30:f5:8c:57:a0:ae:90:89:e1:98:b1:
a6:9b:f6:9d:a0:62:17:70:09:8e:5c:b3:20:68:cf:
fa:8f:23:bd:5d:05:6a:39:77:84:b2:2b:e1:3d:d0:
23:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:8A:21:32:D0:B2:8A:1E:EB:D8:98:86:81:5C:2C:05:A4:64:A1:3B
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h4ohMtCyih7r2JiGgVwsBaRkoTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.140.0/24
82.152.179.0/24
82.153.35.0/24
82.153.134.0/24
82.153.207.0/24
82.153.217.0/24
82.153.255.0/24
89.213.50.0/23
89.213.112.0/24
89.213.114.0/24
89.213.117.0/24
89.213.121.0/24
89.213.127.0/24
Signature Algorithm: sha256WithRSAEncryption
45:58:e5:4d:dc:15:84:8c:c7:e3:2f:63:98:e0:1f:0d:53:85:
6e:cf:79:71:4e:75:56:36:48:9c:6a:90:c8:c2:e0:88:1c:ab:
89:ab:2d:62:b6:da:6b:df:92:c7:ce:4c:4d:25:73:fa:42:9e:
fc:d4:04:03:13:e5:f1:e9:4d:4a:3f:dd:41:b2:e8:01:95:95:
2f:84:e9:36:08:72:15:6d:ca:07:aa:74:f1:a3:2b:98:1e:f1:
75:92:60:22:f7:84:52:3b:2d:0c:c1:b5:35:f6:99:41:3d:07:
02:63:f6:c9:d0:a3:d3:24:e9:e7:2e:7d:e1:3c:ab:2a:43:eb:
39:b5:ad:af:da:56:91:be:48:bf:c9:bf:28:b7:5e:ac:db:cf:
3c:6f:b8:f7:24:f7:59:0a:04:44:e8:98:a7:ea:c1:81:09:bf:
6a:4c:ee:38:cf:87:ef:f4:23:10:cd:9d:d6:9c:15:be:75:5a:
f2:09:48:db:13:62:4d:77:d1:27:7c:7f:79:ae:ca:9a:4f:ef:
8a:a1:98:8d:82:13:1b:99:24:10:c2:6d:f8:40:8a:ab:9a:f2:
c9:3a:0b:d4:e9:d6:00:84:a2:e5:09:63:53:e9:8e:56:3d:3f:
8c:2c:d5:a0:5e:72:d7:43:a9:ba:c2:d6:04:a4:b4:c2:59:ff:
7c:4d:27:17
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ8jaSCcSKDefOWD0rsl2FIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzhhMjEzMmQwYjI4YTFlZWJkODk4ODY4MTVjMmMwNWE0NjRhMTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF1AQ9rurYgHCyyeBSXJQbnoKn0C
squve9mEqV1Z6o+7zJGngB0rHyHC0JtFSwdUTd6DdA5R+/W15aY5ItnJSlO4/yR9
jG6ManJ8yBoa+s14cpVo9pNI0KGFKKacA0rB5vlbcp62j00hQ91El6dFOqSVkKB8
kvCipLAw1qX1O2glubCcIpQNDDJ/lluiTO2tEaul8LtVE1awbqju7bVXBLB4tEKY
JkJQQ8bUGuPnJG8CSBlEhApFZjRQO2tTvQLiWQcEFiKQ3WZ6+5FcSWOPHq/qn7/I
MPWMV6CukInhmLGmm/adoGIXcAmOXLMgaM/6jyO9XQVqOXeEsivhPdAjkwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIeKITLQsooe69iYhoFcLAWkZKE7MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaDRvaE10Q3lpaDdyMkppR2dWd3NCYVJrb1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAUpiMAwQA
UpizAwQAUpkjAwQAUpmGAwQAUpnPAwQAUpnZAwQAUpn/AwQBWdUyAwQAWdVwAwQA
WdVyAwQAWdV1AwQAWdV5AwQAWdV/MA0GCSqGSIb3DQEBCwUAA4IBAQBFWOVN3BWE
jMfjL2OY4B8NU4Vuz3lxTnVWNkicapDIwuCIHKuJqy1ittpr35LHzkxNJXP6Qp78
1AQDE+Xx6U1KP91BsugBlZUvhOk2CHIVbcoHqnTxoyuYHvF1kmAi94RSOy0MwbU1
9plBPQcCY/bJ0KPTJOnnLn3hPKsqQ+s5ta2v2laRvki/yb8ot16s2888b7j3JPdZ
CgRE6Jin6sGBCb9qTO44z4fv9CMQzZ3WnBW+dVryCUjbE2JNd9EnfH95rsqaT++K
oZiNghMbmSQQwm34QIqrmvLJOgvU6dYAhKLlCWNT6Y5WPT+MLNWgXnLXQ6m6wtYE
pLTCWf98TScX
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:18:33 2026 by rpki-client