
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h8JTVjucnRFWaQ_Phf7CeTdsv9s.roa
File: h8JTVjucnRFWaQ_Phf7CeTdsv9s.roa (raw, json)
Hash identifier: E0Lxg3s5KEtGsRcUV4ecw+fscIqkT2CP4vQzVCwu44M=
Subject key identifier: 87:C2:53:56:3B:9C:9D:11:56:69:0F:CF:85:FE:C2:79:37:6C:BF:DB
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F23691A00533287721AE0A917FB2F983A
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h8JTVjucnRFWaQ_Phf7CeTdsv9s.roa
Signing time: Thu 02 Jul 2026 15:18:38 +0000
ROA not before: Thu 02 Jul 2026 15:18:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 270158
IP address blocks: 82.152.133.0/24 maxlen: 24
82.152.138.0/24 maxlen: 24
82.152.139.0/24 maxlen: 24
82.153.2.0/24 maxlen: 24
82.153.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:1a:00:53:32:87:72:1a:e0:a9:17:fb:2f:98:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=87c253563b9c9d1156690fcf85fec279376cbfdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a1:eb:66:cf:b3:c8:31:f3:5a:5f:ca:58:74:
22:ce:4b:89:b4:5f:1a:df:44:ba:91:35:2f:70:75:
c7:71:37:2a:df:ad:35:ea:59:ba:12:0e:19:20:a2:
59:34:85:63:72:b6:65:da:c3:17:31:4c:71:04:c9:
92:f4:44:04:81:1d:8e:26:52:c4:94:51:66:e1:1c:
1a:49:03:fb:bb:db:1b:6d:a2:0c:17:3e:0c:01:2b:
a0:70:47:9e:8f:3c:ce:55:b1:8f:be:79:b0:95:d2:
9d:d8:43:e8:b8:8e:6a:de:6f:e7:70:90:0b:c5:b1:
9e:7c:10:4a:f1:6a:74:0f:a3:bd:6a:07:65:48:1b:
09:ea:8c:10:f8:5e:85:a8:65:ad:e9:4e:75:0e:d4:
29:91:05:3a:88:ef:d7:ee:3d:85:01:79:15:61:fe:
e7:cc:f0:e4:8c:af:75:4b:85:04:83:09:f5:dc:c3:
32:74:47:39:73:d7:c1:3c:81:57:5e:2e:af:00:b9:
a8:0b:0b:db:93:30:03:33:cd:47:a2:54:cf:4a:54:
c2:92:5c:e2:5d:a9:82:a1:f4:bf:1a:fa:11:88:7b:
fe:75:cd:1e:0e:b9:99:ae:0d:28:c6:07:c3:9f:7b:
69:d1:bb:bf:08:0a:50:dd:0c:14:29:e4:33:dd:05:
1b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C2:53:56:3B:9C:9D:11:56:69:0F:CF:85:FE:C2:79:37:6C:BF:DB
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h8JTVjucnRFWaQ_Phf7CeTdsv9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.133.0/24
82.152.138.0/23
82.153.2.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:d0:f5:5f:6a:ee:b8:08:36:82:26:36:e4:9d:6d:a4:9c:a7:
77:d3:4a:c5:72:70:e0:25:1e:5a:1b:52:87:45:5c:43:4b:91:
ff:48:3d:22:f2:ca:7e:54:db:c1:7e:5e:2b:95:4b:e0:9f:39:
1b:22:6f:bc:e6:09:f4:77:4a:8a:20:77:37:32:76:dd:23:f3:
16:b3:6e:7c:bb:b2:3f:e3:97:9c:14:d5:8c:86:f7:97:07:e2:
37:9e:a8:77:03:2f:d0:a2:d9:35:45:61:2b:95:67:b5:85:fe:
db:b1:4d:e4:d0:ff:be:42:17:21:cd:37:f8:b5:6d:54:f3:d6:
97:8d:b5:db:1c:04:89:f0:96:24:80:c5:3b:03:15:c0:0d:37:
27:f8:24:a4:55:da:42:e0:17:9c:a0:e4:e0:a1:d2:12:24:4a:
ae:bd:19:7c:4f:b9:96:07:a2:b6:e9:a5:78:04:23:21:b8:4d:
27:24:9b:29:5e:55:c5:78:c7:71:73:85:50:25:96:da:5e:92:
a7:e1:e6:dc:2d:51:4f:8b:f0:50:32:f9:5c:04:93:21:2e:22:
44:25:4f:02:be:49:e8:2f:89:8e:38:b2:89:8f:5f:e6:5d:11:
cf:97:ea:4d:08:63:5d:38:fa:10:b1:83:6c:07:29:4d:40:99:
b3:6e:8f:cc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8jaRoAUzKHchrgqRf7L5g6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2MyNTM1NjNiOWM5ZDExNTY2OTBmY2Y4NWZlYzI3OTM3NmNiZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6HrZs+zyDHzWl/KWHQizkuJtF8a
30S6kTUvcHXHcTcq36016lm6Eg4ZIKJZNIVjcrZl2sMXMUxxBMmS9EQEgR2OJlLE
lFFm4RwaSQP7u9sbbaIMFz4MASugcEeejzzOVbGPvnmwldKd2EPouI5q3m/ncJAL
xbGefBBK8Wp0D6O9agdlSBsJ6owQ+F6FqGWt6U51DtQpkQU6iO/X7j2FAXkVYf7n
zPDkjK91S4UEgwn13MMydEc5c9fBPIFXXi6vALmoCwvbkzADM81HolTPSlTCklzi
XamCofS/GvoRiHv+dc0eDrmZrg0oxgfDn3tp0bu/CApQ3QwUKeQz3QUbEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfCU1Y7nJ0RVmkPz4X+wnk3bL/bMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaDhKVFZqdWNuUkZXYVFfUGhmN0NlVGRzdjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiFAwQB
UpiKAwQBUpkCMA0GCSqGSIb3DQEBCwUAA4IBAQAN0PVfau64CDaCJjbknW2knKd3
00rFcnDgJR5aG1KHRVxDS5H/SD0i8sp+VNvBfl4rlUvgnzkbIm+85gn0d0qKIHc3
MnbdI/MWs258u7I/45ecFNWMhveXB+I3nqh3Ay/Qotk1RWErlWe1hf7bsU3k0P++
QhchzTf4tW1U89aXjbXbHASJ8JYkgMU7AxXADTcn+CSkVdpC4BecoOTgodISJEqu
vRl8T7mWB6K26aV4BCMhuE0nJJspXlXFeMdxc4VQJZbaXpKn4ebcLVFPi/BQMvlc
BJMhLiJEJU8CvknoL4mOOLKJj1/mXRHPl+pNCGNdOPoQsYNsBylNQJmzbo/M
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:19:29 2026 by rpki-client