
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZPTMzJZsUM9zh0Ea3OcJlUs51E.roa
File: hZPTMzJZsUM9zh0Ea3OcJlUs51E.roa (raw, json)
Hash identifier: IyoEijAxyNimb1iupLMpJSJpALqFgfa8x7JOQgWboFg=
Subject key identifier: 85:93:D3:33:32:59:B1:43:3D:CE:1D:04:6B:73:9C:26:55:2C:E7:51
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F23691AAE8814086A6FC824A6FF82BCB4
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZPTMzJZsUM9zh0Ea3OcJlUs51E.roa
Signing time: Thu 02 Jul 2026 15:18:38 +0000
ROA not before: Thu 02 Jul 2026 15:18:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 270176
IP address blocks: 89.213.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:1a:ae:88:14:08:6a:6f:c8:24:a6:ff:82:bc:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8593d3333259b1433dce1d046b739c26552ce751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:3b:69:91:c9:e7:6b:ff:a1:cd:17:90:83:
88:ba:ec:ff:bd:f5:89:38:52:db:71:ab:67:08:1b:
4f:73:14:3f:e3:b0:7c:48:b9:bf:19:b7:ad:07:5d:
44:b9:70:37:1c:28:bd:26:0d:67:f1:5f:9c:17:8e:
40:5c:72:c9:a2:f2:02:04:b3:93:cd:18:77:d9:45:
77:76:60:56:69:ab:3d:db:4e:ab:d1:59:fb:ec:7c:
06:ef:c4:6f:c0:8e:fb:6c:12:28:b1:bd:2e:74:af:
7d:1e:6e:90:90:ec:58:bf:9d:fb:ad:0f:e7:3b:d1:
7b:e4:a8:ee:a9:ed:fa:7e:4e:72:47:0c:78:c7:87:
67:1b:c9:78:15:fa:db:44:5b:ba:01:bd:1e:a3:ab:
ed:ca:ef:03:f7:a6:61:17:11:be:60:81:a4:ec:6e:
9b:bb:b2:94:01:3a:30:f3:28:4d:e1:a3:b0:ca:34:
41:3d:c0:a0:2f:c1:85:8a:a2:f2:da:3f:8f:64:e2:
3b:2c:24:a9:e4:7c:7e:12:ca:01:3d:77:d9:e9:cb:
d5:b2:31:45:c4:6b:ea:0f:c5:ad:3a:b4:08:15:69:
31:da:b2:9c:9e:a6:e2:8e:25:77:75:89:ea:15:34:
4d:88:04:85:66:a0:0a:af:74:b0:21:45:1f:7e:32:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:93:D3:33:32:59:B1:43:3D:CE:1D:04:6B:73:9C:26:55:2C:E7:51
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZPTMzJZsUM9zh0Ea3OcJlUs51E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.106.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e0:b3:c9:a1:d3:77:d4:56:34:71:7e:21:eb:9e:36:4f:75:
47:8c:25:bd:d4:e5:a1:e2:34:16:73:18:37:b7:f2:5a:5d:ff:
99:bd:84:3f:81:ee:f5:5e:99:8b:e4:57:5f:dd:5a:93:7a:e3:
74:17:a8:ed:4f:11:4b:82:dd:b1:ed:7c:07:f6:2e:0f:6f:85:
d7:8a:9d:8e:4e:f6:6a:1f:3d:c0:b3:ec:d8:d7:ea:b0:41:a9:
73:e5:32:73:71:84:82:e0:9f:99:fb:6f:8d:d1:b1:01:f0:32:
68:7b:f3:2d:14:ec:35:18:e1:43:0c:25:cc:d1:79:aa:05:b5:
da:41:0e:4b:0b:64:dc:31:82:41:a1:53:40:b1:f0:87:67:87:
dd:f5:d4:ae:32:9e:54:9e:9b:83:9f:ec:3f:f3:7a:48:de:cb:
52:f4:b7:5f:ee:cf:bd:8a:bd:8d:75:f3:a0:41:6e:52:85:0d:
bf:67:61:e3:8d:9b:ab:e7:04:25:ab:e2:2a:fd:16:47:e2:82:
9a:15:4e:4e:17:a8:85:c3:29:0e:e3:a8:71:4b:e3:ca:d9:16:
61:b5:a0:ac:94:19:cc:0b:bb:29:00:2b:77:49:24:c6:ca:59:
7a:4a:6d:06:45:7d:5e:50:6b:8e:59:76:1c:37:27:9b:09:66:
97:fb:ce:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ8jaRquiBQIam/IJKb/gry0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTkzZDMzMzMyNTliMTQzM2RjZTFkMDQ2YjczOWMyNjU1MmNlNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPU7aZHJ52v/oc0XkIOIuuz/vfWJ
OFLbcatnCBtPcxQ/47B8SLm/GbetB11EuXA3HCi9Jg1n8V+cF45AXHLJovICBLOT
zRh32UV3dmBWaas9206r0Vn77HwG78RvwI77bBIosb0udK99Hm6QkOxYv537rQ/n
O9F75Kjuqe36fk5yRwx4x4dnG8l4FfrbRFu6Ab0eo6vtyu8D96ZhFxG+YIGk7G6b
u7KUATow8yhN4aOwyjRBPcCgL8GFiqLy2j+PZOI7LCSp5Hx+EsoBPXfZ6cvVsjFF
xGvqD8WtOrQIFWkx2rKcnqbijiV3dYnqFTRNiASFZqAKr3SwIUUffjIb2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWT0zMyWbFDPc4dBGtznCZVLOdRMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFpQVE16SlpzVU05emgwRWEzT2NKbFVzNTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdVqMA0G
CSqGSIb3DQEBCwUAA4IBAQCD4LPJodN31FY0cX4h6542T3VHjCW91OWh4jQWcxg3
t/JaXf+ZvYQ/ge71XpmL5Fdf3VqTeuN0F6jtTxFLgt2x7XwH9i4Pb4XXip2OTvZq
Hz3As+zY1+qwQalz5TJzcYSC4J+Z+2+N0bEB8DJoe/MtFOw1GOFDDCXM0XmqBbXa
QQ5LC2TcMYJBoVNAsfCHZ4fd9dSuMp5UnpuDn+w/83pI3stS9Ldf7s+9ir2NdfOg
QW5ShQ2/Z2HjjZur5wQlq+Iq/RZH4oKaFU5OF6iFwykO46hxS+PK2RZhtaCslBnM
C7spACt3SSTGyll6Sm0GRX1eUGuOWXYcNyebCWaX+86O
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:21:52 2026 by rpki-client