
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lH0X9j9rx5e0v03iM4GhYN0anPg.roa
File: lH0X9j9rx5e0v03iM4GhYN0anPg.roa (raw, json)
Hash identifier: 2fS2ahCz4+T+ZVE5lt01G90ToJw54LeM3GqezkOqW38=
Subject key identifier: 94:7D:17:F6:3F:6B:C7:97:B4:BF:4D:E2:33:81:A1:60:DD:1A:9C:F8
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F23692582F9E834B9D93DD5DB5796673E
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lH0X9j9rx5e0v03iM4GhYN0anPg.roa
Signing time: Thu 02 Jul 2026 15:18:41 +0000
ROA not before: Thu 02 Jul 2026 15:18:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402343
IP address blocks: 81.168.104.0/24 maxlen: 24
82.153.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:25:82:f9:e8:34:b9:d9:3d:d5:db:57:96:67:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=947d17f63f6bc797b4bf4de23381a160dd1a9cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f5:f8:71:21:d1:d4:76:42:4c:10:3d:fa:e3:
b5:c4:40:3c:21:ad:26:30:88:ce:7e:49:86:31:f4:
76:d1:d4:ee:e9:25:14:af:e4:92:7b:83:58:f8:99:
ec:e4:d8:42:97:53:93:6e:bd:39:f3:5e:37:8a:79:
e5:43:71:d6:01:56:ce:ed:f0:9f:14:4b:17:cd:52:
14:5d:26:a6:a3:7b:67:be:64:a8:d4:2f:88:4e:27:
3d:98:bf:6e:2d:c3:96:99:3e:76:cb:d4:3b:40:1e:
4e:45:e6:86:7d:f4:f8:3b:2e:12:dd:24:d3:0e:9f:
e7:24:5a:df:40:48:8e:45:a8:60:f7:9d:a2:7b:55:
6f:aa:aa:9f:45:e8:85:c3:ca:d6:c5:56:6e:82:c0:
6c:69:19:14:cf:24:aa:e9:80:2a:48:a2:c6:b2:57:
41:15:ab:7f:e2:8a:22:c5:28:c5:26:35:50:5c:12:
e7:6f:e1:46:54:4d:08:bf:62:56:1c:f7:b5:b6:5d:
bd:ac:a2:1f:64:de:36:26:a9:21:83:f3:a9:97:13:
c3:94:9a:ee:57:55:09:f4:a6:b1:c7:8f:12:5c:e2:
a2:c7:fd:fa:36:a8:10:8a:8e:81:1b:91:0f:54:b4:
19:63:3e:31:33:3f:fc:68:60:a2:78:d4:6d:5a:36:
a3:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7D:17:F6:3F:6B:C7:97:B4:BF:4D:E2:33:81:A1:60:DD:1A:9C:F8
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lH0X9j9rx5e0v03iM4GhYN0anPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.104.0/24
82.153.101.0/24
Signature Algorithm: sha256WithRSAEncryption
73:84:06:25:a2:00:56:a1:ae:d2:f7:61:73:16:a6:a9:3f:31:
81:c4:78:d9:38:b1:41:46:12:b8:fb:70:8d:43:9e:ce:fc:72:
72:65:78:a6:5d:c7:be:1f:5b:e5:73:04:42:b7:2c:2c:5e:38:
97:e0:a9:64:7d:98:8c:5b:30:02:6b:08:74:95:3e:f4:c0:71:
4b:e9:e6:14:93:75:a3:6f:1d:64:a1:fc:90:fe:ac:12:a7:e9:
67:5a:59:2b:26:d8:78:c7:ef:8d:3c:fe:0e:98:96:8b:bd:b6:
f6:80:47:4a:d9:a7:23:36:c5:f3:7e:6f:67:61:88:3b:f8:79:
86:66:28:a2:3d:44:60:79:12:05:b1:7c:c1:f3:98:d6:b8:5e:
2c:a8:7a:78:ae:33:82:a1:de:e2:7c:dc:ff:cb:87:d4:27:3f:
39:c6:d8:da:1d:da:78:a5:f2:59:9e:4e:4f:b4:a5:96:68:a7:
bf:6e:9c:bd:4a:c2:a7:af:8c:fd:d6:ce:40:87:b1:f4:55:55:
28:6a:f6:f1:c6:59:f1:8c:ff:6a:f4:c8:c2:7b:1b:9f:83:d0:
e7:3f:f9:7e:7d:56:98:f6:31:03:1b:3c:34:b1:33:a3:5f:1c:
40:cc:8b:dc:ca:33:8c:f3:63:26:8e:02:3d:bb:ad:d0:c8:34:
50:98:5c:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8jaSWC+eg0udk91dtXlmc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDdkMTdmNjNmNmJjNzk3YjRiZjRkZTIzMzgxYTE2MGRkMWE5Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/X4cSHR1HZCTBA9+uO1xEA8Ia0m
MIjOfkmGMfR20dTu6SUUr+SSe4NY+Jns5NhCl1OTbr058143innlQ3HWAVbO7fCf
FEsXzVIUXSamo3tnvmSo1C+ITic9mL9uLcOWmT52y9Q7QB5OReaGffT4Oy4S3STT
Dp/nJFrfQEiORahg952ie1VvqqqfReiFw8rWxVZugsBsaRkUzySq6YAqSKLGsldB
Fat/4ooixSjFJjVQXBLnb+FGVE0Iv2JWHPe1tl29rKIfZN42Jqkhg/OplxPDlJru
V1UJ9Kaxx48SXOKix/36NqgQio6BG5EPVLQZYz4xMz/8aGCieNRtWjajkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJR9F/Y/a8eXtL9N4jOBoWDdGpz4MB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEgwWDlqOXJ4NWUwdjAzaU00R2hZTjBhblBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUahoAwQA
UpllMA0GCSqGSIb3DQEBCwUAA4IBAQBzhAYlogBWoa7S92FzFqapPzGBxHjZOLFB
RhK4+3CNQ57O/HJyZXimXce+H1vlcwRCtywsXjiX4KlkfZiMWzACawh0lT70wHFL
6eYUk3Wjbx1kofyQ/qwSp+lnWlkrJth4x++NPP4OmJaLvbb2gEdK2acjNsXzfm9n
YYg7+HmGZiiiPURgeRIFsXzB85jWuF4sqHp4rjOCod7ifNz/y4fUJz85xtjaHdp4
pfJZnk5PtKWWaKe/bpy9SsKnr4z91s5Ah7H0VVUoavbxxlnxjP9q9MjCexufg9Dn
P/l+fVaY9jEDGzw0sTOjXxxAzIvcyjOM82MmjgI9u63QyDRQmFxU
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:16:50 2026 by rpki-client