
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qY9ej3ngvH6nr11LNW8qGLypN28.roa
File: qY9ej3ngvH6nr11LNW8qGLypN28.roa (raw, json)
Hash identifier: n+9tVf2FdSuiC8Hjgvi3AO3Fi+Pd20CyOZjjfVkLJ3Q=
Subject key identifier: A9:8F:5E:8F:79:E0:BC:7E:A7:AF:5D:4B:35:6F:2A:18:BC:A9:37:6F
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F2368B21461E6AB6F4CF0CD123607152B
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qY9ej3ngvH6nr11LNW8qGLypN28.roa
Signing time: Thu 02 Jul 2026 15:18:11 +0000
ROA not before: Thu 02 Jul 2026 15:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 77.93.136.0/24 maxlen: 24
77.93.138.0/23 maxlen: 24
77.107.95.0/24 maxlen: 24
81.168.58.0/24 maxlen: 24
81.168.63.0/24 maxlen: 24
81.168.65.0/24 maxlen: 24
81.168.87.0/24 maxlen: 24
81.168.96.0/24 maxlen: 24
81.168.105.0/24 maxlen: 24
81.168.125.0/24 maxlen: 24
82.152.1.0/24 maxlen: 24
82.152.11.0/24 maxlen: 24
82.152.102.0/24 maxlen: 24
82.152.117.0/24 maxlen: 24
82.152.118.0/24 maxlen: 24
109.176.91.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
213.210.48.0/23 maxlen: 24
217.144.145.0/24 maxlen: 24
217.144.156.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:68:b2:14:61:e6:ab:6f:4c:f0:cd:12:36:07:15:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a98f5e8f79e0bc7ea7af5d4b356f2a18bca9376f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a7:9e:9b:ce:41:0c:1b:4b:51:36:e8:01:a4:
38:ce:03:4b:38:66:13:e6:55:67:b4:73:a3:6f:9d:
43:d5:25:dc:0f:52:f3:6e:a3:81:1b:b1:69:50:c9:
af:88:04:0e:e7:f5:e0:72:37:19:a8:bb:ab:48:b2:
c7:c6:c2:b5:76:54:63:f1:79:2c:7c:c5:2e:ee:60:
cc:e5:ce:85:4c:d4:48:96:15:07:06:8e:6a:f9:6f:
76:dd:d3:87:f6:1d:b2:70:1d:ef:2b:d2:84:b4:54:
5e:88:a0:7b:f3:09:d8:0e:db:cc:32:29:65:be:db:
62:55:5e:23:16:14:28:d3:9e:ea:64:8b:da:e5:a1:
5b:a9:30:68:75:57:bd:b5:21:9a:04:62:12:a5:21:
00:83:b4:fd:70:f6:1a:73:10:6e:2f:a0:12:d4:fb:
15:cb:74:f0:7a:ca:96:83:7c:74:a2:85:7c:b1:4a:
14:7e:0e:c1:55:9c:33:f4:b1:e9:15:89:d4:41:8b:
a2:a8:58:a3:f7:59:47:49:3b:66:2b:92:df:a4:ff:
da:4d:fa:7f:c1:5d:b5:96:14:58:d6:93:9b:dc:f2:
a9:13:bb:40:39:2f:98:49:04:87:cc:af:1e:61:c4:
5e:00:67:15:aa:89:ad:68:2e:b7:16:48:c5:2c:58:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8F:5E:8F:79:E0:BC:7E:A7:AF:5D:4B:35:6F:2A:18:BC:A9:37:6F
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qY9ej3ngvH6nr11LNW8qGLypN28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.136.0/24
77.93.138.0/23
77.107.95.0/24
81.168.58.0/24
81.168.63.0/24
81.168.65.0/24
81.168.87.0/24
81.168.96.0/24
81.168.105.0/24
81.168.125.0/24
82.152.1.0/24
82.152.11.0/24
82.152.102.0/24
82.152.117.0-82.152.118.255
109.176.91.0/24
212.38.81.0/24
213.130.138.0/24
213.210.11.0/24
213.210.48.0/23
217.144.145.0/24
217.144.156.0/24
217.145.65.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c5:cf:e2:98:8e:bb:52:7f:b7:ad:bf:18:cf:07:3d:22:6b:
16:f7:fd:eb:96:ad:83:8f:88:88:e9:b1:24:b4:c2:fa:92:8d:
a0:f0:f7:ea:4f:57:45:f5:1c:43:59:c2:67:27:40:db:29:db:
1b:3b:b1:e4:9b:22:cf:87:b2:43:09:6d:5f:5c:cb:73:b1:b9:
0d:a5:78:17:8f:1a:5d:ff:ca:77:5c:5d:b3:f9:7f:1a:1e:46:
94:74:cb:24:b5:9d:3d:cb:d6:86:ba:13:56:1a:72:f7:1e:54:
f0:ec:13:30:15:a4:ac:d4:f2:ee:1c:2c:1f:aa:8c:f8:06:43:
69:04:90:38:33:fd:d4:db:b7:93:9a:24:30:d1:97:3f:cf:b3:
24:ca:aa:d2:8d:e5:49:b0:2c:dc:d5:bf:44:ed:62:2b:56:c2:
e3:80:16:df:ad:3c:5e:ab:9f:d4:f7:56:1f:27:f5:ed:5e:1d:
38:5c:10:5c:25:a0:3b:ec:f2:1d:a6:86:6d:9a:5b:16:dd:20:
dd:0c:47:b0:23:5d:a9:f0:86:02:33:b7:65:3c:aa:21:ee:03:
4e:d4:ef:d1:07:0b:da:90:87:4f:a2:e5:a0:80:2b:da:25:4e:
75:0b:d9:23:3e:91:b0:00:a2:97:46:d3:53:30:2e:1e:d8:a6:
09:60:1c:75
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ8jaLIUYearb0zwzRI2BxUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOThmNWU4Zjc5ZTBiYzdlYTdhZjVkNGIzNTZmMmExOGJjYTkzNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaeem85BDBtLUTboAaQ4zgNLOGYT
5lVntHOjb51D1SXcD1LzbqOBG7FpUMmviAQO5/XgcjcZqLurSLLHxsK1dlRj8Xks
fMUu7mDM5c6FTNRIlhUHBo5q+W923dOH9h2ycB3vK9KEtFReiKB78wnYDtvMMill
vttiVV4jFhQo057qZIva5aFbqTBodVe9tSGaBGISpSEAg7T9cPYacxBuL6AS1PsV
y3TwesqWg3x0ooV8sUoUfg7BVZwz9LHpFYnUQYuiqFij91lHSTtmK5LfpP/aTfp/
wV21lhRY1pOb3PKpE7tAOS+YSQSHzK8eYcReAGcVqomtaC63FkjFLFgeLQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFKmPXo954Lx+p69dSzVvKhi8qTdvMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcVk5ZWozbmd2SDZucjExTE5XOHFHTHlwTjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBABN
XYgDBAFNXYoDBABNa18DBABRqDoDBABRqD8DBABRqEEDBABRqFcDBABRqGADBABR
qGkDBABRqH0DBABSmAEDBABSmAsDBABSmGYwDAMEAFKYdQMEAFKYdgMEAG2wWwME
ANQmUQMEANWCigMEANXSCwMEAdXSMAMEANmQkQMEANmQnAMEANmRQTANBgkqhkiG
9w0BAQsFAAOCAQEACcXP4piOu1J/t62/GM8HPSJrFvf965atg4+IiOmxJLTC+pKN
oPD36k9XRfUcQ1nCZydA2ynbGzux5Jsiz4eyQwltX1zLc7G5DaV4F48aXf/Kd1xd
s/l/Gh5GlHTLJLWdPcvWhroTVhpy9x5U8OwTMBWkrNTy7hwsH6qM+AZDaQSQODP9
1Nu3k5okMNGXP8+zJMqq0o3lSbAs3NW/RO1iK1bC44AW3608Xquf1PdWHyf17V4d
OFwQXCWgO+zyHaaGbZpbFt0g3QxHsCNdqfCGAjO3ZTyqIe4DTtTv0QcL2pCHT6Ll
oIAr2iVOdQvZIz6RsACil0bTUzAuHtimCWAcdQ==
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:20:28 2026 by rpki-client