
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ynh5BswnuKsUEgtJmL1S8O_L8Ec.roa
File: ynh5BswnuKsUEgtJmL1S8O_L8Ec.roa (raw, json)
Hash identifier: mVPx+E8uxaI05Etw7WD/x+2KQeZcWZgCTBCzMb4l/pU=
Subject key identifier: CA:78:79:06:CC:27:B8:AB:14:12:0B:49:98:BD:52:F0:EF:CB:F0:47
Certificate issuer: /CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Certificate serial: 019F23692189D4A519405DC21F3711782DF3
Authority key identifier: BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ynh5BswnuKsUEgtJmL1S8O_L8Ec.roa
Signing time: Thu 02 Jul 2026 15:18:40 +0000
ROA not before: Thu 02 Jul 2026 15:18:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400866
IP address blocks: 82.152.4.0/24 maxlen: 24
82.152.5.0/24 maxlen: 24
82.153.153.0/24 maxlen: 24
82.153.156.0/24 maxlen: 24
82.153.200.0/24 maxlen: 24
213.210.63.0/24 maxlen: 24
213.218.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:23:69:21:89:d4:a5:19:40:5d:c2:1f:37:11:78:2d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be5b8a2b106d334b0c6c61e177aa62f44fe0e3b6
Validity
Not Before: Jul 2 15:18:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ca787906cc27b8ab14120b4998bd52f0efcbf047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ad:1e:a1:bf:b9:4c:55:e0:38:58:7e:11:30:
8c:49:b2:18:ec:be:7c:df:c1:cd:a7:79:35:9e:d6:
93:93:4b:16:97:7a:43:0f:d2:70:e1:82:eb:f1:d6:
f5:e1:87:27:78:50:f2:26:2d:16:3d:bd:49:08:5a:
23:e7:b2:81:ef:ef:68:6a:8c:9e:18:85:c8:36:5d:
ed:c6:77:c3:c5:34:25:51:62:01:b7:cf:9e:03:30:
14:38:a3:0e:96:8b:e2:0a:2c:31:b4:42:99:89:26:
2b:ee:b6:d6:27:a7:d7:16:a4:4a:30:21:d7:2e:0a:
12:a0:f1:e9:61:f5:3b:d6:66:94:09:3a:db:0f:d3:
be:1b:43:1c:81:66:d5:1e:d1:f3:68:63:eb:02:8e:
d2:30:64:83:7f:a2:c7:31:01:fd:3f:45:f7:95:f2:
31:ae:3e:39:b6:1d:b2:38:5f:3a:33:34:ee:9e:f0:
ff:60:43:a2:06:11:9d:c5:7e:b8:0b:cb:33:fb:d6:
cc:9d:d4:db:06:78:72:1d:d9:96:c8:1e:9e:c1:62:
33:0a:2f:f9:4d:c2:c2:c8:1c:b7:1c:b7:cc:62:b5:
53:5d:a5:f9:23:ff:ef:90:9a:15:42:8b:d0:40:5e:
69:00:43:a9:5b:ee:36:55:eb:1f:8d:14:c4:fa:c5:
0a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:78:79:06:CC:27:B8:AB:14:12:0B:49:98:BD:52:F0:EF:CB:F0:47
X509v3 Authority Key Identifier:
keyid:BE:5B:8A:2B:10:6D:33:4B:0C:6C:61:E1:77:AA:62:F4:4F:E0:E3:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vluKKxBtM0sMbGHhd6pi9E_g47Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ynh5BswnuKsUEgtJmL1S8O_L8Ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/vluKKxBtM0sMbGHhd6pi9E_g47Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.4.0/23
82.153.153.0/24
82.153.156.0/24
82.153.200.0/24
213.210.63.0/24
213.218.211.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:1b:51:4a:72:4d:eb:e7:4e:1d:2b:c7:26:30:3a:2d:78:6c:
db:66:09:8a:ee:69:6c:65:57:c9:a0:c2:95:8a:9f:5a:91:66:
26:a6:96:d0:71:6a:2e:f4:f8:24:e7:05:20:d3:cc:0d:03:65:
a5:30:83:7e:08:a6:03:59:07:74:68:db:bc:01:ec:82:ea:ac:
e6:a9:96:f6:7f:7e:42:82:09:58:a9:46:73:30:ef:cf:76:39:
87:59:20:77:c0:d9:97:8e:28:42:6d:0a:f4:d1:2f:95:0f:81:
47:e6:24:0a:82:80:09:69:c3:17:b1:3f:50:e7:f8:3d:bd:43:
63:07:eb:c6:66:9f:ee:8e:41:89:b0:a3:52:73:d6:a6:ec:00:
59:57:d8:b7:90:a0:30:46:6c:d9:40:99:58:b5:94:76:62:84:
9d:f9:f1:00:31:ba:d8:f4:12:39:fc:a6:2c:50:ed:4a:fc:8f:
9e:da:f3:41:06:d3:98:3d:ac:8b:51:7d:29:3a:97:38:0e:70:
88:e2:18:bb:b7:0c:fe:e8:9c:35:a6:8b:49:81:09:32:9c:a9:
5a:86:f2:5b:69:d2:75:46:12:c9:b5:43:03:17:3b:f0:09:8f:
a1:b0:dd:ca:20:26:89:c9:ac:3f:0a:a8:78:4f:05:d2:a3:c9:
a8:4d:dc:db
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ8jaSGJ1KUZQF3CHzcReC3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNWI4YTJiMTA2ZDMzNGIwYzZjNjFlMTc3YWE2MmY0NGZl
MGUzYjYwHhcNMjYwNzAyMTUxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc4NzkwNmNjMjdiOGFiMTQxMjBiNDk5OGJkNTJmMGVmY2JmMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh60eob+5TFXgOFh+ETCMSbIY7L58
38HNp3k1ntaTk0sWl3pDD9Jw4YLr8db14YcneFDyJi0WPb1JCFoj57KB7+9oaoye
GIXINl3txnfDxTQlUWIBt8+eAzAUOKMOloviCiwxtEKZiSYr7rbWJ6fXFqRKMCHX
LgoSoPHpYfU71maUCTrbD9O+G0McgWbVHtHzaGPrAo7SMGSDf6LHMQH9P0X3lfIx
rj45th2yOF86MzTunvD/YEOiBhGdxX64C8sz+9bMndTbBnhyHdmWyB6ewWIzCi/5
TcLCyBy3HLfMYrVTXaX5I//vkJoVQovQQF5pAEOpW+42VesfjRTE+sUKLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMp4eQbMJ7irFBILSZi9UvDvy/BHMB8GA1UdIwQY
MBaAFL5biisQbTNLDGxh4XeqYvRP4OO2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveW5oNUJzd251S3NVRWd0Sm1MMVM4T19MOEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvdmx1S0t4QnRNMHNNYkdIaGQ2cGk5RV9nNDdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUpgEAwQA
UpmZAwQAUpmcAwQAUpnIAwQA1dI/AwQA1drTMA0GCSqGSIb3DQEBCwUAA4IBAQBK
G1FKck3r504dK8cmMDoteGzbZgmK7mlsZVfJoMKVip9akWYmppbQcWou9Pgk5wUg
08wNA2WlMIN+CKYDWQd0aNu8AeyC6qzmqZb2f35CgglYqUZzMO/PdjmHWSB3wNmX
jihCbQr00S+VD4FH5iQKgoAJacMXsT9Q5/g9vUNjB+vGZp/ujkGJsKNSc9am7ABZ
V9i3kKAwRmzZQJlYtZR2YoSd+fEAMbrY9BI5/KYsUO1K/I+e2vNBBtOYPayLUX0p
Opc4DnCI4hi7twz+6Jw1potJgQkynKlahvJbadJ1RhLJtUMDFzvwCY+hsN3KICaJ
yaw/Cqh4TwXSo8moTdzb
-----END CERTIFICATE-----
Generated at Fri Jul 3 18:17:59 2026 by rpki-client