Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/9uJevseWtHq9WwkYBlyBhrsiipI.roa
File: 9uJevseWtHq9WwkYBlyBhrsiipI.roa (raw, json)
Hash identifier: XWHVmAdhqAX/5wURmMpdbLR+UcMWugrpYTC02rWpXjA=
Subject key identifier: F6:E2:5E:BE:C7:96:B4:7A:BD:5B:09:18:06:5C:81:86:BB:22:8A:92
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D2602504D9A1888DCFE397AB2ABCD00CF
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/9uJevseWtHq9WwkYBlyBhrsiipI.roa
Signing time: Wed 25 Mar 2026 17:19:38 +0000
ROA not before: Wed 25 Mar 2026 17:19:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 135682
IP address blocks: 87.76.191.0/24 maxlen: 24
87.76.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:02:50:4d:9a:18:88:dc:fe:39:7a:b2:ab:cd:00:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 25 17:19:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6e25ebec796b47abd5b0918065c8186bb228a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d1:62:28:97:a8:49:08:c9:96:3e:36:df:12:
8f:25:a4:ab:35:02:27:c3:02:1b:c8:4b:40:61:83:
b4:dd:6c:97:0e:d7:1a:70:0b:21:2c:01:a4:4c:4d:
70:25:51:69:05:2f:09:48:8a:32:1d:17:46:81:a8:
19:b6:e4:6f:c6:31:7c:83:9b:d2:5d:3e:3f:c7:5b:
a3:d5:33:66:a5:ad:ea:c1:3b:eb:f8:79:a2:4b:86:
1c:a2:a3:bd:9c:bb:fd:0f:f2:ba:5f:37:2b:bc:e1:
c5:16:2b:3c:28:2d:da:7b:02:d3:84:85:1e:ba:40:
12:c7:66:59:9c:fb:f0:6e:8a:82:e1:39:d1:c5:85:
a2:bc:4c:97:7b:be:85:e2:31:6e:81:00:c4:21:06:
f0:27:31:99:9f:2f:64:a5:44:81:f7:36:8a:e6:bc:
9b:36:d4:ac:97:8e:c3:01:1b:57:fd:99:72:5d:a3:
f0:51:92:fa:9a:99:95:2c:2e:bc:6d:c4:5b:c1:55:
d4:d4:54:ea:a7:be:d1:a5:ec:bb:3f:4b:9b:f3:0c:
5b:76:f5:eb:2a:80:9f:ab:10:58:f6:a9:b0:08:5a:
07:8c:3d:5a:ac:f0:6e:77:ef:a6:31:d6:1e:32:fc:
4b:34:ca:5f:f7:66:fd:89:dd:cc:1f:56:70:64:5a:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E2:5E:BE:C7:96:B4:7A:BD:5B:09:18:06:5C:81:86:BB:22:8A:92
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/9uJevseWtHq9WwkYBlyBhrsiipI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.191.0/24
87.76.199.0/24
Signature Algorithm: sha256WithRSAEncryption
59:f5:4d:ca:4e:68:6c:65:5b:9c:60:ac:78:20:59:a2:7b:5a:
5b:55:41:50:5d:98:7b:f2:86:47:22:ab:0e:b4:45:58:a6:1a:
af:fb:f9:db:fb:1f:6d:6d:cc:34:53:8c:06:78:00:11:d4:a7:
30:be:98:83:7a:a5:56:38:c9:73:47:60:56:c6:c8:8f:c2:bf:
c5:47:7a:0c:6a:a5:1d:f2:5d:91:03:87:e8:52:fd:05:88:40:
2f:ba:7c:0a:d0:77:26:de:16:da:99:82:77:65:0d:c8:d7:be:
c2:a6:45:15:26:b8:89:89:de:5f:c6:76:bc:b7:1e:16:98:58:
df:cd:1a:e6:b2:18:e6:85:bb:e7:79:90:39:3c:49:01:58:12:
b6:14:28:59:ff:59:85:ad:43:a9:d9:7a:48:cf:d2:16:d2:06:
f5:a8:82:da:dd:e3:87:f3:b4:23:de:6d:df:b1:e4:70:20:fa:
67:58:0c:59:01:ee:e4:70:20:9e:8b:42:e9:68:30:59:76:e8:
04:d0:86:95:3d:70:55:ab:f3:51:4e:f5:d1:c7:38:54:33:50:
55:76:13:d8:cc:e0:ab:a4:80:7a:7b:e7:2a:a6:9b:11:31:d4:
4b:c7:71:2c:6d:8e:0c:19:e3:9e:2c:24:57:a0:dc:9a:6b:77:
54:fb:b9:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0mAlBNmhiI3P45erKrzQDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzI1MTcxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmUyNWViZWM3OTZiNDdhYmQ1YjA5MTgwNjVjODE4NmJiMjI4YTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdFiKJeoSQjJlj423xKPJaSrNQIn
wwIbyEtAYYO03WyXDtcacAshLAGkTE1wJVFpBS8JSIoyHRdGgagZtuRvxjF8g5vS
XT4/x1uj1TNmpa3qwTvr+HmiS4YcoqO9nLv9D/K6XzcrvOHFFis8KC3aewLThIUe
ukASx2ZZnPvwboqC4TnRxYWivEyXe76F4jFugQDEIQbwJzGZny9kpUSB9zaK5ryb
NtSsl47DARtX/ZlyXaPwUZL6mpmVLC68bcRbwVXU1FTqp77Rpey7P0ub8wxbdvXr
KoCfqxBY9qmwCFoHjD1arPBud++mMdYeMvxLNMpf92b9id3MH1ZwZFr02QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPbiXr7HlrR6vVsJGAZcgYa7IoqSMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvOXVKZXZzZVd0SHE5V3drWUJseUJocnNpaXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0y/AwQA
V0zHMA0GCSqGSIb3DQEBCwUAA4IBAQBZ9U3KTmhsZVucYKx4IFmie1pbVUFQXZh7
8oZHIqsOtEVYphqv+/nb+x9tbcw0U4wGeAAR1KcwvpiDeqVWOMlzR2BWxsiPwr/F
R3oMaqUd8l2RA4foUv0FiEAvunwK0Hcm3hbamYJ3ZQ3I177CpkUVJriJid5fxna8
tx4WmFjfzRrmshjmhbvneZA5PEkBWBK2FChZ/1mFrUOp2XpIz9IW0gb1qILa3eOH
87Qj3m3fseRwIPpnWAxZAe7kcCCei0LpaDBZdugE0IaVPXBVq/NRTvXRxzhUM1BV
dhPYzOCrpIB6e+cqppsRMdRLx3EsbY4MGeOeLCRXoNyaa3dU+7kG
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:10:37 2026 by rpki-client