Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/WlHGR7Ev-NUqGa5lly6f0ty8jbU.roa
File: WlHGR7Ev-NUqGa5lly6f0ty8jbU.roa (raw, json)
Hash identifier: 3wdvSOUkCXlAdB149RZu9MzpB/eNTTakMeLIkJ4Gg0A=
Subject key identifier: 5A:51:C6:47:B1:2F:F8:D5:2A:19:AE:65:97:2E:9F:D2:DC:BC:8D:B5
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019CE6941750C634D2B883D11FA96DFB2183
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/WlHGR7Ev-NUqGa5lly6f0ty8jbU.roa
Signing time: Fri 13 Mar 2026 09:43:10 +0000
ROA not before: Fri 13 Mar 2026 09:43:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 87.76.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:94:17:50:c6:34:d2:b8:83:d1:1f:a9:6d:fb:21:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 13 09:43:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5a51c647b12ff8d52a19ae65972e9fd2dcbc8db5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:89:84:64:f4:57:8f:8f:48:60:f8:5c:5e:69:
fe:12:ab:4a:01:f3:fb:32:0a:47:b8:8a:2c:42:fd:
c4:36:2e:a0:d2:98:fa:6b:f8:4e:46:ef:b6:b6:b8:
d5:2f:27:78:97:48:c3:c8:8c:4c:b3:17:74:ab:32:
ba:be:6b:e8:26:f1:46:0c:e1:22:17:90:ea:41:08:
3c:2f:a4:40:ea:3e:59:61:d9:3d:18:42:d5:dd:7d:
39:e2:91:27:17:50:8f:04:c0:01:17:e5:98:c0:86:
5c:8f:9d:4f:1f:c9:8b:25:92:3e:80:8d:2e:c5:67:
d8:f6:09:d6:18:b0:a2:d8:bc:f4:78:29:29:43:97:
ab:8f:9c:d3:42:e1:31:6c:4f:61:67:2e:93:ce:db:
bc:16:bc:8c:c5:fc:e4:a1:32:01:9c:be:72:b2:09:
4b:d8:e6:04:ac:6c:ef:23:81:07:f2:f6:2c:d7:d1:
e4:61:17:be:4a:4e:ea:2b:9a:f0:30:70:59:f8:87:
44:20:fa:0e:45:45:ec:d5:30:3b:d8:ce:af:80:49:
c3:21:70:69:ee:b2:3d:76:77:48:41:2c:f3:17:a5:
91:9c:b0:94:9a:20:dd:c4:98:09:24:ce:3b:bc:cf:
01:35:63:86:c2:42:8c:cc:a8:d6:53:c4:4e:50:04:
ee:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:51:C6:47:B1:2F:F8:D5:2A:19:AE:65:97:2E:9F:D2:DC:BC:8D:B5
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/WlHGR7Ev-NUqGa5lly6f0ty8jbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.217.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:38:0d:76:5d:d1:ec:06:c9:5d:75:c0:1c:d0:2f:3a:9d:02:
d5:c2:aa:62:8f:78:f3:3c:3a:bb:5f:38:88:d3:19:b9:e9:f6:
71:53:a5:02:06:cb:ac:72:95:a3:5a:6b:3c:50:8c:54:0c:a7:
70:bf:80:77:da:9d:a9:17:d8:b2:82:b5:a3:d1:ff:14:48:af:
8f:6a:65:79:b5:03:dd:b4:07:d4:dd:9a:09:71:1c:7f:6f:39:
b5:b9:c0:c1:60:6d:41:11:f5:30:aa:4c:16:52:51:7a:c6:c0:
02:f8:74:15:49:02:8b:58:aa:06:e3:bb:5b:7f:6d:5d:c6:91:
50:d4:4d:9b:aa:a5:38:46:56:51:c9:31:22:89:ea:7a:7a:da:
67:cd:67:23:a4:32:00:02:92:fe:8e:57:2f:83:9b:b6:52:7e:
db:6b:30:56:1b:fe:5e:11:5c:99:4c:6e:35:db:31:0d:70:e3:
7f:d4:f8:ac:52:04:c7:a0:6c:b8:cc:8d:61:e2:a3:7a:6d:d4:
ae:13:ac:29:06:31:09:d1:ad:48:a1:62:8f:25:4a:b9:01:fb:
5f:ba:67:54:42:7c:ce:41:f8:4d:1b:87:1b:52:f0:04:ee:b8:
ae:c6:84:17:82:d4:7f:b4:92:e8:b8:a7:1b:ef:b8:8b:18:de:
dd:e3:cf:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzmlBdQxjTSuIPRH6lt+yGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzEzMDk0MzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTUxYzY0N2IxMmZmOGQ1MmExOWFlNjU5NzJlOWZkMmRjYmM4ZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYmEZPRXj49IYPhcXmn+EqtKAfP7
MgpHuIosQv3ENi6g0pj6a/hORu+2trjVLyd4l0jDyIxMsxd0qzK6vmvoJvFGDOEi
F5DqQQg8L6RA6j5ZYdk9GELV3X054pEnF1CPBMABF+WYwIZcj51PH8mLJZI+gI0u
xWfY9gnWGLCi2Lz0eCkpQ5erj5zTQuExbE9hZy6Tztu8FryMxfzkoTIBnL5ysglL
2OYErGzvI4EH8vYs19HkYRe+Sk7qK5rwMHBZ+IdEIPoORUXs1TA72M6vgEnDIXBp
7rI9dndIQSzzF6WRnLCUmiDdxJgJJM47vM8BNWOGwkKMzKjWU8ROUATuzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFpRxkexL/jVKhmuZZcun9LcvI21MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvV2xIR1I3RXYtTlVxR2E1bGx5NmYwdHk4amJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zZMA0G
CSqGSIb3DQEBCwUAA4IBAQAaOA12XdHsBslddcAc0C86nQLVwqpij3jzPDq7XziI
0xm56fZxU6UCBsuscpWjWms8UIxUDKdwv4B32p2pF9iygrWj0f8USK+PamV5tQPd
tAfU3ZoJcRx/bzm1ucDBYG1BEfUwqkwWUlF6xsAC+HQVSQKLWKoG47tbf21dxpFQ
1E2bqqU4RlZRyTEiiep6etpnzWcjpDIAApL+jlcvg5u2Un7bazBWG/5eEVyZTG41
2zENcON/1PisUgTHoGy4zI1h4qN6bdSuE6wpBjEJ0a1IoWKPJUq5AftfumdUQnzO
QfhNG4cbUvAE7riuxoQXgtR/tJLouKcb77iLGN7d48/F
-----END CERTIFICATE-----
Generated at Thu Mar 26 01:48:14 2026 by rpki-client