Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/YpOUstiHStqqp61wPsUM4npQQog.roa
File: YpOUstiHStqqp61wPsUM4npQQog.roa (raw, json)
Hash identifier: 4GStCIOqNJCG/+DdZanjc3qhY3xLf1UDK5Top5Yx7Gc=
Subject key identifier: 62:93:94:B2:D8:87:4A:DA:AA:A7:AD:70:3E:C5:0C:E2:7A:50:42:88
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DF423A26F124934EBBE454AFEF9392507
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/YpOUstiHStqqp61wPsUM4npQQog.roa
Signing time: Mon 04 May 2026 17:57:49 +0000
ROA not before: Mon 04 May 2026 17:57:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198015
IP address blocks: 87.76.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:23:a2:6f:12:49:34:eb:be:45:4a:fe:f9:39:25:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 4 17:57:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=629394b2d8874adaaaa7ad703ec50ce27a504288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:10:45:78:62:4b:20:ff:b0:65:2b:bf:a6:d7:
30:fe:13:b1:8d:22:2a:39:43:45:70:79:ed:34:e5:
97:bc:b6:3b:63:18:f6:1a:61:0a:ec:df:4c:7f:84:
e6:e0:64:b4:38:d3:66:f7:e1:f2:39:31:c4:2c:18:
4f:32:cd:b6:81:46:e8:01:93:48:96:48:aa:a1:6f:
9c:3d:cb:79:51:42:c5:b2:93:9a:06:c4:6d:d7:b1:
82:03:41:76:32:63:20:09:e0:c6:39:21:17:31:0d:
cd:7c:a3:4c:d2:a9:8d:b1:0e:37:9e:c2:eb:19:b6:
41:8a:54:1b:cc:11:ba:b2:27:be:4d:5a:8c:6b:d9:
66:9c:de:08:46:43:22:fb:b4:ba:5f:40:a3:e4:22:
46:23:9c:e7:ed:f6:df:80:48:1a:b0:8b:df:83:87:
3e:2c:a1:34:15:8a:24:53:ab:a3:10:ad:b9:5c:2b:
5a:93:95:d0:40:3f:8f:65:0b:c1:18:4e:e4:e3:0d:
72:82:a1:c7:e3:91:2f:ce:9d:35:49:ac:c8:76:2a:
39:66:84:9e:9d:c4:6c:e2:9d:2b:37:ec:27:ae:ed:
9f:6a:a3:3d:d9:ad:78:18:c7:78:5a:ec:0e:ed:31:
8c:66:54:f8:f9:75:0d:b4:aa:dc:cc:ff:3b:56:b4:
7c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:93:94:B2:D8:87:4A:DA:AA:A7:AD:70:3E:C5:0C:E2:7A:50:42:88
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/YpOUstiHStqqp61wPsUM4npQQog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.195.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:78:45:bf:0f:50:b6:83:23:ad:0e:f5:df:6e:c3:94:a4:0b:
0b:34:69:1a:9b:0a:4b:cf:b3:01:33:22:e9:50:a3:6f:fa:da:
18:4e:ac:21:ff:e5:1d:d1:9b:4b:7a:74:a3:3e:a9:d2:6d:b8:
d2:a8:b5:ee:3f:e4:ac:e9:32:75:6f:4b:95:ad:b7:5a:2c:60:
36:a0:e7:fc:96:5b:d5:76:e4:f7:6f:24:ad:fe:7a:3a:88:d8:
53:bd:5b:a0:f9:86:c9:09:14:d3:3a:e3:37:63:f0:2d:f5:0b:
68:65:3a:51:75:c9:1d:44:7a:2d:3d:85:71:82:fc:56:f6:cb:
a9:7c:af:05:3b:b6:2f:2c:82:52:61:39:50:cf:81:5b:03:7c:
80:ac:51:bf:0f:5d:df:f2:e5:ce:05:9c:9b:5a:a9:34:27:4e:
17:41:86:dc:34:34:0e:86:33:70:63:b1:2a:ac:26:62:9e:89:
c9:e2:9d:04:a8:60:65:86:e0:34:64:65:0b:7f:33:d7:15:1e:
07:ee:0e:b9:65:dd:78:19:be:29:96:6b:c7:d1:91:19:8d:80:
c6:8c:01:9d:b4:91:9a:7c:6a:bc:c2:17:2c:cb:d2:a1:15:64:
f1:87:6f:ad:1e:1d:a5:1d:83:2d:4c:40:98:e2:82:03:d5:26:
65:33:ac:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ30I6JvEkk0675FSv75OSUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTA0MTc1NzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkzOTRiMmQ4ODc0YWRhYWFhN2FkNzAzZWM1MGNlMjdhNTA0Mjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RBFeGJLIP+wZSu/ptcw/hOxjSIq
OUNFcHntNOWXvLY7Yxj2GmEK7N9Mf4Tm4GS0ONNm9+HyOTHELBhPMs22gUboAZNI
lkiqoW+cPct5UULFspOaBsRt17GCA0F2MmMgCeDGOSEXMQ3NfKNM0qmNsQ43nsLr
GbZBilQbzBG6sie+TVqMa9lmnN4IRkMi+7S6X0Cj5CJGI5zn7fbfgEgasIvfg4c+
LKE0FYokU6ujEK25XCtak5XQQD+PZQvBGE7k4w1ygqHH45Evzp01SazIdio5ZoSe
ncRs4p0rN+wnru2faqM92a14GMd4WuwO7TGMZlT4+XUNtKrczP87VrR82wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKTlLLYh0raqqetcD7FDOJ6UEKIMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvWXBPVXN0aUhTdHFxcDYxd1BzVU00bnBRUW9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zDMA0G
CSqGSIb3DQEBCwUAA4IBAQB6eEW/D1C2gyOtDvXfbsOUpAsLNGkamwpLz7MBMyLp
UKNv+toYTqwh/+Ud0ZtLenSjPqnSbbjSqLXuP+Ss6TJ1b0uVrbdaLGA2oOf8llvV
duT3bySt/no6iNhTvVug+YbJCRTTOuM3Y/At9QtoZTpRdckdRHotPYVxgvxW9sup
fK8FO7YvLIJSYTlQz4FbA3yArFG/D13f8uXOBZybWqk0J04XQYbcNDQOhjNwY7Eq
rCZinonJ4p0EqGBlhuA0ZGULfzPXFR4H7g65Zd14Gb4plmvH0ZEZjYDGjAGdtJGa
fGq8whcsy9KhFWTxh2+tHh2lHYMtTECY4oID1SZlM6z1
-----END CERTIFICATE-----
Generated at Wed May 13 04:51:08 2026 by rpki-client