Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mbBTqwtKUVY2Xjg363e72K-RKfE.roa
File: mbBTqwtKUVY2Xjg363e72K-RKfE.roa (raw, json)
Hash identifier: b5Y7+f0OIKBDytvrnxS0YgZNpnf7Br1yoO+WvW+HE8w=
Subject key identifier: 99:B0:53:AB:0B:4A:51:56:36:5E:38:37:EB:77:BB:D8:AF:91:29:F1
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D19FE004E1FD36076C64D59460E305140
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mbBTqwtKUVY2Xjg363e72K-RKfE.roa
Signing time: Mon 23 Mar 2026 09:19:29 +0000
ROA not before: Mon 23 Mar 2026 09:19:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 87.76.185.0/24 maxlen: 24
87.76.217.0/24 maxlen: 24
87.76.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:fe:00:4e:1f:d3:60:76:c6:4d:59:46:0e:30:51:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 23 09:19:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99b053ab0b4a5156365e3837eb77bbd8af9129f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d1:b8:71:50:51:7d:cf:67:26:18:83:ed:33:
25:f9:5d:da:78:b2:bf:84:45:4d:7f:5e:6f:06:ae:
ec:36:d1:a2:4b:3f:81:6d:06:f0:63:6f:ba:5e:21:
b1:73:9d:c7:74:83:97:da:94:0e:69:5e:94:8d:72:
54:af:3e:5c:ad:19:66:78:97:c8:87:cd:ab:3d:c5:
f1:cc:a2:f6:e4:d8:e0:c4:bc:f9:8b:8f:eb:2e:0e:
69:e2:0d:a9:75:e9:d4:4c:ca:54:1d:5d:79:de:2d:
46:c0:a1:10:e4:25:06:56:b2:e2:52:08:b0:b3:e4:
ed:50:0b:1e:c0:88:88:73:64:e2:fa:2d:1f:35:f4:
d2:9e:1f:76:de:44:1a:69:a4:fe:a4:4c:44:c6:ee:
40:da:a4:02:9f:2d:35:f2:9f:2d:52:5d:9f:14:4a:
2e:07:a0:a8:6a:4a:7b:2d:4b:2e:66:81:d0:a8:46:
ac:0b:b2:62:1b:a1:b3:76:1f:11:ad:4e:d1:fb:37:
99:09:36:82:60:50:03:12:c6:bc:d7:8a:55:c8:87:
ac:14:0a:be:dd:e3:9c:2c:d2:34:0f:ca:6b:9a:a2:
8c:db:48:6f:0a:75:7f:d0:c7:b8:c9:22:12:f8:5e:
13:2a:2d:a4:a0:47:0a:fe:8d:d1:e4:24:90:79:cb:
b9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B0:53:AB:0B:4A:51:56:36:5E:38:37:EB:77:BB:D8:AF:91:29:F1
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mbBTqwtKUVY2Xjg363e72K-RKfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.185.0/24
87.76.217.0/24
87.76.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9a:05:19:62:bf:da:0e:36:db:9f:d9:10:95:f3:fa:db:3f:
f8:93:38:4e:ae:6b:22:20:5e:44:f8:21:2e:49:10:af:e6:f5:
cd:0b:28:78:f8:1c:53:2d:a3:70:b7:1f:34:ab:fc:4c:57:59:
17:b4:20:53:f2:28:30:41:09:00:78:3a:35:40:f1:aa:c9:d4:
e1:d9:2b:35:9a:fd:78:7e:96:13:8b:7f:6d:1f:90:6e:a4:fa:
b6:60:21:d7:1f:55:08:0f:96:43:88:f9:39:07:66:04:07:fe:
dc:0f:78:bc:c0:c8:14:49:45:09:59:ad:dc:c5:9a:8a:c1:22:
a5:8e:f7:dc:61:dc:f6:7e:64:a1:07:b6:3c:c2:60:a8:d2:7e:
6d:14:39:2d:df:7a:27:64:d9:f0:aa:c0:06:83:c0:b6:d0:f0:
ef:a1:fa:f8:6e:10:2d:15:b7:12:f4:53:ba:77:b7:1d:df:2f:
5c:53:f8:2e:8f:d3:80:78:fe:e8:e6:78:34:fc:44:c4:6d:8d:
96:54:58:22:74:6a:70:4c:c3:69:5d:a2:b9:0c:dd:97:6c:e2:
4a:5b:76:cd:cb:68:16:2c:8d:46:d0:70:81:b6:e9:69:cc:a5:
b5:31:24:ed:de:88:b4:c2:a6:58:df:ee:30:11:76:e0:5d:5d:
0b:40:50:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0Z/gBOH9NgdsZNWUYOMFFAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzIzMDkxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIwNTNhYjBiNGE1MTU2MzY1ZTM4MzdlYjc3YmJkOGFmOTEyOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtG4cVBRfc9nJhiD7TMl+V3aeLK/
hEVNf15vBq7sNtGiSz+BbQbwY2+6XiGxc53HdIOX2pQOaV6UjXJUrz5crRlmeJfI
h82rPcXxzKL25NjgxLz5i4/rLg5p4g2pdenUTMpUHV153i1GwKEQ5CUGVrLiUgiw
s+TtUAsewIiIc2Ti+i0fNfTSnh923kQaaaT+pExExu5A2qQCny018p8tUl2fFEou
B6Coakp7LUsuZoHQqEasC7JiG6Gzdh8RrU7R+zeZCTaCYFADEsa814pVyIesFAq+
3eOcLNI0D8prmqKM20hvCnV/0Me4ySIS+F4TKi2koEcK/o3R5CSQecu5JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmwU6sLSlFWNl44N+t3u9ivkSnxMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvbWJCVHF3dEtVVlkyWGpnMzYzZTcySy1SS2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV0y5AwQA
V0zZAwQAV0zcMA0GCSqGSIb3DQEBCwUAA4IBAQBfmgUZYr/aDjbbn9kQlfP62z/4
kzhOrmsiIF5E+CEuSRCv5vXNCyh4+BxTLaNwtx80q/xMV1kXtCBT8igwQQkAeDo1
QPGqydTh2Ss1mv14fpYTi39tH5BupPq2YCHXH1UID5ZDiPk5B2YEB/7cD3i8wMgU
SUUJWa3cxZqKwSKljvfcYdz2fmShB7Y8wmCo0n5tFDkt33onZNnwqsAGg8C20PDv
ofr4bhAtFbcS9FO6d7cd3y9cU/guj9OAeP7o5ng0/ETEbY2WVFgidGpwTMNpXaK5
DN2XbOJKW3bNy2gWLI1G0HCBtulpzKW1MSTt3oi0wqZY3+4wEXbgXV0LQFCu
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:12:40 2026 by rpki-client