Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/uhgd4F2d51dXLdfVsvrH2fSebyE.roa
File: uhgd4F2d51dXLdfVsvrH2fSebyE.roa (raw, json)
Hash identifier: swacY0dDeoz530/t4cP/Hx5T+6T3D8j+Oz/eDcIqQhw=
Subject key identifier: BA:18:1D:E0:5D:9D:E7:57:57:2D:D7:D5:B2:FA:C7:D9:F4:9E:6F:21
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DD599F28F8442D917E85D169B87D4970E
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/uhgd4F2d51dXLdfVsvrH2fSebyE.roa
Signing time: Tue 28 Apr 2026 19:38:49 +0000
ROA not before: Tue 28 Apr 2026 19:38:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 87.76.145.0/24 maxlen: 24
87.76.148.0/24 maxlen: 24
87.76.151.0/24 maxlen: 24
87.76.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:99:f2:8f:84:42:d9:17:e8:5d:16:9b:87:d4:97:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 28 19:38:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba181de05d9de757572dd7d5b2fac7d9f49e6f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6b:ca:cd:5a:49:7c:2b:73:ea:b6:55:8e:e2:
1d:96:6d:85:17:39:7f:54:cb:4a:3d:ea:79:c8:6f:
ab:63:b7:be:e5:38:b1:80:35:f0:87:7b:98:b9:77:
1a:03:83:4c:20:9d:48:2e:c4:99:4f:3e:ef:9c:8c:
a6:a9:f7:84:98:02:78:70:91:06:2d:e2:c7:49:08:
84:60:84:93:0e:39:29:2d:cc:70:0a:04:16:a9:c9:
86:82:fa:b3:b2:95:e5:ae:1e:62:c6:40:2e:5e:64:
a4:02:31:9c:48:0f:ee:ba:63:dd:4c:d8:05:9e:48:
11:73:0c:e6:3b:96:04:bd:21:ea:2d:5a:9f:16:1d:
41:6c:2c:88:74:a9:08:07:3b:40:d2:25:43:11:5f:
a6:ff:b9:85:72:7c:f0:3a:bc:ff:72:e5:25:63:2d:
a0:e4:b5:25:46:29:db:ea:cd:1b:f6:32:b8:1c:01:
b0:12:a0:c6:1e:e8:c3:af:a9:d9:e9:05:48:85:72:
2f:b6:1a:f5:57:a1:60:33:b0:45:73:de:5d:e9:8b:
8e:a1:a6:0f:c6:28:53:55:c3:5e:d6:18:51:0b:00:
e5:6d:27:65:08:b0:59:56:ce:4b:c8:a8:21:84:7d:
61:f9:dd:de:9e:9b:0d:d7:e7:b6:ae:d1:62:e0:67:
65:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:18:1D:E0:5D:9D:E7:57:57:2D:D7:D5:B2:FA:C7:D9:F4:9E:6F:21
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/uhgd4F2d51dXLdfVsvrH2fSebyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.145.0/24
87.76.148.0/24
87.76.151.0/24
87.76.187.0/24
Signature Algorithm: sha256WithRSAEncryption
30:05:87:d1:b3:f9:98:62:a4:52:a5:ec:78:9f:7b:7c:c2:d5:
7b:08:2a:3f:07:23:51:93:1e:7b:08:de:69:73:7c:19:7a:35:
ad:2f:f4:f4:ee:9b:b3:94:46:d3:13:80:c3:89:bc:d8:ad:8d:
c9:45:d2:88:be:ce:3a:0e:dd:a6:8f:a2:33:94:d6:46:10:fe:
4e:ff:87:59:a7:9a:bf:63:b5:8b:15:e1:91:72:f5:da:7c:e1:
a8:f6:88:e6:82:f8:43:03:39:d5:cc:26:26:d1:f0:12:eb:20:
d7:4b:1f:e0:55:3b:0a:d1:8b:5f:4d:90:d9:cd:ca:20:4c:dd:
a0:85:31:ac:14:a7:62:7c:38:ac:e6:a2:7a:fd:ee:08:7c:b3:
a0:f4:85:0e:8c:9f:b2:29:ab:6e:3d:a9:46:1e:73:0b:8a:ed:
26:23:6d:a0:68:6f:c7:33:09:d2:85:cd:16:61:8c:b3:66:57:
63:a5:dc:1d:b6:68:25:04:08:a3:e1:c5:4b:ef:13:cd:b3:f7:
0a:45:a2:03:9f:a8:cf:68:68:d4:82:27:05:a2:e8:9e:da:8a:
35:d3:61:7f:66:23:2c:c4:8f:68:c0:b1:53:a1:48:85:55:39:
63:80:ea:fc:aa:c9:cf:41:8f:cc:ae:47:52:82:6b:20:0b:e1:
ef:80:cb:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3VmfKPhELZF+hdFpuH1JcOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDI4MTkzODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTE4MWRlMDVkOWRlNzU3NTcyZGQ3ZDViMmZhYzdkOWY0OWU2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmvKzVpJfCtz6rZVjuIdlm2FFzl/
VMtKPep5yG+rY7e+5TixgDXwh3uYuXcaA4NMIJ1ILsSZTz7vnIymqfeEmAJ4cJEG
LeLHSQiEYISTDjkpLcxwCgQWqcmGgvqzspXlrh5ixkAuXmSkAjGcSA/uumPdTNgF
nkgRcwzmO5YEvSHqLVqfFh1BbCyIdKkIBztA0iVDEV+m/7mFcnzwOrz/cuUlYy2g
5LUlRinb6s0b9jK4HAGwEqDGHujDr6nZ6QVIhXIvthr1V6FgM7BFc95d6YuOoaYP
xihTVcNe1hhRCwDlbSdlCLBZVs5LyKghhH1h+d3enpsN1+e2rtFi4Gdl+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLoYHeBdnedXVy3X1bL6x9n0nm8hMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvdWhnZDRGMmQ1MWRYTGRmVnN2ckgyZlNlYnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV0yRAwQA
V0yUAwQAV0yXAwQAV0y7MA0GCSqGSIb3DQEBCwUAA4IBAQAwBYfRs/mYYqRSpex4
n3t8wtV7CCo/ByNRkx57CN5pc3wZejWtL/T07puzlEbTE4DDibzYrY3JRdKIvs46
Dt2mj6IzlNZGEP5O/4dZp5q/Y7WLFeGRcvXafOGo9ojmgvhDAznVzCYm0fAS6yDX
Sx/gVTsK0YtfTZDZzcogTN2ghTGsFKdifDis5qJ6/e4IfLOg9IUOjJ+yKatuPalG
HnMLiu0mI22gaG/HMwnShc0WYYyzZldjpdwdtmglBAij4cVL7xPNs/cKRaIDn6jP
aGjUgicFouie2oo102F/ZiMsxI9owLFToUiFVTljgOr8qsnPQY/MrkdSgmsgC+Hv
gMtz
-----END CERTIFICATE-----
Generated at Wed May 13 00:20:46 2026 by rpki-client