Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/EQWm0uWpgDp8kBpmDE6_yrdDoN8.roa
File: EQWm0uWpgDp8kBpmDE6_yrdDoN8.roa (raw, json)
Hash identifier: cr6uLXyE369DQGhN7J7i05byWZk+rOd7Xcjc5OSg7mo=
Subject key identifier: 11:05:A6:D2:E5:A9:80:3A:7C:90:1A:66:0C:4E:BF:CA:B7:43:A0:DF
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DBFE286009B1AC9C23EDE7B8BF62EB5A7
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/EQWm0uWpgDp8kBpmDE6_yrdDoN8.roa
Signing time: Fri 24 Apr 2026 14:26:26 +0000
ROA not before: Fri 24 Apr 2026 14:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206136
IP address blocks: 87.76.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:e2:86:00:9b:1a:c9:c2:3e:de:7b:8b:f6:2e:b5:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 24 14:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1105a6d2e5a9803a7c901a660c4ebfcab743a0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:56:c6:22:b1:65:8f:72:ac:c9:52:1a:78:84:
cc:ce:ff:e7:d7:fd:4b:78:81:4c:dc:0f:74:4c:4c:
a7:b2:a8:64:f8:be:c7:91:3a:00:c4:15:b6:e0:1f:
0f:e8:ee:53:7d:12:bb:0b:5c:c9:00:72:43:db:4f:
22:e4:e1:b1:28:91:45:08:74:38:62:ba:ed:9c:82:
f3:5a:f2:f0:6a:db:e5:d4:e7:ad:24:9c:d6:f6:c8:
13:d3:31:90:71:c9:f9:32:4e:49:55:8c:5d:a2:c2:
fc:e8:43:29:76:f7:d1:3d:84:c4:72:12:2a:e6:e3:
20:98:1e:4e:64:6f:9e:a2:e7:d4:df:9a:4b:ac:de:
c0:c2:cd:38:a8:1e:9b:c4:02:dc:06:3e:24:e4:73:
67:e5:67:77:07:a4:b8:f4:54:34:6f:41:db:9e:a8:
08:f3:5a:a7:d1:df:c9:19:5b:11:8a:32:89:38:94:
f6:e9:81:8d:cf:3b:43:f9:05:76:ac:80:c8:3c:8f:
bb:d5:b3:7d:bc:33:ea:15:0b:55:73:65:ca:ce:f3:
2e:59:aa:bf:ed:8c:ac:90:26:d0:7f:26:de:4c:d1:
6e:ed:90:e3:3a:d4:0b:22:7e:9a:9e:de:fc:97:d8:
68:0b:06:83:d5:a9:a3:c0:a3:22:a2:ff:a2:58:5f:
8d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:05:A6:D2:E5:A9:80:3A:7C:90:1A:66:0C:4E:BF:CA:B7:43:A0:DF
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/EQWm0uWpgDp8kBpmDE6_yrdDoN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.155.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b0:15:ee:b4:d3:29:4e:48:92:3c:40:2b:78:f0:4a:be:01:
5f:84:36:21:fc:40:59:f4:95:ab:88:dd:a2:a9:71:a3:eb:73:
3b:93:dc:fa:8b:3e:08:ac:9f:57:8c:44:9b:bb:a3:09:e5:64:
bc:ba:52:cc:b1:86:5b:08:32:0c:21:26:34:86:81:ea:a2:76:
ca:81:4b:40:36:9b:c9:c3:52:6a:e9:b5:a7:6d:30:8d:24:c6:
b4:51:4a:c7:ac:d0:71:89:3f:41:16:86:62:a0:7b:8f:fc:d5:
af:4c:14:33:9d:82:bc:2c:c4:b7:3a:4d:07:d2:86:86:8c:8e:
1b:37:0b:89:14:9e:db:60:39:92:0a:9e:ac:e3:27:72:47:60:
f2:82:3b:99:0f:ee:60:8d:80:b1:e2:3f:c7:53:88:9d:73:c2:
1c:35:fe:50:de:a2:9f:ba:fc:ad:2c:79:fe:0f:a2:f7:e8:7a:
0a:39:54:8f:e4:9d:3e:8a:54:40:fc:89:05:f8:df:7e:dd:a5:
8f:84:0e:86:eb:f0:7b:fd:59:72:3c:06:45:08:7c:24:40:40:
58:29:e0:8f:58:ec:1d:d0:8c:6b:ab:29:4f:f0:ab:28:6d:51:
7f:0d:c3:49:e7:55:a3:9b:36:bc:40:f9:fb:93:49:e1:59:90:
bb:a1:c6:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2/4oYAmxrJwj7ee4v2LrWnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDI0MTQyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTA1YTZkMmU1YTk4MDNhN2M5MDFhNjYwYzRlYmZjYWI3NDNhMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VbGIrFlj3KsyVIaeITMzv/n1/1L
eIFM3A90TEynsqhk+L7HkToAxBW24B8P6O5TfRK7C1zJAHJD208i5OGxKJFFCHQ4
YrrtnILzWvLwatvl1OetJJzW9sgT0zGQccn5Mk5JVYxdosL86EMpdvfRPYTEchIq
5uMgmB5OZG+eoufU35pLrN7Aws04qB6bxALcBj4k5HNn5Wd3B6S49FQ0b0HbnqgI
81qn0d/JGVsRijKJOJT26YGNzztD+QV2rIDIPI+71bN9vDPqFQtVc2XKzvMuWaq/
7YyskCbQfybeTNFu7ZDjOtQLIn6ant78l9hoCwaD1amjwKMiov+iWF+NLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEFptLlqYA6fJAaZgxOv8q3Q6DfMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvRVFXbTB1V3BnRHA4a0JwbURFNl95cmREb044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0ybMA0G
CSqGSIb3DQEBCwUAA4IBAQAYsBXutNMpTkiSPEArePBKvgFfhDYh/EBZ9JWriN2i
qXGj63M7k9z6iz4IrJ9XjESbu6MJ5WS8ulLMsYZbCDIMISY0hoHqonbKgUtANpvJ
w1Jq6bWnbTCNJMa0UUrHrNBxiT9BFoZioHuP/NWvTBQznYK8LMS3Ok0H0oaGjI4b
NwuJFJ7bYDmSCp6s4ydyR2DygjuZD+5gjYCx4j/HU4idc8IcNf5Q3qKfuvytLHn+
D6L36HoKOVSP5J0+ilRA/IkF+N9+3aWPhA6G6/B7/VlyPAZFCHwkQEBYKeCPWOwd
0IxrqylP8KsobVF/DcNJ51Wjmza8QPn7k0nhWZC7ocb0
-----END CERTIFICATE-----
Generated at Wed May 13 09:47:45 2026 by rpki-client