Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ot6W47KcP3Nx9gSqBYQ79sq7dcs.roa
File: Ot6W47KcP3Nx9gSqBYQ79sq7dcs.roa (raw, json)
Hash identifier: HhbPBneN3Fqs43G2B7+2PpbQ9nZUitvbH6kPOCURnNI=
Subject key identifier: 3A:DE:96:E3:B2:9C:3F:73:71:F6:04:AA:05:84:3B:F6:CA:BB:75:CB
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E3CCC37027D1BFF851D06D1B1DC47A977
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ot6W47KcP3Nx9gSqBYQ79sq7dcs.roa
Signing time: Mon 18 May 2026 20:34:36 +0000
ROA not before: Mon 18 May 2026 20:34:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53808
IP address blocks: 87.76.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 15:08:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3c:cc:37:02:7d:1b:ff:85:1d:06:d1:b1:dc:47:a9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 18 20:34:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ade96e3b29c3f7371f604aa05843bf6cabb75cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:14:73:d3:a8:0b:0c:5b:49:c0:ac:ff:bc:4d:
f9:3c:f2:b0:a2:3e:9c:07:11:89:df:21:ce:3d:3f:
2b:ab:eb:bc:c8:2c:af:c2:27:61:c8:50:4e:d7:06:
7f:85:d6:8e:85:67:bf:fe:1d:6b:73:6a:f6:ce:03:
6b:24:4d:58:ef:49:7b:b2:19:29:6a:4d:77:72:14:
fd:eb:bf:51:bc:ac:eb:58:48:65:da:f4:8b:39:25:
8a:f6:48:c2:41:91:ff:da:61:cd:46:55:19:f3:ee:
22:f7:f5:0d:aa:fd:27:2f:34:19:06:d1:35:a5:f5:
ac:ac:cf:90:40:a1:94:c1:b2:d9:45:ed:72:d6:cb:
5a:72:95:bd:c9:5c:d2:d3:4b:6f:8a:be:c8:b2:f6:
bc:69:71:31:af:f3:b2:74:04:01:28:6c:87:e2:81:
49:76:02:68:66:78:a3:38:19:b8:eb:7e:6c:f9:90:
8e:c2:41:aa:38:21:24:e4:ef:bc:c4:83:1d:5d:67:
4b:b6:9d:c2:4a:0e:cd:a3:05:fa:38:2b:c4:94:b4:
a1:2f:83:73:7b:8e:13:ec:03:da:b9:20:00:51:b9:
61:0c:1b:fe:0f:d6:af:d0:7d:d7:67:c3:f6:65:20:
bc:48:2f:39:12:41:d8:30:34:01:bd:a4:03:77:bd:
54:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DE:96:E3:B2:9C:3F:73:71:F6:04:AA:05:84:3B:F6:CA:BB:75:CB
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ot6W47KcP3Nx9gSqBYQ79sq7dcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.196.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d6:10:d2:6e:ee:3f:31:22:92:5f:2c:7b:73:83:29:ca:68:
be:da:54:13:c6:a4:83:96:a8:7c:0f:68:79:e8:a3:26:04:77:
d9:94:72:38:fe:c1:10:bf:5c:98:d1:12:d7:e9:de:c5:7e:da:
63:15:34:5a:c5:a5:b9:22:8f:70:35:1d:66:48:ce:01:3a:c7:
02:d7:3b:d6:bc:4c:57:fc:16:40:6f:8f:32:6f:95:54:9f:68:
23:e5:a4:e3:47:b2:c6:e4:f1:61:3b:e0:76:0b:97:9f:b7:31:
49:ca:e4:a8:5d:0c:c0:02:a4:c1:af:a3:eb:57:b6:0f:91:b8:
17:10:3d:5b:c4:13:94:ce:44:94:81:3b:64:fa:aa:c1:0f:b5:
dd:01:d5:d8:84:38:1a:5d:71:4c:4f:98:e5:37:70:1a:e8:22:
e3:dd:c9:b6:ff:e0:a8:7b:3b:7e:7a:98:2e:ad:30:e8:72:4a:
28:98:f4:30:84:73:11:9a:b2:84:8b:63:87:a2:15:5d:98:c8:
ca:6b:7a:f7:ac:e0:4a:68:ff:f9:60:b5:2c:f6:cf:09:c1:04:
f7:d8:fc:62:87:3e:b3:70:a1:71:d4:ca:50:2b:7a:6a:24:00:
0f:f5:8d:44:1a:fd:d1:b5:27:d8:60:5c:b5:02:1f:4a:db:64:
a9:01:b2:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ48zDcCfRv/hR0G0bHcR6l3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTE4MjAzNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRlOTZlM2IyOWMzZjczNzFmNjA0YWEwNTg0M2JmNmNhYmI3NWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBRz06gLDFtJwKz/vE35PPKwoj6c
BxGJ3yHOPT8rq+u8yCyvwidhyFBO1wZ/hdaOhWe//h1rc2r2zgNrJE1Y70l7shkp
ak13chT9679RvKzrWEhl2vSLOSWK9kjCQZH/2mHNRlUZ8+4i9/UNqv0nLzQZBtE1
pfWsrM+QQKGUwbLZRe1y1stacpW9yVzS00tvir7Isva8aXExr/OydAQBKGyH4oFJ
dgJoZnijOBm4635s+ZCOwkGqOCEk5O+8xIMdXWdLtp3CSg7NowX6OCvElLShL4Nz
e44T7APauSAAUblhDBv+D9av0H3XZ8P2ZSC8SC85EkHYMDQBvaQDd71UOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDreluOynD9zcfYEqgWEO/bKu3XLMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvT3Q2VzQ3S2NQM054OWdTcUJZUTc5c3E3ZGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zEMA0G
CSqGSIb3DQEBCwUAA4IBAQAY1hDSbu4/MSKSXyx7c4Mpymi+2lQTxqSDlqh8D2h5
6KMmBHfZlHI4/sEQv1yY0RLX6d7FftpjFTRaxaW5Io9wNR1mSM4BOscC1zvWvExX
/BZAb48yb5VUn2gj5aTjR7LG5PFhO+B2C5eftzFJyuSoXQzAAqTBr6PrV7YPkbgX
ED1bxBOUzkSUgTtk+qrBD7XdAdXYhDgaXXFMT5jlN3Aa6CLj3cm2/+Coezt+epgu
rTDockoomPQwhHMRmrKEi2OHohVdmMjKa3r3rOBKaP/5YLUs9s8JwQT32Pxihz6z
cKFx1MpQK3pqJAAP9Y1EGv3RtSfYYFy1Ah9K22SpAbKP
-----END CERTIFICATE-----
Generated at Wed Jun 3 23:27:08 2026 by rpki-client