Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/TDIMwCJ0QuBx2g63u2U3yCUPleA.roa
File: TDIMwCJ0QuBx2g63u2U3yCUPleA.roa (raw, json)
Hash identifier: 1yLc3psGzOT4BEUYkiO/WCcARR1mikBzzpdLDwOCOIw=
Subject key identifier: 4C:32:0C:C0:22:74:42:E0:71:DA:0E:B7:BB:65:37:C8:25:0F:95:E0
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DD9681164CEBEC26486092107FDFAC29D
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/TDIMwCJ0QuBx2g63u2U3yCUPleA.roa
Signing time: Wed 29 Apr 2026 13:22:49 +0000
ROA not before: Wed 29 Apr 2026 13:22:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202051
IP address blocks: 87.76.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:57:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:68:11:64:ce:be:c2:64:86:09:21:07:fd:fa:c2:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 29 13:22:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4c320cc0227442e071da0eb7bb6537c8250f95e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ac:9f:84:87:4a:c0:d5:09:f6:42:12:77:90:
ec:74:8f:93:81:2c:2f:29:20:3d:48:b1:fd:2d:1a:
f6:ac:ff:58:c8:56:0f:0a:04:ae:92:1e:16:59:90:
4a:30:1d:8a:02:4e:fb:cf:0d:db:83:55:2c:9f:ac:
c5:db:60:bd:b5:b0:da:1e:49:ed:1c:0d:88:64:ac:
74:7d:13:d3:f1:50:78:6a:a8:f6:96:9e:ac:c1:70:
e0:a9:71:ba:11:0c:8c:82:12:c2:85:a8:46:0b:0e:
20:b9:11:93:5f:a5:79:3a:68:7b:76:64:72:5c:8e:
5c:db:49:24:78:39:18:c3:83:37:87:fa:25:80:34:
00:ac:70:5a:ce:36:36:53:3e:0d:4b:64:21:09:15:
2f:cf:6b:ad:1b:45:1b:08:1e:d9:24:00:d6:96:21:
fd:d2:d7:6f:9e:ef:4c:4e:78:76:1f:cc:b3:d5:d9:
e0:ea:31:42:40:ba:bc:19:ac:fc:99:b7:89:ba:39:
3a:e8:44:91:d4:33:93:2b:e2:02:d2:7b:05:75:79:
0f:be:c7:56:68:dd:ea:c3:28:37:04:69:4f:87:9b:
e0:d2:fd:8a:48:e2:ea:e4:27:70:e1:bb:d4:99:b2:
e9:d8:b7:f6:62:bc:37:c8:ad:3c:9b:53:81:66:86:
8e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:32:0C:C0:22:74:42:E0:71:DA:0E:B7:BB:65:37:C8:25:0F:95:E0
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/TDIMwCJ0QuBx2g63u2U3yCUPleA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.179.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c2:85:a2:2d:48:0f:cd:8a:21:e9:b7:15:86:ca:51:bb:9e:
a5:39:99:62:a2:ef:14:06:1d:b5:9f:2b:63:66:7f:2c:3f:a2:
4f:6c:e3:73:56:1f:f6:16:66:e1:73:e8:44:db:2f:53:c5:ea:
f6:6e:37:90:4a:40:0e:ac:8a:a7:8a:e9:b4:4a:59:a2:8a:2f:
3b:04:29:c6:f4:9b:0a:bf:fa:95:c1:9b:33:11:6d:78:6f:5f:
4a:9d:30:34:46:8f:9f:2b:57:a7:f5:57:b9:b2:91:1f:1e:b6:
cb:7f:77:ce:f3:53:d0:99:b1:38:ae:6b:25:bd:87:8e:a4:40:
64:ee:5f:0d:03:d8:47:21:a8:05:a8:33:02:8f:42:d5:73:f5:
6b:48:be:0d:fc:22:57:15:f9:fb:0d:0c:a9:cb:bc:22:54:7e:
66:0c:06:c3:da:b9:5f:e3:d0:55:89:7c:70:ee:fe:20:a4:95:
58:bd:11:76:cc:ee:8b:98:87:b6:f0:1e:00:fa:8a:43:4f:fe:
b8:b5:0e:c6:26:24:78:8f:51:d3:18:5f:d6:67:60:11:e0:ba:
80:d8:6e:52:92:85:bd:99:6a:32:bb:02:a5:40:35:b8:68:97:
a4:ab:98:cb:58:85:d7:a6:1e:a3:1c:96:14:7b:39:b3:cf:f7:
6e:da:58:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3ZaBFkzr7CZIYJIQf9+sKdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDI5MTMyMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMyMGNjMDIyNzQ0MmUwNzFkYTBlYjdiYjY1MzdjODI1MGY5NWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKyfhIdKwNUJ9kISd5DsdI+TgSwv
KSA9SLH9LRr2rP9YyFYPCgSukh4WWZBKMB2KAk77zw3bg1Usn6zF22C9tbDaHknt
HA2IZKx0fRPT8VB4aqj2lp6swXDgqXG6EQyMghLChahGCw4guRGTX6V5Omh7dmRy
XI5c20kkeDkYw4M3h/olgDQArHBazjY2Uz4NS2QhCRUvz2utG0UbCB7ZJADWliH9
0tdvnu9MTnh2H8yz1dng6jFCQLq8Gaz8mbeJujk66ESR1DOTK+IC0nsFdXkPvsdW
aN3qwyg3BGlPh5vg0v2KSOLq5Cdw4bvUmbLp2Lf2Yrw3yK08m1OBZoaORQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEwyDMAidELgcdoOt7tlN8glD5XgMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvVERJTXdDSjBRdUJ4Mmc2M3UyVTN5Q1VQbGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0yzMA0G
CSqGSIb3DQEBCwUAA4IBAQAXwoWiLUgPzYoh6bcVhspRu56lOZliou8UBh21nytj
Zn8sP6JPbONzVh/2Fmbhc+hE2y9Txer2bjeQSkAOrIqnium0Slmiii87BCnG9JsK
v/qVwZszEW14b19KnTA0Ro+fK1en9Ve5spEfHrbLf3fO81PQmbE4rmslvYeOpEBk
7l8NA9hHIagFqDMCj0LVc/VrSL4N/CJXFfn7DQypy7wiVH5mDAbD2rlf49BViXxw
7v4gpJVYvRF2zO6LmIe28B4A+opDT/64tQ7GJiR4j1HTGF/WZ2AR4LqA2G5SkoW9
mWoyuwKlQDW4aJekq5jLWIXXph6jHJYUezmzz/du2ljl
-----END CERTIFICATE-----
Generated at Tue May 5 19:06:24 2026 by rpki-client