Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bg5OuQwu_G2wxecDYapAVTrKZSU.roa
File: bg5OuQwu_G2wxecDYapAVTrKZSU.roa (raw, json)
Hash identifier: ggkhRBAvbvqvsvnY0841/FOrSyw9xDw7h9YsiZA8oaM=
Subject key identifier: 6E:0E:4E:B9:0C:2E:FC:6D:B0:C5:E7:03:61:AA:40:55:3A:CA:65:25
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D006692362E75680F25CA9F17E20E4A80
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bg5OuQwu_G2wxecDYapAVTrKZSU.roa
Signing time: Wed 18 Mar 2026 10:03:35 +0000
ROA not before: Wed 18 Mar 2026 10:03:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7488
IP address blocks: 87.76.196.0/24 maxlen: 24
87.76.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 08:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:66:92:36:2e:75:68:0f:25:ca:9f:17:e2:0e:4a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 18 10:03:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e0e4eb90c2efc6db0c5e70361aa40553aca6525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:33:15:76:d3:ec:e0:ab:f9:43:a9:76:ae:5e:
6e:d3:42:80:ed:cb:d9:71:dd:1d:be:6c:b3:04:7f:
e7:e3:10:59:31:af:d5:8c:6f:d6:22:b5:b8:fd:e9:
d6:b2:d3:0f:5d:b4:16:8a:ad:69:4d:2a:fe:58:eb:
70:88:fa:74:e8:61:1b:56:ca:01:86:db:e8:4b:26:
54:49:cc:cd:87:48:34:fc:6e:4e:7c:64:af:19:d3:
52:56:f5:a9:fa:b7:44:6b:b4:de:d8:c1:5b:81:91:
4b:d3:d3:a7:6d:34:f4:54:1d:04:e3:33:69:f8:62:
cf:59:0b:b6:af:fe:7b:0b:6e:ac:56:f1:63:ce:7a:
89:74:63:eb:1c:83:32:4c:58:13:e3:cf:62:52:38:
13:98:cb:67:91:36:18:03:2b:3d:01:5a:fd:b0:e1:
10:1d:43:ad:6b:60:ef:64:8f:c9:be:f9:eb:62:15:
14:58:a6:f7:6c:1a:af:47:e8:cf:00:ae:97:72:34:
99:43:a0:68:b2:2c:a7:f9:dd:5d:0a:c0:59:7a:89:
73:6c:54:6a:ec:ca:c5:63:7a:17:41:f2:b3:d7:37:
71:40:44:d7:d8:09:8b:5b:1d:68:29:45:64:6f:cd:
b6:3f:94:14:01:60:d9:a1:5a:a2:b3:67:f7:1b:7e:
c0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:0E:4E:B9:0C:2E:FC:6D:B0:C5:E7:03:61:AA:40:55:3A:CA:65:25
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bg5OuQwu_G2wxecDYapAVTrKZSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.196.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:2d:fb:3b:92:60:cd:48:20:c9:f6:f6:2b:96:2d:11:67:74:
d7:3c:9f:f5:e8:fd:43:8f:70:8e:71:0b:c1:6c:91:34:5f:41:
bf:bf:2f:80:83:18:15:df:8e:c9:df:08:c0:ff:6a:d1:d2:32:
55:5e:6f:ea:8f:7a:11:1f:1a:b2:53:6d:68:47:0c:bc:86:86:
93:8d:af:9a:6e:15:3c:69:08:8a:d1:1c:e7:e0:ad:1e:a7:32:
39:f0:6d:d9:c2:6e:d4:b4:d4:a7:7d:c1:7b:38:b2:08:3c:6c:
06:39:a8:0a:47:b1:15:cf:73:fb:44:9e:67:b6:31:2d:74:92:
62:1b:ea:66:ae:a5:41:70:c9:02:3f:95:8b:2e:c4:9e:e5:19:
50:ff:0e:b0:24:11:58:38:ad:f2:72:68:c1:87:11:d5:24:5c:
81:de:0f:b9:75:57:a8:48:2e:1a:fa:19:dc:d6:b4:c6:7b:2d:
09:5d:cd:bc:e1:e5:29:a4:a2:42:98:b9:03:88:29:0a:70:fa:
1c:e1:17:33:c6:ee:f0:db:3d:0d:55:3d:06:0f:08:b3:53:44:
7d:24:86:e7:0b:6b:ba:74:b2:f2:50:bf:11:d1:03:c9:17:b3:
7a:0e:c7:86:05:0c:ce:76:72:48:64:1b:4b:b7:8a:5e:44:6c:
d2:87:b1:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0AZpI2LnVoDyXKnxfiDkqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzE4MTAwMzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTBlNGViOTBjMmVmYzZkYjBjNWU3MDM2MWFhNDA1NTNhY2E2NTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzMVdtPs4Kv5Q6l2rl5u00KA7cvZ
cd0dvmyzBH/n4xBZMa/VjG/WIrW4/enWstMPXbQWiq1pTSr+WOtwiPp06GEbVsoB
htvoSyZUSczNh0g0/G5OfGSvGdNSVvWp+rdEa7Te2MFbgZFL09OnbTT0VB0E4zNp
+GLPWQu2r/57C26sVvFjznqJdGPrHIMyTFgT489iUjgTmMtnkTYYAys9AVr9sOEQ
HUOta2DvZI/JvvnrYhUUWKb3bBqvR+jPAK6XcjSZQ6Bosiyn+d1dCsBZeolzbFRq
7MrFY3oXQfKz1zdxQETX2AmLWx1oKUVkb822P5QUAWDZoVqis2f3G37AywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4OTrkMLvxtsMXnA2GqQFU6ymUlMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvYmc1T3VRd3VfRzJ3eGVjRFlhcEFWVHJLWlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBV0zEMA0G
CSqGSIb3DQEBCwUAA4IBAQAdLfs7kmDNSCDJ9vYrli0RZ3TXPJ/16P1Dj3COcQvB
bJE0X0G/vy+AgxgV347J3wjA/2rR0jJVXm/qj3oRHxqyU21oRwy8hoaTja+abhU8
aQiK0Rzn4K0epzI58G3Zwm7UtNSnfcF7OLIIPGwGOagKR7EVz3P7RJ5ntjEtdJJi
G+pmrqVBcMkCP5WLLsSe5RlQ/w6wJBFYOK3ycmjBhxHVJFyB3g+5dVeoSC4a+hnc
1rTGey0JXc284eUppKJCmLkDiCkKcPoc4Rczxu7w2z0NVT0GDwizU0R9JIbnC2u6
dLLyUL8R0QPJF7N6DseGBQzOdnJIZBtLt4peRGzSh7EP
-----END CERTIFICATE-----
Generated at Sat Mar 21 17:16:33 2026 by rpki-client