Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/d_Q2Xo8S83QsFNjI8cw4TRGfwPM.roa
File: d_Q2Xo8S83QsFNjI8cw4TRGfwPM.roa (raw, json)
Hash identifier: USplNRwO3RhH4WEU8t5lfT2V671IR0e0Fd4Y72aGlZE=
Subject key identifier: 77:F4:36:5E:8F:12:F3:74:2C:14:D8:C8:F1:CC:38:4D:11:9F:C0:F3
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DB026A4B335B0212BFD73E46252912B1C
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/d_Q2Xo8S83QsFNjI8cw4TRGfwPM.roa
Signing time: Tue 21 Apr 2026 13:06:55 +0000
ROA not before: Tue 21 Apr 2026 13:06:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35661
IP address blocks: 87.76.165.0/24 maxlen: 24
87.76.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:26:a4:b3:35:b0:21:2b:fd:73:e4:62:52:91:2b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 21 13:06:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77f4365e8f12f3742c14d8c8f1cc384d119fc0f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e8:44:48:91:f6:c0:d6:0c:e1:01:27:3a:03:
3a:8e:19:e9:10:e1:d6:00:4f:8a:ea:19:b0:27:15:
39:7c:76:f3:fe:a8:93:53:57:e9:7c:61:bc:cd:14:
45:eb:b9:63:a2:0b:ac:5f:a6:f3:b9:98:cd:df:d3:
c5:02:f2:fc:5e:83:ae:24:e0:1a:b0:25:11:0b:6f:
fc:a6:05:56:60:60:07:f4:7a:42:cb:fe:95:05:72:
0e:55:99:78:a9:a6:f0:de:4e:76:de:14:a1:c2:15:
63:ab:f4:c7:a4:f3:1d:7b:c7:e8:fa:95:45:54:c4:
fd:61:7c:9f:8e:52:f9:6c:95:9b:c6:48:20:d7:fa:
1f:0c:99:95:e1:bd:38:c2:4d:7a:0b:90:4b:86:67:
92:a7:27:ea:c2:8c:4a:c8:05:6d:5c:87:fa:89:1d:
5e:b8:2e:0e:0b:03:eb:bd:1f:1e:7d:96:a5:1b:31:
c6:6c:b5:c6:66:81:c5:35:4d:4e:ce:bb:d6:c0:52:
78:8c:5b:82:a9:7c:06:18:b9:63:7a:5e:80:45:b9:
3d:da:a4:9a:9a:ca:f5:ae:ba:e2:cf:f4:9e:35:1c:
3a:cd:bb:14:8a:15:16:c3:28:f1:de:ca:06:39:7b:
94:93:02:24:e2:4a:02:67:53:2e:7e:f9:6b:65:f5:
29:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F4:36:5E:8F:12:F3:74:2C:14:D8:C8:F1:CC:38:4D:11:9F:C0:F3
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/d_Q2Xo8S83QsFNjI8cw4TRGfwPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.165.0/24
87.76.167.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:dd:f8:36:c8:a9:b9:62:78:0c:01:9f:ff:1a:b5:b8:2a:04:
ad:1e:64:7b:cb:1e:7a:5c:d7:e8:17:97:63:51:9b:a5:53:c5:
8a:e9:ef:1d:51:78:c5:0f:3c:f3:28:26:ac:83:83:64:b7:98:
6c:75:9a:ad:b5:98:10:ae:61:7f:66:df:92:7d:df:40:bd:96:
81:2c:b2:4d:a1:65:02:21:96:26:a2:0f:56:cc:9b:bd:85:2a:
a6:99:fa:66:15:42:85:c0:ae:44:84:f9:02:98:ac:39:33:eb:
96:a2:a4:a6:1f:9f:b2:df:e2:23:05:91:3f:87:87:1c:16:24:
4c:78:61:e5:55:ea:3c:90:f6:d3:c4:03:51:a2:d5:ab:0e:5b:
40:3d:19:a8:e7:40:46:91:8e:f9:97:88:80:01:3c:2a:99:f1:
3d:28:71:00:c6:8a:57:cd:6b:17:35:98:8b:f3:27:ff:8d:76:
13:e3:52:35:c1:a8:5f:91:38:e1:ea:3b:4a:c8:5b:76:e5:3a:
9c:08:49:ea:9d:da:31:4e:6e:16:64:0e:5f:b7:90:19:f7:52:
50:a1:2d:f9:c2:aa:12:60:8c:36:cd:d6:7b:8f:20:b8:e2:f6:
2b:77:d7:01:1b:66:61:ea:8b:f2:d8:a8:a3:d2:44:d5:c3:b2:
93:fe:67:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2wJqSzNbAhK/1z5GJSkSscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDIxMTMwNjU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2Y0MzY1ZThmMTJmMzc0MmMxNGQ4YzhmMWNjMzg0ZDExOWZjMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8uhESJH2wNYM4QEnOgM6jhnpEOHW
AE+K6hmwJxU5fHbz/qiTU1fpfGG8zRRF67ljogusX6bzuZjN39PFAvL8XoOuJOAa
sCURC2/8pgVWYGAH9HpCy/6VBXIOVZl4qabw3k523hShwhVjq/THpPMde8fo+pVF
VMT9YXyfjlL5bJWbxkgg1/ofDJmV4b04wk16C5BLhmeSpyfqwoxKyAVtXIf6iR1e
uC4OCwPrvR8efZalGzHGbLXGZoHFNU1OzrvWwFJ4jFuCqXwGGLljel6ARbk92qSa
msr1rrriz/SeNRw6zbsUihUWwyjx3soGOXuUkwIk4koCZ1MufvlrZfUpywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHf0Nl6PEvN0LBTYyPHMOE0Rn8DzMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvZF9RMlhvOFM4M1FzRk5qSThjdzRUUkdmd1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0ylAwQA
V0ynMA0GCSqGSIb3DQEBCwUAA4IBAQBq3fg2yKm5YngMAZ//GrW4KgStHmR7yx56
XNfoF5djUZulU8WK6e8dUXjFDzzzKCasg4Nkt5hsdZqttZgQrmF/Zt+Sfd9AvZaB
LLJNoWUCIZYmog9WzJu9hSqmmfpmFUKFwK5EhPkCmKw5M+uWoqSmH5+y3+IjBZE/
h4ccFiRMeGHlVeo8kPbTxANRotWrDltAPRmo50BGkY75l4iAATwqmfE9KHEAxopX
zWsXNZiL8yf/jXYT41I1wahfkTjh6jtKyFt25TqcCEnqndoxTm4WZA5ft5AZ91JQ
oS35wqoSYIw2zdZ7jyC44vYrd9cBG2Zh6ovy2Kij0kTVw7KT/mfX
-----END CERTIFICATE-----
Generated at Mon Apr 27 21:55:11 2026 by rpki-client