Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/hal7FCMikl01cUDUh8r-YChq11U.roa
File: hal7FCMikl01cUDUh8r-YChq11U.roa (raw, json)
Hash identifier: 5COUp1k8wj8qqe0DwieQlHOjm5ms7zEHlUXMSxpVt80=
Subject key identifier: 85:A9:7B:14:23:22:92:5D:35:71:40:D4:87:CA:FE:60:28:6A:D7:55
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E89FDB9EFD4EF500597F87A36806148F6
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/hal7FCMikl01cUDUh8r-YChq11U.roa
Signing time: Tue 02 Jun 2026 20:19:27 +0000
ROA not before: Tue 02 Jun 2026 20:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 87.76.172.0/24 maxlen: 24
87.76.174.0/24 maxlen: 24
87.76.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 20:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:89:fd:b9:ef:d4:ef:50:05:97:f8:7a:36:80:61:48:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Jun 2 20:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=85a97b142322925d357140d487cafe60286ad755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:96:79:2a:07:ba:d9:3c:bf:f1:37:93:73:f9:
76:0c:88:8c:c3:a7:47:7e:b3:c9:df:45:63:2b:65:
97:58:d6:2a:f6:39:2e:e0:16:2e:f7:1c:61:1e:01:
c2:23:e8:40:49:c4:a5:d6:1b:35:75:65:a5:5c:7e:
ea:36:a4:42:84:d7:9e:a9:14:10:4e:17:72:41:68:
88:80:ee:6f:af:b0:a1:e3:10:bd:0e:bc:a7:6d:fd:
4f:e0:e3:30:82:70:4e:fc:bc:c8:09:8f:67:fd:72:
04:76:10:5f:72:81:f0:b1:3a:64:70:af:53:37:a0:
33:2b:d8:a7:e5:5d:d3:9a:fc:e8:ba:c8:fc:38:53:
36:d3:60:bc:dd:3e:df:a6:b2:32:5d:55:94:65:16:
b4:19:4d:f7:63:82:d6:1a:61:7d:d5:ed:15:8a:3e:
6b:f7:5e:46:26:06:d3:37:f3:ad:c7:d1:36:84:ce:
14:ce:9b:b1:39:31:6f:e8:51:74:25:cf:cc:ec:c8:
18:28:e8:99:21:61:6d:74:45:93:ab:2d:ea:2d:ef:
a5:fe:5d:5b:4f:74:cc:06:42:d0:5a:5f:b4:b9:8d:
5f:1e:69:c2:aa:2e:54:56:f4:fe:25:49:6a:0b:62:
b3:77:03:9a:84:a4:f1:c1:8a:e1:16:eb:ea:91:29:
e4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A9:7B:14:23:22:92:5D:35:71:40:D4:87:CA:FE:60:28:6A:D7:55
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/hal7FCMikl01cUDUh8r-YChq11U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.172.0/24
87.76.174.0/23
Signature Algorithm: sha256WithRSAEncryption
26:a7:e5:0e:64:f8:d4:6e:30:50:b4:08:4b:66:39:81:5d:07:
f3:d4:a5:2a:34:7d:46:68:ae:d5:55:34:a8:5d:76:34:f3:b9:
8e:c9:fa:ba:be:c0:0d:ac:75:71:45:d9:16:a2:4f:9e:a3:17:
7e:74:c9:8e:16:f9:9a:bf:0d:95:66:6c:e5:2d:a4:a5:8f:d2:
49:01:9d:43:84:ab:51:6f:96:4f:77:63:7c:30:27:57:72:be:
af:48:70:9a:dc:f3:6c:0c:72:94:8f:7d:b9:58:e0:30:4b:b7:
e8:6a:ad:69:eb:eb:0d:e4:5a:14:7c:4a:0f:e4:97:90:e2:57:
12:81:95:d9:83:1e:16:12:0b:cf:6f:ee:2f:84:52:f3:e3:67:
4b:62:ae:16:9e:87:9f:43:98:01:04:3c:b8:bb:79:87:7d:37:
16:18:f5:60:a3:8f:19:f1:fd:da:2a:12:63:ba:0a:96:00:b6:
3f:09:5a:b9:71:0b:d1:a9:ee:6e:10:32:13:b3:00:98:2f:c0:
ce:3d:3c:e7:96:e5:d9:7a:ca:b7:5b:2a:cb:a8:30:f4:8d:57:
85:43:1e:d4:e0:f1:ea:0c:37:cb:b7:8d:69:78:15:7c:67:f4:
8b:9e:cb:03:7a:44:18:e1:e8:e9:08:1e:2c:3c:af:13:06:5b:
af:1a:70:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6J/bnv1O9QBZf4ejaAYUj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNjAyMjAxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWE5N2IxNDIzMjI5MjVkMzU3MTQwZDQ4N2NhZmU2MDI4NmFkNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JZ5Kge62Ty/8TeTc/l2DIiMw6dH
frPJ30VjK2WXWNYq9jku4BYu9xxhHgHCI+hAScSl1hs1dWWlXH7qNqRChNeeqRQQ
ThdyQWiIgO5vr7Ch4xC9Drynbf1P4OMwgnBO/LzICY9n/XIEdhBfcoHwsTpkcK9T
N6AzK9in5V3Tmvzousj8OFM202C83T7fprIyXVWUZRa0GU33Y4LWGmF91e0Vij5r
915GJgbTN/Otx9E2hM4UzpuxOTFv6FF0Jc/M7MgYKOiZIWFtdEWTqy3qLe+l/l1b
T3TMBkLQWl+0uY1fHmnCqi5UVvT+JUlqC2KzdwOahKTxwYrhFuvqkSnkvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIWpexQjIpJdNXFA1IfK/mAoatdVMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvaGFsN0ZDTWlrbDAxY1VEVWg4ci1ZQ2hxMTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0ysAwQB
V0yuMA0GCSqGSIb3DQEBCwUAA4IBAQAmp+UOZPjUbjBQtAhLZjmBXQfz1KUqNH1G
aK7VVTSoXXY087mOyfq6vsANrHVxRdkWok+eoxd+dMmOFvmavw2VZmzlLaSlj9JJ
AZ1DhKtRb5ZPd2N8MCdXcr6vSHCa3PNsDHKUj325WOAwS7foaq1p6+sN5FoUfEoP
5JeQ4lcSgZXZgx4WEgvPb+4vhFLz42dLYq4WnoefQ5gBBDy4u3mHfTcWGPVgo48Z
8f3aKhJjugqWALY/CVq5cQvRqe5uEDITswCYL8DOPTznluXZesq3WyrLqDD0jVeF
Qx7U4PHqDDfLt41peBV8Z/SLnssDekQY4ejpCB4sPK8TBluvGnBI
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:35 2026 by rpki-client