Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/jTcRuqG0JTKoQvDOw8yk10gd0Cs.roa
File: jTcRuqG0JTKoQvDOw8yk10gd0Cs.roa (raw, json)
Hash identifier: vlFtsnxJxK68ZI4TL8J2yX6eoW7VY/Bg0VWtLmOeigg=
Subject key identifier: 8D:37:11:BA:A1:B4:25:32:A8:42:F0:CE:C3:CC:A4:D7:48:1D:D0:2B
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019EF5A2504C7A206C0EE6AAF7F4C525D75E
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/jTcRuqG0JTKoQvDOw8yk10gd0Cs.roa
Signing time: Tue 23 Jun 2026 17:58:35 +0000
ROA not before: Tue 23 Jun 2026 17:58:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 87.76.178.0/24 maxlen: 24
87.76.189.0/24 maxlen: 24
87.76.210.0/24 maxlen: 24
87.76.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f5:a2:50:4c:7a:20:6c:0e:e6:aa:f7:f4:c5:25:d7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Jun 23 17:58:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d3711baa1b42532a842f0cec3cca4d7481dd02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e1:23:46:fb:fd:f2:e9:16:95:53:26:06:3a:
c3:e0:52:df:d1:15:47:44:bf:b1:3d:55:60:99:33:
90:87:42:c8:7b:e9:bf:cd:02:5e:36:11:42:9a:43:
0e:ed:5e:5a:cd:5e:2c:f9:1d:f0:8d:80:46:25:ab:
cf:a0:d9:31:c9:d7:72:0b:89:5b:91:aa:bb:8f:56:
a7:c5:36:e7:94:b9:dd:7d:f2:b5:23:a9:9a:af:32:
dc:c0:24:a6:10:bc:22:2d:89:d8:cc:51:1e:3d:cc:
4a:69:1a:95:22:b1:a4:c0:ec:f4:06:87:62:84:ce:
40:03:da:f8:62:08:d9:32:e6:23:d0:78:86:1e:04:
8e:23:95:8d:c8:5d:d0:92:7f:e7:26:30:9f:9e:be:
68:7f:64:03:82:a9:62:c2:a7:fd:39:14:e6:47:78:
85:64:cd:72:cc:65:f1:52:b1:a3:47:a4:82:46:2a:
ce:97:9a:e2:a1:23:ff:9d:b7:58:cc:07:9f:b4:4a:
cd:02:45:26:ad:da:57:fa:89:79:ac:a1:71:ee:c1:
d1:71:5d:5e:ef:53:be:08:78:f0:c7:a9:7d:9d:be:
32:6a:0a:43:8d:30:07:6e:9d:76:fa:14:9d:7f:df:
ab:f9:6f:a9:e7:ac:29:72:94:ab:46:a7:52:88:b9:
4a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:37:11:BA:A1:B4:25:32:A8:42:F0:CE:C3:CC:A4:D7:48:1D:D0:2B
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/jTcRuqG0JTKoQvDOw8yk10gd0Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.178.0/24
87.76.189.0/24
87.76.210.0/24
87.76.223.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:47:66:cc:3b:f8:41:a1:d2:59:f6:7f:0c:2e:fe:01:0c:e5:
37:07:92:5c:82:4b:d8:38:7f:ad:86:ff:a5:e7:73:92:fe:be:
00:3d:14:3c:32:d5:3d:5f:e8:8b:71:7f:21:0c:90:87:d5:65:
6c:3f:8c:41:47:cb:75:53:ba:4c:2f:11:f1:b9:00:62:f4:4c:
ca:d1:2a:2e:9c:8c:16:63:ab:e5:69:b1:60:6f:fd:aa:72:f4:
1a:c9:4d:bd:40:c2:76:07:a9:c9:a6:e2:6d:b2:57:c4:9a:06:
0b:4f:75:89:8a:9c:2d:22:20:e1:fb:49:28:4d:2f:e5:ca:dc:
56:bf:9a:72:6e:e3:52:f3:dc:f4:40:d1:67:4a:99:35:f1:aa:
ff:eb:1e:ee:a7:c7:8d:eb:38:c2:62:02:37:cd:05:00:7e:ad:
e1:da:96:14:54:bb:4e:20:9b:85:37:c1:dc:07:47:fd:63:42:
45:ef:9b:b6:83:29:cd:26:57:ea:09:bb:7b:6d:02:4f:cc:d9:
01:57:92:41:6a:6b:dd:1a:96:f1:ca:c1:e3:18:4b:9d:8e:67:
29:8a:b5:9e:73:f8:96:09:a5:7c:c4:91:c9:85:cd:b8:d7:e4:
e1:32:42:cb:f6:80:c6:5f:62:37:4f:de:0c:cf:8d:86:6d:89:
8b:99:c9:05
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ71olBMeiBsDuaq9/TFJddeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNjIzMTc1ODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM3MTFiYWExYjQyNTMyYTg0MmYwY2VjM2NjYTRkNzQ4MWRkMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuEjRvv98ukWlVMmBjrD4FLf0RVH
RL+xPVVgmTOQh0LIe+m/zQJeNhFCmkMO7V5azV4s+R3wjYBGJavPoNkxyddyC4lb
kaq7j1anxTbnlLndffK1I6marzLcwCSmELwiLYnYzFEePcxKaRqVIrGkwOz0Bodi
hM5AA9r4YgjZMuYj0HiGHgSOI5WNyF3Qkn/nJjCfnr5of2QDgqliwqf9ORTmR3iF
ZM1yzGXxUrGjR6SCRirOl5rioSP/nbdYzAeftErNAkUmrdpX+ol5rKFx7sHRcV1e
71O+CHjwx6l9nb4yagpDjTAHbp12+hSdf9+r+W+p56wpcpSrRqdSiLlK5QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI03EbqhtCUyqELwzsPMpNdIHdArMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvalRjUnVxRzBKVEtvUXZET3c4eWsxMGdkMENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV0yyAwQA
V0y9AwQAV0zSAwQAV0zfMA0GCSqGSIb3DQEBCwUAA4IBAQAfR2bMO/hBodJZ9n8M
Lv4BDOU3B5JcgkvYOH+thv+l53OS/r4APRQ8MtU9X+iLcX8hDJCH1WVsP4xBR8t1
U7pMLxHxuQBi9EzK0SounIwWY6vlabFgb/2qcvQayU29QMJ2B6nJpuJtslfEmgYL
T3WJipwtIiDh+0koTS/lytxWv5pybuNS89z0QNFnSpk18ar/6x7up8eN6zjCYgI3
zQUAfq3h2pYUVLtOIJuFN8HcB0f9Y0JF75u2gynNJlfqCbt7bQJPzNkBV5JBamvd
GpbxysHjGEudjmcpirWec/iWCaV8xJHJhc241+ThMkLL9oDGX2I3T94Mz42GbYmL
mckF
-----END CERTIFICATE-----
Generated at Sat Jun 27 20:30:04 2026 by rpki-client