Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ktoQ8uoyV3T_kfS_80LB-AFn4NE.roa
File: ktoQ8uoyV3T_kfS_80LB-AFn4NE.roa (raw, json)
Hash identifier: UCSiii3uvzhTKqBCeJAGr4Gz4Y+ti0G1/2Wn2jTOqA4=
Subject key identifier: 92:DA:10:F2:EA:32:57:74:FF:91:F4:BF:F3:42:C1:F8:01:67:E0:D1
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DB6C303D5E56B8B3A660D869AC69CE69C
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ktoQ8uoyV3T_kfS_80LB-AFn4NE.roa
Signing time: Wed 22 Apr 2026 19:55:26 +0000
ROA not before: Wed 22 Apr 2026 19:55:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214432
IP address blocks: 87.76.152.0/24 maxlen: 24
87.76.153.0/24 maxlen: 24
87.76.154.0/24 maxlen: 24
87.76.156.0/24 maxlen: 24
87.76.157.0/24 maxlen: 24
87.76.158.0/24 maxlen: 24
87.76.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Apr 2026 22:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b6:c3:03:d5:e5:6b:8b:3a:66:0d:86:9a:c6:9c:e6:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 22 19:55:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=92da10f2ea325774ff91f4bff342c1f80167e0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:6b:25:33:77:08:ba:1b:d8:b3:57:58:85:03:
1a:a9:13:d6:9d:33:f5:3c:ff:c6:d2:ac:5c:58:41:
ad:1f:e5:18:de:56:90:39:da:ea:62:1b:77:ee:4b:
b9:93:1a:a6:52:7c:2e:9c:ee:1f:56:f4:2a:3d:d0:
f3:70:84:1b:d8:a2:8b:26:eb:66:db:4c:95:99:c5:
da:06:7d:7e:ea:a5:e9:b3:d9:24:43:44:69:de:0e:
66:65:ef:83:30:d2:06:6c:a1:e5:d9:44:f9:d8:97:
dc:08:cb:fd:7f:09:7e:16:f0:ff:43:a1:1e:4b:2a:
d5:b4:6e:fd:7b:76:f9:4a:3f:4d:4b:32:1a:ae:6e:
1f:cb:e1:48:d8:f2:e0:65:86:6c:b5:0f:ee:34:24:
17:2f:dd:e9:6c:28:78:8e:a1:ff:b3:df:66:b9:35:
e7:02:d1:0a:e8:f9:d6:a7:f5:bb:81:46:ba:06:82:
52:1f:f6:7e:9c:56:d6:f3:44:6a:45:c6:83:7e:d6:
b7:d9:8e:f2:74:32:88:51:f8:43:a5:af:34:62:dd:
c0:31:9b:0f:fb:a5:f6:de:fb:26:45:3c:ac:34:ac:
a4:7b:82:54:dd:ee:d1:3b:2e:f4:82:10:50:4e:e0:
30:81:22:3e:df:90:bc:45:ce:bb:57:c3:c4:b5:b0:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DA:10:F2:EA:32:57:74:FF:91:F4:BF:F3:42:C1:F8:01:67:E0:D1
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ktoQ8uoyV3T_kfS_80LB-AFn4NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.152.0-87.76.154.255
87.76.156.0/22
Signature Algorithm: sha256WithRSAEncryption
22:bc:26:ac:06:52:18:4d:31:97:9b:dd:e5:fb:cc:5a:52:cf:
69:fe:de:9b:b9:5e:8d:f5:7f:ae:fe:3c:58:8f:6b:3b:40:b3:
bd:63:43:48:5f:b7:e7:f2:a7:8c:f1:94:81:a6:b9:96:e5:ef:
a0:4d:9d:75:27:e4:bf:94:f6:ff:c9:fa:5c:40:ee:35:3b:cd:
df:8d:2c:f6:62:89:0f:97:c1:03:a6:4e:08:b3:6a:55:73:bc:
06:54:06:61:49:d2:e5:b0:db:da:71:42:7e:5e:08:c9:2b:53:
f0:e6:93:70:4d:95:16:af:d2:16:38:a5:74:c4:71:00:23:40:
6d:c0:3c:4a:72:07:e7:9f:cf:f3:e1:9a:86:f4:50:fc:db:5b:
8a:6a:a9:4d:0d:ba:93:07:b8:a0:d1:98:a8:7a:24:a8:f6:2a:
90:89:00:49:af:5d:5e:49:46:51:96:9a:80:4e:6a:4c:b1:b1:
e2:1e:9c:ff:94:2e:06:e5:0a:78:44:07:d3:ac:5a:28:4f:df:
3e:a2:8e:de:18:e4:91:65:11:c9:b4:9b:fa:2f:8a:6d:98:01:
0d:25:38:e8:75:9b:10:f8:63:f9:44:c2:4f:48:9e:39:2c:46:
f6:05:af:ef:c4:fc:39:3f:64:9f:3c:c2:1d:ca:81:b3:e7:14:
6b:af:4b:ce
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ22wwPV5WuLOmYNhprGnOacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDIyMTk1NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRhMTBmMmVhMzI1Nzc0ZmY5MWY0YmZmMzQyYzFmODAxNjdlMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmslM3cIuhvYs1dYhQMaqRPWnTP1
PP/G0qxcWEGtH+UY3laQOdrqYht37ku5kxqmUnwunO4fVvQqPdDzcIQb2KKLJutm
20yVmcXaBn1+6qXps9kkQ0Rp3g5mZe+DMNIGbKHl2UT52JfcCMv9fwl+FvD/Q6Ee
SyrVtG79e3b5Sj9NSzIarm4fy+FI2PLgZYZstQ/uNCQXL93pbCh4jqH/s99muTXn
AtEK6PnWp/W7gUa6BoJSH/Z+nFbW80RqRcaDfta32Y7ydDKIUfhDpa80Yt3AMZsP
+6X23vsmRTysNKyke4JU3e7ROy70ghBQTuAwgSI+35C8Rc67V8PEtbCSXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJLaEPLqMld0/5H0v/NCwfgBZ+DRMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEva3RvUTh1b3lWM1Rfa2ZTXzgwTEItQUZuNE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANXTJgD
BABXTJoDBAJXTJwwDQYJKoZIhvcNAQELBQADggEBACK8JqwGUhhNMZeb3eX7zFpS
z2n+3pu5Xo31f67+PFiPaztAs71jQ0hft+fyp4zxlIGmuZbl76BNnXUn5L+U9v/J
+lxA7jU7zd+NLPZiiQ+XwQOmTgizalVzvAZUBmFJ0uWw29pxQn5eCMkrU/Dmk3BN
lRav0hY4pXTEcQAjQG3APEpyB+efz/Phmob0UPzbW4pqqU0NupMHuKDRmKh6JKj2
KpCJAEmvXV5JRlGWmoBOakyxseIenP+ULgblCnhEB9OsWihP3z6ijt4Y5JFlEcm0
m/ovim2YAQ0lOOh1mxD4Y/lEwk9InjksRvYFr+/E/Dk/ZJ88wh3KgbPnFGuvS84=
-----END CERTIFICATE-----
Generated at Mon Apr 27 07:55:12 2026 by rpki-client