Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/kz0SnqMb25etTqf_6BsvQJO88GA.roa
File: kz0SnqMb25etTqf_6BsvQJO88GA.roa (raw, json)
Hash identifier: 8mH3LaFZVGi4pEhnqnjmyDnhtdK00KVtQXtBiEEMJP0=
Subject key identifier: 93:3D:12:9E:A3:1B:DB:97:AD:4E:A7:FF:E8:1B:2F:40:93:BC:F0:60
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019DCA5B30AC9B07D58C39D5C4B8A41B4695
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/kz0SnqMb25etTqf_6BsvQJO88GA.roa
Signing time: Sun 26 Apr 2026 15:14:26 +0000
ROA not before: Sun 26 Apr 2026 15:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 87.76.144.0/24 maxlen: 24
87.76.170.0/24 maxlen: 24
87.76.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 12:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ca:5b:30:ac:9b:07:d5:8c:39:d5:c4:b8:a4:1b:46:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 26 15:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=933d129ea31bdb97ad4ea7ffe81b2f4093bcf060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ff:f6:51:4f:bf:f1:a9:83:39:0d:f0:82:95:
09:a5:2c:a5:74:0f:01:1c:af:3a:ae:4c:8d:2f:86:
7f:c8:fa:2d:a7:6d:88:e5:49:cd:bd:a1:9e:52:e8:
bf:5f:37:d7:a0:a1:3e:26:33:46:b1:23:14:82:8f:
56:dd:c3:ea:07:c0:11:b6:29:0c:19:51:30:4b:84:
ec:99:d9:f1:10:0a:1f:e4:27:56:db:d3:53:2b:53:
db:2d:17:ea:2d:5b:75:92:61:a4:0f:f7:02:0b:14:
50:bd:05:0f:66:db:d2:a8:05:9c:47:c2:b6:ab:62:
a0:3a:61:56:58:7c:fe:69:b4:72:86:b1:93:d8:55:
fa:2b:70:60:81:bd:12:04:ad:e3:b3:87:42:bd:c0:
1b:ab:f6:27:64:f2:e0:3a:d1:2a:de:b6:ca:c1:cb:
7f:93:c0:09:d3:8d:7b:5f:0f:d4:13:ac:65:4b:f1:
a4:d8:8c:8f:98:26:63:6c:f3:8c:f2:d4:0d:c7:03:
92:14:85:40:2f:8d:b4:e7:07:e9:82:f2:04:08:af:
b5:88:e0:0b:6d:a4:0c:87:f4:b6:dd:3a:ca:4b:1c:
a0:fc:ee:37:36:27:ee:b4:04:61:e8:c4:16:0e:8a:
ec:2d:22:0a:ce:60:14:fa:4a:98:d2:b9:6d:74:89:
c6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3D:12:9E:A3:1B:DB:97:AD:4E:A7:FF:E8:1B:2F:40:93:BC:F0:60
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/kz0SnqMb25etTqf_6BsvQJO88GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.144.0/24
87.76.170.0/24
87.76.206.0/24
Signature Algorithm: sha256WithRSAEncryption
27:03:c4:f7:8f:7f:a4:71:c2:d3:f1:ff:22:4f:1d:10:5c:72:
ed:10:28:20:b0:99:e8:ed:e3:58:0f:e1:e7:c6:cc:1e:53:b2:
9c:6c:5d:9a:ed:fd:ed:12:1b:6e:1e:d0:ea:44:98:fd:44:3e:
11:d7:a4:7e:70:4d:b6:1b:66:6c:24:1f:49:0b:4c:d1:62:db:
1c:3f:90:e9:00:2b:c8:dc:76:c0:75:8c:a3:67:5e:e0:de:95:
b0:ba:45:7c:9e:86:0d:c5:82:29:12:b1:30:eb:ff:8f:19:bd:
0a:ef:4e:10:d7:f8:25:29:86:36:a7:6c:77:58:21:11:6c:15:
cd:00:e4:04:8b:a7:a2:5f:cd:a6:02:ef:04:57:3e:cd:21:97:
81:23:ea:4c:e0:e1:a3:ad:3a:18:e3:e1:1d:b5:d3:48:8e:6c:
37:34:27:46:e9:23:bc:df:70:79:6f:d4:6d:6c:4d:f2:e4:20:
61:d0:b9:90:50:74:fb:cd:ba:ab:8a:c9:b1:7f:6e:d5:17:0a:
07:97:46:ca:03:29:57:22:5f:87:af:6f:ef:f4:ac:c8:7e:bd:
29:6e:a7:db:d1:ac:4b:37:d0:cc:05:e8:6c:96:81:fd:de:a9:
1f:a1:33:14:f3:40:72:49:c3:d8:9f:46:96:a6:4d:21:18:5a:
4d:20:1e:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ3KWzCsmwfVjDnVxLikG0aVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDI2MTUxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzNkMTI5ZWEzMWJkYjk3YWQ0ZWE3ZmZlODFiMmY0MDkzYmNmMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv/2UU+/8amDOQ3wgpUJpSyldA8B
HK86rkyNL4Z/yPotp22I5UnNvaGeUui/XzfXoKE+JjNGsSMUgo9W3cPqB8ARtikM
GVEwS4TsmdnxEAof5CdW29NTK1PbLRfqLVt1kmGkD/cCCxRQvQUPZtvSqAWcR8K2
q2KgOmFWWHz+abRyhrGT2FX6K3Bggb0SBK3js4dCvcAbq/YnZPLgOtEq3rbKwct/
k8AJ0417Xw/UE6xlS/Gk2IyPmCZjbPOM8tQNxwOSFIVAL4205wfpgvIECK+1iOAL
baQMh/S23TrKSxyg/O43NifutARh6MQWDorsLSIKzmAU+kqY0rltdInGqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJM9Ep6jG9uXrU6n/+gbL0CTvPBgMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEva3owU25xTWIyNWV0VHFmXzZCc3ZRSk84OEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV0yQAwQA
V0yqAwQAV0zOMA0GCSqGSIb3DQEBCwUAA4IBAQAnA8T3j3+kccLT8f8iTx0QXHLt
ECggsJno7eNYD+HnxsweU7KcbF2a7f3tEhtuHtDqRJj9RD4R16R+cE22G2ZsJB9J
C0zRYtscP5DpACvI3HbAdYyjZ17g3pWwukV8noYNxYIpErEw6/+PGb0K704Q1/gl
KYY2p2x3WCERbBXNAOQEi6eiX82mAu8EVz7NIZeBI+pM4OGjrToY4+EdtdNIjmw3
NCdG6SO833B5b9RtbE3y5CBh0LmQUHT7zbqrismxf27VFwoHl0bKAylXIl+Hr2/v
9KzIfr0pbqfb0axLN9DMBehsloH93qkfoTMU80ByScPYn0aWpk0hGFpNIB53
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:25:40 2026 by rpki-client