Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/rv29Y-Se-dlfjiaMH4LR7_CH8Do.roa
File: rv29Y-Se-dlfjiaMH4LR7_CH8Do.roa (raw, json)
Hash identifier: OigvNSFktzssOn+ILEtRq8A3vfWSLuzRHKpSxAHiVx0=
Subject key identifier: AE:FD:BD:63:E4:9E:F9:D9:5F:8E:26:8C:1F:82:D1:EF:F0:87:F0:3A
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019EFF83836CD428E5AB2AAA3AA912EA783B
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/rv29Y-Se-dlfjiaMH4LR7_CH8Do.roa
Signing time: Thu 25 Jun 2026 16:01:09 +0000
ROA not before: Thu 25 Jun 2026 16:01:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25369
IP address blocks: 87.76.144.0/24 maxlen: 24
87.76.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 13:58:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:83:83:6c:d4:28:e5:ab:2a:aa:3a:a9:12:ea:78:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Jun 25 16:01:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aefdbd63e49ef9d95f8e268c1f82d1eff087f03a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:79:02:da:b9:ac:70:9f:aa:cc:98:6e:4c:87:
ef:27:d1:43:86:2b:4b:21:e6:6f:ae:f5:54:9f:51:
24:4f:a5:b4:d0:24:c3:10:45:32:34:1b:53:c0:8d:
43:88:cf:f5:c4:91:83:28:6f:28:15:f8:07:9c:c0:
2c:21:4b:5d:5f:34:ae:fd:6c:19:71:61:2d:e3:e2:
ad:f9:bb:37:68:28:ac:68:fe:62:2e:d7:57:29:5e:
9d:40:6b:8d:cc:16:7b:8a:aa:2e:01:dd:44:7d:2c:
46:6c:1e:11:80:70:52:28:2a:df:be:6d:78:1b:8a:
2e:f0:4f:c7:3b:17:e6:2b:fc:a2:bd:67:0b:fc:d7:
90:eb:58:32:ee:d5:46:a6:ea:07:b6:f7:25:8b:7c:
43:98:7c:cc:35:8a:b8:ed:82:29:2a:6b:16:50:82:
e5:cf:8b:cd:26:26:97:67:b0:bc:d8:2b:fa:c9:35:
11:75:a7:56:09:5f:43:77:93:e1:80:df:95:1f:8c:
ab:11:e2:4f:e9:40:e8:57:3f:18:6d:9f:8e:2f:59:
7f:5b:5b:d5:ee:f0:62:d8:c4:f3:73:72:c9:99:53:
7a:ee:dd:a4:99:86:00:19:2c:72:15:73:a6:6c:6e:
79:90:4d:d0:6b:f1:9f:77:33:8b:0b:12:aa:f0:b6:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FD:BD:63:E4:9E:F9:D9:5F:8E:26:8C:1F:82:D1:EF:F0:87:F0:3A
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/rv29Y-Se-dlfjiaMH4LR7_CH8Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.144.0/24
87.76.173.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:27:fd:58:a0:95:0d:14:92:0f:49:b6:a2:21:ed:c3:11:a8:
e1:6f:bc:aa:87:9f:3c:7c:16:d6:11:e4:14:ab:78:78:5a:45:
3e:6c:60:64:4c:9d:0e:4e:17:9f:b4:7e:29:e2:5c:ae:fa:45:
fa:96:53:ca:69:3f:ca:f9:50:af:ef:64:f5:7d:b3:2d:b7:3f:
44:8c:f2:bb:77:33:83:e7:bf:ea:89:e0:5d:b0:04:93:18:b8:
4d:f9:8b:87:6d:45:e1:82:84:d7:5a:b3:c7:47:5d:8d:15:9c:
69:4e:5a:d5:b4:ad:14:fb:26:86:e1:1e:3b:33:17:36:ee:9b:
e8:68:68:18:6f:14:a9:de:83:ff:6d:0a:d8:5a:51:20:cf:1b:
41:a8:30:36:0a:97:70:78:0e:d3:74:c5:a9:ff:bb:48:35:b5:
d3:a6:3a:e9:b7:67:3c:cf:bc:ff:bb:04:95:6b:f1:5a:b5:e7:
61:43:d2:41:55:80:7b:5f:7a:0f:16:3e:4b:b2:43:6e:7c:6f:
51:73:87:8c:39:b9:f0:2d:fe:48:e2:6d:5e:41:61:2d:a2:c8:
49:16:4b:82:64:e7:2e:31:d9:f7:03:87:6a:ca:47:1a:3d:f1:
36:ef:ab:11:ad:47:c9:e8:45:35:11:00:e5:c3:df:00:ac:46:
92:1d:fe:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7/g4Ns1CjlqyqqOqkS6ng7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNjI1MTYwMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZkYmQ2M2U0OWVmOWQ5NWY4ZTI2OGMxZjgyZDFlZmYwODdmMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXkC2rmscJ+qzJhuTIfvJ9FDhitL
IeZvrvVUn1EkT6W00CTDEEUyNBtTwI1DiM/1xJGDKG8oFfgHnMAsIUtdXzSu/WwZ
cWEt4+Kt+bs3aCisaP5iLtdXKV6dQGuNzBZ7iqouAd1EfSxGbB4RgHBSKCrfvm14
G4ou8E/HOxfmK/yivWcL/NeQ61gy7tVGpuoHtvcli3xDmHzMNYq47YIpKmsWUILl
z4vNJiaXZ7C82Cv6yTURdadWCV9Dd5PhgN+VH4yrEeJP6UDoVz8YbZ+OL1l/W1vV
7vBi2MTzc3LJmVN67t2kmYYAGSxyFXOmbG55kE3Qa/GfdzOLCxKq8La3vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK79vWPknvnZX44mjB+C0e/wh/A6MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvcnYyOVktU2UtZGxmamlhTUg0TFI3X0NIOERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0yQAwQA
V0ytMA0GCSqGSIb3DQEBCwUAA4IBAQBPJ/1YoJUNFJIPSbaiIe3DEajhb7yqh588
fBbWEeQUq3h4WkU+bGBkTJ0OTheftH4p4lyu+kX6llPKaT/K+VCv72T1fbMttz9E
jPK7dzOD57/qieBdsASTGLhN+YuHbUXhgoTXWrPHR12NFZxpTlrVtK0U+yaG4R47
Mxc27pvoaGgYbxSp3oP/bQrYWlEgzxtBqDA2CpdweA7TdMWp/7tINbXTpjrpt2c8
z7z/uwSVa/FatedhQ9JBVYB7X3oPFj5LskNufG9Rc4eMObnwLf5I4m1eQWEtoshJ
FkuCZOcuMdn3A4dqykcaPfE276sRrUfJ6EU1EQDlw98ArEaSHf5w
-----END CERTIFICATE-----
Generated at Sat Jun 27 20:29:24 2026 by rpki-client