Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/w77YcBe59BDtWnVwW7XqnnaTdQE.roa
File: w77YcBe59BDtWnVwW7XqnnaTdQE.roa (raw, json)
Hash identifier: JQFfEF+YM0eYenrXEJeJIEEhPUOe0fsHE9K8Nre7KRc=
Subject key identifier: C3:BE:D8:70:17:B9:F4:10:ED:5A:75:70:5B:B5:EA:9E:76:93:75:01
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E54D8386EFF1E2019967C241274FEACF2
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/w77YcBe59BDtWnVwW7XqnnaTdQE.roa
Signing time: Sat 23 May 2026 12:38:36 +0000
ROA not before: Sat 23 May 2026 12:38:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 87.76.152.0/24 maxlen: 24
87.76.153.0/24 maxlen: 24
87.76.154.0/24 maxlen: 24
87.76.156.0/24 maxlen: 24
87.76.157.0/24 maxlen: 24
87.76.158.0/24 maxlen: 24
87.76.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 May 2026 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:d8:38:6e:ff:1e:20:19:96:7c:24:12:74:fe:ac:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 23 12:38:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3bed87017b9f410ed5a75705bb5ea9e76937501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:08:4b:34:74:f3:54:3c:55:00:fd:e2:71:fa:
8d:2a:c2:dd:7a:af:b0:69:15:ea:7b:99:ae:a7:0b:
c8:7a:3a:70:b3:04:c2:4d:4e:d9:d0:77:71:05:e0:
98:1d:e4:1c:4f:92:a9:a1:1f:e4:56:9d:41:41:7b:
20:36:6c:d3:e5:22:1d:26:6f:0e:17:60:ac:89:fa:
28:93:b1:cd:e7:81:5f:e8:b0:6b:9f:77:04:60:46:
e1:47:21:73:82:ed:ab:fa:10:31:8d:a8:5e:4f:70:
2f:73:c0:b1:d4:09:79:38:f1:43:dc:2c:d9:be:f1:
aa:03:f7:cc:8f:4d:9c:6c:db:4a:fb:ed:e5:91:d4:
49:e3:cc:37:9c:38:e1:2b:02:9a:0e:fd:77:7a:21:
33:71:da:1e:ff:50:db:a4:0d:8f:9f:c4:39:9e:38:
7b:f5:ba:34:6b:f7:9a:fc:03:ae:3b:92:93:50:ee:
c4:22:65:47:b6:76:60:b3:99:0d:f5:95:ec:a4:12:
54:a5:61:7d:39:7f:2e:36:7c:6a:af:97:27:34:6a:
17:40:14:02:6b:71:28:dc:97:b7:e7:f9:44:5c:f4:
28:f8:f4:77:b6:01:41:d2:18:38:f4:1e:77:6c:6f:
e4:73:55:5d:5f:13:ad:88:93:34:40:0b:c0:07:be:
c0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:BE:D8:70:17:B9:F4:10:ED:5A:75:70:5B:B5:EA:9E:76:93:75:01
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/w77YcBe59BDtWnVwW7XqnnaTdQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.152.0-87.76.154.255
87.76.156.0/22
Signature Algorithm: sha256WithRSAEncryption
87:4d:16:37:ff:f9:09:e7:0c:8e:ea:8c:1d:ea:90:84:8c:eb:
25:e6:77:6a:e8:d5:51:46:83:c9:3e:22:ac:29:29:a1:83:61:
3b:9a:b2:9b:a2:bd:10:32:9a:86:1e:44:c6:a9:d8:d1:a7:95:
26:33:23:29:c6:ed:a6:58:cf:2b:73:e2:c5:c2:a3:32:12:74:
35:9e:58:c9:2b:89:e4:e9:0e:f9:e6:1b:08:e8:7e:26:70:ee:
6c:df:6d:c3:fe:47:29:da:78:eb:6e:8b:b9:fe:25:9e:af:48:
8b:83:90:72:89:f7:27:be:4e:45:2b:7d:bc:15:98:a3:41:81:
ed:a6:7b:41:03:bb:1d:e3:ae:f9:4c:ed:f7:83:12:71:2d:64:
dd:58:52:56:29:78:fb:69:fe:74:1a:fe:e1:ed:f4:75:2b:90:
16:de:d6:ef:bd:a0:f8:f8:dd:a7:3c:b0:ef:dc:e0:9d:36:03:
12:98:79:7d:a2:79:66:14:e3:50:db:7b:f8:6a:82:76:07:cf:
ba:61:37:75:6f:55:c8:07:a4:79:60:a1:db:5d:73:3a:00:36:
f2:61:6d:c1:ef:9d:1a:14:03:db:63:45:b8:62:6a:c5:1f:cc:
0b:ab:57:16:34:16:5d:68:4d:63:ee:ab:7a:24:c0:20:f0:c4:
12:d5:26:fb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ5U2Dhu/x4gGZZ8JBJ0/qzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTIzMTIzODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2JlZDg3MDE3YjlmNDEwZWQ1YTc1NzA1YmI1ZWE5ZTc2OTM3NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwhLNHTzVDxVAP3icfqNKsLdeq+w
aRXqe5mupwvIejpwswTCTU7Z0HdxBeCYHeQcT5KpoR/kVp1BQXsgNmzT5SIdJm8O
F2Csifook7HN54Ff6LBrn3cEYEbhRyFzgu2r+hAxjaheT3Avc8Cx1Al5OPFD3CzZ
vvGqA/fMj02cbNtK++3lkdRJ48w3nDjhKwKaDv13eiEzcdoe/1DbpA2Pn8Q5njh7
9bo0a/ea/AOuO5KTUO7EImVHtnZgs5kN9ZXspBJUpWF9OX8uNnxqr5cnNGoXQBQC
a3Eo3Je35/lEXPQo+PR3tgFB0hg49B53bG/kc1VdXxOtiJM0QAvAB77AgQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMO+2HAXufQQ7Vp1cFu16p52k3UBMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvdzc3WWNCZTU5QkR0V25Wd1c3WHFubmFUZFFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANXTJgD
BABXTJoDBAJXTJwwDQYJKoZIhvcNAQELBQADggEBAIdNFjf/+QnnDI7qjB3qkISM
6yXmd2ro1VFGg8k+IqwpKaGDYTuaspuivRAymoYeRMap2NGnlSYzIynG7aZYzytz
4sXCozISdDWeWMkrieTpDvnmGwjofiZw7mzfbcP+RynaeOtui7n+JZ6vSIuDkHKJ
9ye+TkUrfbwVmKNBge2me0EDux3jrvlM7feDEnEtZN1YUlYpePtp/nQa/uHt9HUr
kBbe1u+9oPj43ac8sO/c4J02AxKYeX2ieWYU41Dbe/hqgnYHz7phN3VvVcgHpHlg
odtdczoANvJhbcHvnRoUA9tjRbhiasUfzAurVxY0Fl1oTWPuq3okwCDwxBLVJvs=
-----END CERTIFICATE-----
Generated at Sat May 23 17:47:14 2026 by rpki-client