Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/wGI62cPHQKF4GMtjHvWPwBzeXZY.roa
File: wGI62cPHQKF4GMtjHvWPwBzeXZY.roa (raw, json)
Hash identifier: QAyBLbTjKCNYBKq7kDKeBpy19fNKx8Eu0eLgZuq+g70=
Subject key identifier: C0:62:3A:D9:C3:C7:40:A1:78:18:CB:63:1E:F5:8F:C0:1C:DE:5D:96
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E30777A1CBA3A523BF143FA97100B4656
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/wGI62cPHQKF4GMtjHvWPwBzeXZY.roa
Signing time: Sat 16 May 2026 11:06:36 +0000
ROA not before: Sat 16 May 2026 11:06:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215238
IP address blocks: 87.76.130.0/24 maxlen: 24
87.76.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:77:7a:1c:ba:3a:52:3b:f1:43:fa:97:10:0b:46:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 16 11:06:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0623ad9c3c740a17818cb631ef58fc01cde5d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7f:81:30:6c:ed:c3:4c:70:0d:54:94:8d:8e:
f0:a7:31:7c:28:43:fb:66:a2:cb:11:9c:6e:27:2b:
4f:00:f5:56:e5:06:5f:c2:91:ee:e3:e5:60:63:45:
39:cc:70:82:fd:d9:93:60:a8:d1:f9:0b:47:24:b8:
5e:f6:4a:01:da:f6:9d:aa:7b:44:c7:c8:39:42:82:
c2:4f:4b:8c:cd:7c:68:9b:8a:0b:e5:a2:c7:f2:4d:
9c:ec:5d:09:e4:50:01:d0:5c:c0:bf:32:01:95:31:
78:e2:3e:e4:c9:23:49:1f:fe:c3:5f:5b:3e:8a:ac:
74:6c:47:b6:7b:0e:3f:6b:02:53:1b:51:0a:1c:74:
a3:d8:bd:c5:72:d0:34:49:4d:41:b4:ec:e8:ce:73:
e6:1a:85:7a:d4:8d:17:a8:1a:05:f5:e1:ea:43:78:
da:c5:43:60:b2:55:3f:3c:51:35:43:c4:80:85:6f:
ec:2c:9d:60:7d:59:f5:eb:96:71:a1:06:7d:83:50:
4e:be:04:27:d9:a0:2f:c4:1e:8c:98:f8:d9:e9:3f:
42:85:79:23:58:c0:e1:b0:7d:67:6f:14:4c:df:16:
e9:5b:da:5e:6b:e9:10:38:68:d7:9c:87:64:e8:a5:
05:22:dc:8a:d5:86:45:d8:f6:e5:ac:6a:fe:72:38:
79:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:62:3A:D9:C3:C7:40:A1:78:18:CB:63:1E:F5:8F:C0:1C:DE:5D:96
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/wGI62cPHQKF4GMtjHvWPwBzeXZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.130.0/24
87.76.161.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:e5:df:72:e2:e4:b5:30:10:f4:b7:03:48:b8:e8:f2:02:83:
cd:de:55:d8:c7:cb:42:23:1f:8f:c7:b6:f6:82:f4:53:21:4a:
ee:3e:c9:8d:68:0e:f5:00:2c:2f:7f:b4:f6:a9:56:be:24:43:
3f:2d:47:32:e9:ce:3b:25:af:74:df:15:d6:7b:28:09:78:3a:
18:25:9f:d7:32:03:57:23:7c:b9:9b:7f:85:0f:36:86:ed:81:
09:8a:5b:06:96:67:26:b3:c0:29:de:43:82:60:d1:09:61:b6:
5e:8d:b6:90:c2:5e:e3:af:40:b1:5b:98:7e:77:39:ca:60:1e:
7d:94:cc:31:91:a6:54:08:65:c5:92:60:61:99:04:37:6b:a2:
72:a0:c3:13:2b:53:ed:f7:58:18:c8:61:cc:31:c6:92:39:f6:
e0:bf:b5:4a:1f:7c:3d:0a:8a:e0:f8:23:82:74:a3:10:fe:d4:
94:cf:56:ba:f9:f9:5a:34:2b:61:be:86:64:41:72:d7:ce:50:
3d:74:34:b6:15:42:29:a3:31:94:1b:0c:76:4a:a1:5d:6a:de:
7e:f0:22:25:10:64:c1:28:1c:43:43:af:f0:1c:37:c0:b8:37:
6f:54:0c:1e:f1:19:71:8e:95:17:8b:a6:34:a0:f6:b0:53:cb:
ae:53:f1:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4wd3ocujpSO/FD+pcQC0ZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTE2MTEwNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDYyM2FkOWMzYzc0MGExNzgxOGNiNjMxZWY1OGZjMDFjZGU1ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6X+BMGztw0xwDVSUjY7wpzF8KEP7
ZqLLEZxuJytPAPVW5QZfwpHu4+VgY0U5zHCC/dmTYKjR+QtHJLhe9koB2vadqntE
x8g5QoLCT0uMzXxom4oL5aLH8k2c7F0J5FAB0FzAvzIBlTF44j7kySNJH/7DX1s+
iqx0bEe2ew4/awJTG1EKHHSj2L3FctA0SU1BtOzoznPmGoV61I0XqBoF9eHqQ3ja
xUNgslU/PFE1Q8SAhW/sLJ1gfVn165ZxoQZ9g1BOvgQn2aAvxB6MmPjZ6T9ChXkj
WMDhsH1nbxRM3xbpW9pea+kQOGjXnIdk6KUFItyK1YZF2PblrGr+cjh51QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMBiOtnDx0CheBjLYx71j8Ac3l2WMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvd0dJNjJjUEhRS0Y0R010akh2V1B3QnplWFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0yCAwQA
V0yhMA0GCSqGSIb3DQEBCwUAA4IBAQCK5d9y4uS1MBD0twNIuOjyAoPN3lXYx8tC
Ix+Px7b2gvRTIUruPsmNaA71ACwvf7T2qVa+JEM/LUcy6c47Ja903xXWeygJeDoY
JZ/XMgNXI3y5m3+FDzaG7YEJilsGlmcms8Ap3kOCYNEJYbZejbaQwl7jr0CxW5h+
dznKYB59lMwxkaZUCGXFkmBhmQQ3a6JyoMMTK1Pt91gYyGHMMcaSOfbgv7VKH3w9
Corg+COCdKMQ/tSUz1a6+flaNCthvoZkQXLXzlA9dDS2FUIpozGUGwx2SqFdat5+
8CIlEGTBKBxDQ6/wHDfAuDdvVAwe8RlxjpUXi6Y0oPawU8uuU/FC
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:31:22 2026 by rpki-client