Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/yA_ay7sKsFaA5NyLg4zRsSnKXKc.roa
File: yA_ay7sKsFaA5NyLg4zRsSnKXKc.roa (raw, json)
Hash identifier: AmLu8Q6d3LlqC5rOLgzlQhltkZx+bJfte3cWAKnObzU=
Subject key identifier: C8:0F:DA:CB:BB:0A:B0:56:80:E4:DC:8B:83:8C:D1:B1:29:CA:5C:A7
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E032993AB94ACF451DDACFA42CCE659E0
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/yA_ay7sKsFaA5NyLg4zRsSnKXKc.roa
Signing time: Thu 07 May 2026 15:58:36 +0000
ROA not before: Thu 07 May 2026 15:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 132372
IP address blocks: 87.76.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:03:29:93:ab:94:ac:f4:51:dd:ac:fa:42:cc:e6:59:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 7 15:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c80fdacbbb0ab05680e4dc8b838cd1b129ca5ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ea:53:de:34:8f:65:6e:1b:91:1d:0b:74:79:
04:be:00:f1:00:55:80:11:9e:b7:bf:34:4e:0f:c5:
17:e0:0a:27:b2:23:4e:41:da:ef:e1:08:46:19:aa:
31:57:7e:ad:51:c5:df:62:74:f7:0d:85:19:d7:c9:
b8:90:f8:83:67:48:78:6d:06:e5:59:de:58:27:6a:
c1:01:b9:fc:4b:74:1c:e4:3e:59:3e:56:5c:9a:20:
59:52:66:d7:8c:fe:7e:bb:be:90:b0:16:aa:04:1d:
e0:6f:6d:2a:2a:55:47:b6:d8:11:9c:21:99:09:a6:
00:f8:2a:a3:82:5a:2c:de:6a:61:2f:17:52:c1:00:
35:12:3d:fb:5d:4b:15:65:99:f8:81:6c:11:d8:4f:
31:6a:fa:70:0e:71:ce:27:f4:25:46:85:1e:29:a8:
3b:6b:20:e9:dc:fb:85:f1:97:91:51:86:50:e3:05:
5f:15:93:9f:a6:fe:b0:e1:ce:93:c9:c9:e2:57:c4:
98:db:f6:bd:56:08:23:ed:5c:53:08:67:d2:f2:31:
68:3e:5a:2e:df:f5:55:80:91:71:ef:9a:c6:fb:25:
95:75:f2:9e:b5:8b:17:eb:9a:fd:81:95:de:dc:cd:
f8:1a:99:4c:c5:8d:bd:20:87:4b:e5:fd:58:66:5b:
ec:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:0F:DA:CB:BB:0A:B0:56:80:E4:DC:8B:83:8C:D1:B1:29:CA:5C:A7
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/yA_ay7sKsFaA5NyLg4zRsSnKXKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.160.0/24
Signature Algorithm: sha256WithRSAEncryption
38:c4:fb:8c:41:8b:14:5c:3e:d4:5e:35:c6:ab:be:05:e8:b5:
c3:db:ca:22:35:35:80:e5:0a:eb:1a:e3:d8:77:90:b9:60:9d:
e2:7b:a1:bd:f5:32:10:87:71:24:49:b2:a9:87:ce:9f:4b:0d:
b1:9f:88:a8:ab:15:c3:39:98:40:a8:eb:a1:85:c5:2d:01:39:
c2:1e:e0:19:be:85:12:cb:97:76:32:ac:af:44:a5:4b:73:fa:
05:eb:b9:e3:4a:9f:8e:b1:bd:2a:0f:a6:15:b2:b8:78:fe:4a:
f0:2e:7e:e2:73:aa:ab:68:bc:2c:fe:09:0d:a7:9d:b6:fd:98:
18:ca:9c:a3:57:cc:a9:5d:aa:e9:f7:32:35:cd:83:fa:40:fb:
c7:79:d6:60:58:8d:54:41:6c:82:16:4f:0d:06:f7:d1:40:84:
00:86:9f:ec:89:7b:70:65:b1:70:e0:9b:fc:42:98:0c:71:c3:
56:45:48:cc:46:02:a0:4b:b1:f3:f1:a7:4e:70:53:3c:11:0b:
71:9f:e2:0f:d6:59:12:bb:36:73:70:3e:a7:8a:d2:9f:b7:5a:
c3:b9:07:bb:e6:d8:67:15:58:c1:a7:b7:a3:30:f8:ef:24:6d:
a0:ba:48:71:e0:ee:e4:bc:a5:82:07:8f:54:b6:a5:78:f5:67:
76:a0:1e:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4DKZOrlKz0Ud2s+kLM5lngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTA3MTU1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODBmZGFjYmJiMGFiMDU2ODBlNGRjOGI4MzhjZDFiMTI5Y2E1Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OpT3jSPZW4bkR0LdHkEvgDxAFWA
EZ63vzROD8UX4AonsiNOQdrv4QhGGaoxV36tUcXfYnT3DYUZ18m4kPiDZ0h4bQbl
Wd5YJ2rBAbn8S3Qc5D5ZPlZcmiBZUmbXjP5+u76QsBaqBB3gb20qKlVHttgRnCGZ
CaYA+Cqjglos3mphLxdSwQA1Ej37XUsVZZn4gWwR2E8xavpwDnHOJ/QlRoUeKag7
ayDp3PuF8ZeRUYZQ4wVfFZOfpv6w4c6TycniV8SY2/a9Vggj7VxTCGfS8jFoPlou
3/VVgJFx75rG+yWVdfKetYsX65r9gZXe3M34GplMxY29IIdL5f1YZlvsmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMgP2su7CrBWgOTci4OM0bEpylynMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEveUFfYXk3c0tzRmFBNU55TGc0elJzU25LWEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0ygMA0G
CSqGSIb3DQEBCwUAA4IBAQA4xPuMQYsUXD7UXjXGq74F6LXD28oiNTWA5QrrGuPY
d5C5YJ3ie6G99TIQh3EkSbKph86fSw2xn4ioqxXDOZhAqOuhhcUtATnCHuAZvoUS
y5d2MqyvRKVLc/oF67njSp+Osb0qD6YVsrh4/krwLn7ic6qraLws/gkNp522/ZgY
ypyjV8ypXarp9zI1zYP6QPvHedZgWI1UQWyCFk8NBvfRQIQAhp/siXtwZbFw4Jv8
QpgMccNWRUjMRgKgS7Hz8adOcFM8EQtxn+IP1lkSuzZzcD6nitKft1rDuQe75thn
FVjBp7ejMPjvJG2gukhx4O7kvKWCB49UtqV49Wd2oB7E
-----END CERTIFICATE-----
Generated at Wed May 13 09:47:44 2026 by rpki-client