Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/d_pz12527gkL8fcWRRMybOlxS2w.roa
File: d_pz12527gkL8fcWRRMybOlxS2w.roa (raw, json)
Hash identifier: pysysDFIE2iHUMKMLBIhP6e4+wGbdqNfWTLzd/HeoHo=
Subject key identifier: 77:FA:73:D7:6E:76:EE:09:0B:F1:F7:16:45:13:32:6C:E9:71:4B:6C
Certificate issuer: /CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Certificate serial: 019E877931217C6274A39C65E0208539772F
Authority key identifier: A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/d_pz12527gkL8fcWRRMybOlxS2w.roa
Signing time: Tue 02 Jun 2026 08:35:27 +0000
ROA not before: Tue 02 Jun 2026 08:35:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 87.58.128.0/24 maxlen: 24
2a14:ae00:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:79:31:21:7c:62:74:a3:9c:65:e0:20:85:39:77:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7a4e23482268475c1b935637d0002c2fd2993b8
Validity
Not Before: Jun 2 08:35:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=77fa73d76e76ee090bf1f7164513326ce9714b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9c:a2:96:af:33:aa:12:e8:0f:e8:b7:06:c1:
1d:c6:93:8c:fc:c9:95:f1:6e:9a:9a:7d:a6:be:b6:
6f:79:ee:4c:41:4f:2e:d9:62:bc:35:c9:c8:e3:8c:
70:fc:ea:81:cb:96:a5:8f:bf:87:0f:b9:63:0c:a0:
4e:fd:28:1c:da:71:53:1c:2c:73:d7:91:ef:e8:ac:
1a:0e:34:2e:18:8a:40:9b:7e:2c:97:13:ea:a9:f1:
16:a4:ee:4c:33:1f:0e:5f:10:33:3c:1a:fd:6a:36:
83:31:77:85:79:ab:e1:7d:c4:58:24:f0:66:09:38:
26:e1:28:44:4e:a9:92:bf:2d:09:12:e8:27:93:0e:
08:a3:62:f8:89:e6:88:87:ee:d6:2f:11:90:9a:f2:
59:69:93:ba:62:2f:0a:27:8f:53:bf:da:f6:81:2f:
69:ea:25:76:ed:00:a3:50:f4:c1:c6:7b:12:2b:b9:
f5:46:3b:cb:20:53:ad:c6:c5:c2:13:4b:6b:f0:d7:
d2:ec:c8:92:b1:48:36:94:f9:78:45:c0:69:27:d1:
33:db:f1:b4:53:8e:19:6e:53:11:e3:b2:37:95:cb:
ee:be:dd:a4:ef:23:d9:d7:b6:a1:15:c1:0d:cb:b2:
2b:ff:0b:30:5d:d5:4c:41:d3:8a:e3:8e:c2:5b:44:
29:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:FA:73:D7:6E:76:EE:09:0B:F1:F7:16:45:13:32:6C:E9:71:4B:6C
X509v3 Authority Key Identifier:
keyid:A7:A4:E2:34:82:26:84:75:C1:B9:35:63:7D:00:02:C2:FD:29:93:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p6TiNIImhHXBuTVjfQACwv0pk7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/d_pz12527gkL8fcWRRMybOlxS2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/07f623-14fb-4a80-9f46-23331b64916c/1/p6TiNIImhHXBuTVjfQACwv0pk7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.128.0/24
IPv6:
2a14:ae00:d::/48
Signature Algorithm: sha256WithRSAEncryption
29:57:26:65:b5:dc:61:69:b4:16:98:b1:59:4f:48:3a:95:e7:
51:59:7c:07:0d:71:af:aa:5e:56:24:e1:9f:00:e1:b2:10:b0:
29:54:17:11:c6:12:81:d5:f5:b8:84:b5:24:e0:cc:18:78:f3:
60:56:c7:e7:cc:61:0b:7f:7d:a0:7c:60:9c:89:3c:ca:f8:e0:
68:b8:2b:ac:b5:b0:ed:12:e1:0a:12:b5:67:b1:a8:8c:2f:0e:
74:90:a0:c4:45:9a:ed:24:22:45:77:e0:7c:de:0b:a5:b5:1b:
de:4b:00:e6:8b:9c:38:73:be:25:db:46:53:fc:fd:eb:08:10:
87:d3:78:56:c0:7a:66:2b:57:b9:70:76:b4:b0:0e:ee:37:ef:
63:5b:e9:31:c1:ab:15:04:0f:39:19:a3:ba:08:b0:41:60:ad:
b8:38:da:97:71:13:21:c4:60:ba:32:9a:b1:59:85:c2:0c:2b:
a2:0a:44:d1:18:70:68:e5:88:9d:19:d3:4b:79:39:8c:23:f4:
40:a7:33:20:61:00:84:e5:a9:be:e4:c3:64:cf:61:b5:f9:0f:
47:2c:39:35:31:70:f1:f1:d7:1f:d3:11:4f:6b:63:31:90:b1:
9f:ce:b3:4b:6b:c4:ee:c3:8a:69:d1:2c:cd:63:ab:f4:8e:9e:
ea:bb:26:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ6HeTEhfGJ0o5xl4CCFOXcvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YTRlMjM0ODIyNjg0NzVjMWI5MzU2MzdkMDAwMmMyZmQy
OTkzYjgwHhcNMjYwNjAyMDgzNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2ZhNzNkNzZlNzZlZTA5MGJmMWY3MTY0NTEzMzI2Y2U5NzE0YjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5yilq8zqhLoD+i3BsEdxpOM/MmV
8W6amn2mvrZvee5MQU8u2WK8NcnI44xw/OqBy5alj7+HD7ljDKBO/Sgc2nFTHCxz
15Hv6KwaDjQuGIpAm34slxPqqfEWpO5MMx8OXxAzPBr9ajaDMXeFeavhfcRYJPBm
CTgm4ShETqmSvy0JEugnkw4Io2L4ieaIh+7WLxGQmvJZaZO6Yi8KJ49Tv9r2gS9p
6iV27QCjUPTBxnsSK7n1RjvLIFOtxsXCE0tr8NfS7MiSsUg2lPl4RcBpJ9Ez2/G0
U44ZblMR47I3lcvuvt2k7yPZ17ahFcENy7Ir/wswXdVMQdOK447CW0QpSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHf6c9dudu4JC/H3FkUTMmzpcUtsMB8GA1UdIwQY
MBaAFKek4jSCJoR1wbk1Y30AAsL9KZO4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYt
MjMzMzFiNjQ5MTZjLzEvZF9wejEyNTI3Z2tMOGZjV1JSTXliT2x4UzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wN2Y2MjMtMTRmYi00YTgwLTlmNDYtMjMzMzFiNjQ5MTZj
LzEvcDZUaU5JSW1oSFhCdVRWamZRQUN3djBwazdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVzqAMA8E
AgACMAkDBwAqFK4AAA0wDQYJKoZIhvcNAQELBQADggEBAClXJmW13GFptBaYsVlP
SDqV51FZfAcNca+qXlYk4Z8A4bIQsClUFxHGEoHV9biEtSTgzBh482BWx+fMYQt/
faB8YJyJPMr44Gi4K6y1sO0S4QoStWexqIwvDnSQoMRFmu0kIkV34HzeC6W1G95L
AOaLnDhzviXbRlP8/esIEIfTeFbAemYrV7lwdrSwDu4372Nb6THBqxUEDzkZo7oI
sEFgrbg42pdxEyHEYLoymrFZhcIMK6IKRNEYcGjliJ0Z00t5OYwj9ECnMyBhAITl
qb7kw2TPYbX5D0csOTUxcPHx1x/TEU9rYzGQsZ/Os0trxO7DimnRLM1jq/SOnuq7
Ji4=
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:27 2026 by rpki-client