Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/5jgtFtkGFs3MVnXU7EtZ-wtpMP8.roa
File: 5jgtFtkGFs3MVnXU7EtZ-wtpMP8.roa (raw, json)
Hash identifier: RsoKDzcKosV3gQjC57ZfeVyrZTCxaDxJedySFB6iHSw=
Subject key identifier: E6:38:2D:16:D9:06:16:CD:CC:56:75:D4:EC:4B:59:FB:0B:69:30:FF
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D914CC2E51F9B01630389B9C2DE7BE7A8
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/5jgtFtkGFs3MVnXU7EtZ-wtpMP8.roa
Signing time: Wed 15 Apr 2026 13:20:20 +0000
ROA not before: Wed 15 Apr 2026 13:20:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200105
IP address blocks: 87.76.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:4c:c2:e5:1f:9b:01:63:03:89:b9:c2:de:7b:e7:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 15 13:20:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e6382d16d90616cdcc5675d4ec4b59fb0b6930ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c7:6e:3b:14:af:28:55:b1:84:e7:2b:13:53:
57:2a:73:a8:27:ca:79:6b:b0:fd:37:78:63:f4:4d:
49:46:99:d8:75:eb:90:8d:75:08:ff:21:28:b6:78:
98:59:e9:2a:6b:90:7b:02:2b:be:c5:aa:d6:03:08:
24:81:c3:20:a6:aa:93:80:15:83:7c:09:31:92:a5:
54:63:99:fd:1a:10:e9:fb:af:32:da:66:39:80:d7:
c2:22:c0:0d:f2:6c:39:d8:22:5d:ba:6a:4e:ee:c3:
dd:7b:b3:0b:7d:65:c7:f7:29:07:e5:9b:02:b8:65:
09:4a:56:c2:4b:d9:d3:95:12:89:5e:a9:4b:ce:e9:
3c:dd:9f:ab:e7:5e:37:d1:da:35:1e:2d:b8:63:e1:
1d:ba:3d:43:f4:8e:b0:cd:1d:70:50:ae:f1:ac:86:
bf:27:49:c1:c9:f0:ab:a9:8b:2d:fb:1a:69:c4:1a:
b4:ca:b2:e1:8f:44:cc:b3:57:17:ff:14:d5:d6:68:
6b:b2:cc:63:95:ee:58:71:d1:74:6b:d8:1e:45:f6:
2b:2c:93:40:68:32:df:7d:89:b7:d5:3e:89:a4:12:
33:8b:26:c7:f1:f6:e6:e5:cf:59:bc:e1:4c:a3:2f:
6f:a8:ee:f7:de:78:f7:30:e4:93:8a:e8:ed:47:bd:
cf:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:38:2D:16:D9:06:16:CD:CC:56:75:D4:EC:4B:59:FB:0B:69:30:FF
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/5jgtFtkGFs3MVnXU7EtZ-wtpMP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.168.0/24
Signature Algorithm: sha256WithRSAEncryption
75:9c:0b:9f:f8:19:ad:23:32:ac:e4:a2:34:22:b1:bd:70:0f:
72:25:61:a7:cf:34:e6:bb:74:be:72:1a:ec:08:ab:0e:b5:46:
4e:55:72:76:03:43:0a:1b:88:ee:9a:b0:8b:35:f1:ab:d9:af:
67:fa:b8:fe:52:c6:7b:9d:6e:3a:73:ff:3d:0f:53:16:a4:99:
77:55:5a:73:ff:99:96:ec:a8:c6:cc:9b:ca:11:75:77:a2:27:
ec:f5:b2:dd:e8:ba:2a:39:33:0b:36:b6:66:fc:db:59:56:dc:
5d:0f:75:fc:db:b1:ef:5e:e9:29:fa:40:a7:6f:93:08:7f:df:
6e:17:71:2f:27:7f:c7:f3:ba:39:d6:e1:f2:0f:5c:b9:b7:f3:
2f:9d:5d:43:4d:7f:14:23:8a:9c:19:ce:cc:d8:51:59:38:1c:
6e:95:4d:e5:c0:ac:68:48:a1:29:e7:f6:2c:66:f2:e5:92:ff:
ab:3a:3d:2a:2d:01:ca:1f:33:f6:bb:c1:ab:6c:97:d7:4f:1e:
b3:be:8a:07:8f:6b:30:2f:57:30:5b:6e:45:2a:77:a9:9e:4a:
b4:f4:a5:cb:6d:4a:ae:65:b4:82:16:ec:b2:48:83:79:04:49:
f6:c4:32:04:08:31:11:8b:59:5a:1c:08:fd:a5:fb:85:6b:53:
78:38:3c:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2RTMLlH5sBYwOJucLee+eoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDE1MTMyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjM4MmQxNmQ5MDYxNmNkY2M1Njc1ZDRlYzRiNTlmYjBiNjkzMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMduOxSvKFWxhOcrE1NXKnOoJ8p5
a7D9N3hj9E1JRpnYdeuQjXUI/yEotniYWekqa5B7Aiu+xarWAwgkgcMgpqqTgBWD
fAkxkqVUY5n9GhDp+68y2mY5gNfCIsAN8mw52CJdumpO7sPde7MLfWXH9ykH5ZsC
uGUJSlbCS9nTlRKJXqlLzuk83Z+r51430do1Hi24Y+Eduj1D9I6wzR1wUK7xrIa/
J0nByfCrqYst+xppxBq0yrLhj0TMs1cX/xTV1mhrssxjle5YcdF0a9geRfYrLJNA
aDLffYm31T6JpBIziybH8fbm5c9ZvOFMoy9vqO733nj3MOSTiujtR73PyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOY4LRbZBhbNzFZ11OxLWfsLaTD/MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvNWpndEZ0a0dGczNNVm5YVTdFdFotd3RwTVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0yoMA0G
CSqGSIb3DQEBCwUAA4IBAQB1nAuf+BmtIzKs5KI0IrG9cA9yJWGnzzTmu3S+chrs
CKsOtUZOVXJ2A0MKG4jumrCLNfGr2a9n+rj+UsZ7nW46c/89D1MWpJl3VVpz/5mW
7KjGzJvKEXV3oifs9bLd6LoqOTMLNrZm/NtZVtxdD3X827HvXukp+kCnb5MIf99u
F3EvJ3/H87o51uHyD1y5t/MvnV1DTX8UI4qcGc7M2FFZOBxulU3lwKxoSKEp5/Ys
ZvLlkv+rOj0qLQHKHzP2u8GrbJfXTx6zvooHj2swL1cwW25FKnepnkq09KXLbUqu
ZbSCFuyySIN5BEn2xDIECDERi1laHAj9pfuFa1N4ODzk
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:52:42 2026 by rpki-client