Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/8Wa9_vPZrMT6pIcho3_TYjVtqk8.roa
File: 8Wa9_vPZrMT6pIcho3_TYjVtqk8.roa (raw, json)
Hash identifier: h7V44SoFq4shpd3Oi+k/Fm8gG7BNoMR2fp5YWnkKrKs=
Subject key identifier: F1:66:BD:FE:F3:D9:AC:C4:FA:A4:87:21:A3:7F:D3:62:35:6D:AA:4F
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019CA5B8548C0CDC9157B7ED4C7241A4E98A
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/8Wa9_vPZrMT6pIcho3_TYjVtqk8.roa
Signing time: Sat 28 Feb 2026 19:27:26 +0000
ROA not before: Sat 28 Feb 2026 19:27:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 152920
IP address blocks: 87.76.221.0/24 maxlen: 24
87.76.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a5:b8:54:8c:0c:dc:91:57:b7:ed:4c:72:41:a4:e9:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Feb 28 19:27:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f166bdfef3d9acc4faa48721a37fd362356daa4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:4a:20:f8:e9:3e:9b:d3:bf:a5:c9:d2:4c:fa:
5a:9c:9f:8e:a0:ef:fe:64:f6:56:c4:69:ac:8c:43:
80:94:1f:52:94:17:2c:b5:37:fb:25:b2:ec:5e:7b:
61:6a:57:08:87:df:1e:6a:cc:9c:80:41:a4:6b:2a:
2d:18:81:ea:06:0f:b0:45:66:23:b4:2e:8f:a3:f2:
55:e4:4a:19:24:65:6b:a9:b0:b4:f6:44:d6:13:93:
01:43:f8:b0:c1:95:ee:20:45:c2:72:fb:e8:fb:7c:
78:97:f7:b4:71:23:1b:73:85:6a:e3:cb:af:7f:87:
85:6b:b3:fc:1d:b5:02:31:b9:04:88:a2:49:56:b0:
7f:19:8e:fa:1c:10:bd:65:bc:8f:87:8f:65:44:f3:
69:81:02:60:5c:3a:15:4c:50:47:e1:a1:e5:38:2e:
d0:8f:74:e3:30:2c:d3:9b:8a:fc:18:91:11:04:84:
71:1f:f2:02:fc:1d:9d:d0:9c:2d:f4:78:1f:cb:9f:
4f:f4:c0:3e:58:ae:0e:c6:01:9e:1c:3c:c2:31:54:
7b:e1:7b:96:d0:05:43:f5:1b:7f:c9:81:ab:a3:08:
12:b2:2f:69:61:bf:8f:15:5c:9d:6c:09:18:57:bd:
e7:dd:dc:c0:a1:e6:e8:24:2b:94:b5:7d:be:c8:8a:
61:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:66:BD:FE:F3:D9:AC:C4:FA:A4:87:21:A3:7F:D3:62:35:6D:AA:4F
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/8Wa9_vPZrMT6pIcho3_TYjVtqk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.221.0-87.76.222.255
Signature Algorithm: sha256WithRSAEncryption
63:13:71:56:d3:08:65:28:05:c8:24:b2:d5:94:7d:4b:8d:84:
3b:15:4e:7a:fd:8d:20:ca:cb:7f:58:a8:56:42:6f:01:2e:7c:
bf:12:c3:9d:6a:f2:a2:9c:f7:b4:cf:e0:2c:56:c7:e8:15:99:
64:b9:de:fd:76:80:68:1d:96:97:d3:61:a4:a6:15:b5:00:ad:
2e:bf:af:bc:cc:17:03:a7:df:86:74:8a:5e:73:37:54:6e:7d:
1b:6f:65:b4:d8:bc:15:53:b9:0c:ac:31:a0:b0:2f:9d:52:2d:
13:33:39:e3:b6:34:47:83:1e:9a:31:d1:75:60:01:b1:3e:20:
18:74:97:9f:1a:62:63:66:7f:1f:64:29:c3:f3:8d:16:69:95:
a9:cb:c9:eb:0d:0c:0d:82:bc:a9:6b:08:51:a3:b8:22:5d:40:
65:d6:04:10:23:0e:d7:9c:2a:91:de:59:99:8d:7f:cb:c1:7b:
b2:08:ac:3d:a2:7e:1f:20:d4:9b:19:fc:ce:6a:a2:af:86:d6:
a6:a7:67:d9:fd:01:3e:af:3f:12:09:fc:49:0a:7c:9e:91:e9:
36:9b:f9:81:70:eb:34:ef:18:1d:aa:3d:f3:6e:3f:55:08:ac:
4e:12:d9:a2:95:03:d7:b6:68:7c:33:48:fb:2a:4f:5f:17:33:
56:d8:da:e5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZyluFSMDNyRV7ftTHJBpOmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMjI4MTkyNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTY2YmRmZWYzZDlhY2M0ZmFhNDg3MjFhMzdmZDM2MjM1NmRhYTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Uog+Ok+m9O/pcnSTPpanJ+OoO/+
ZPZWxGmsjEOAlB9SlBcstTf7JbLsXnthalcIh98easycgEGkayotGIHqBg+wRWYj
tC6Po/JV5EoZJGVrqbC09kTWE5MBQ/iwwZXuIEXCcvvo+3x4l/e0cSMbc4Vq48uv
f4eFa7P8HbUCMbkEiKJJVrB/GY76HBC9ZbyPh49lRPNpgQJgXDoVTFBH4aHlOC7Q
j3TjMCzTm4r8GJERBIRxH/IC/B2d0Jwt9Hgfy59P9MA+WK4OxgGeHDzCMVR74XuW
0AVD9Rt/yYGrowgSsi9pYb+PFVydbAkYV73n3dzAoeboJCuUtX2+yIphEwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPFmvf7z2azE+qSHIaN/02I1bapPMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvOFdhOV92UFpyTVQ2cEljaG8zX1RZalZ0cWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABXTN0D
BABXTN4wDQYJKoZIhvcNAQELBQADggEBAGMTcVbTCGUoBcgkstWUfUuNhDsVTnr9
jSDKy39YqFZCbwEufL8Sw51q8qKc97TP4CxWx+gVmWS53v12gGgdlpfTYaSmFbUA
rS6/r7zMFwOn34Z0il5zN1RufRtvZbTYvBVTuQysMaCwL51SLRMzOeO2NEeDHpox
0XVgAbE+IBh0l58aYmNmfx9kKcPzjRZplanLyesNDA2CvKlrCFGjuCJdQGXWBBAj
DtecKpHeWZmNf8vBe7IIrD2ifh8g1JsZ/M5qoq+G1qanZ9n9AT6vPxIJ/EkKfJ6R
6Tab+YFw6zTvGB2qPfNuP1UIrE4S2aKVA9e2aHwzSPsqT18XM1bY2uU=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:34 2026 by rpki-client