Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ATueWFcqnvuZDV_kL2XwVjV3Y2I.roa
File: ATueWFcqnvuZDV_kL2XwVjV3Y2I.roa (raw, json)
Hash identifier: 1jQny7qo2FR+SifYjdMTpPFd2HzzebiTliSeTIqgl4k=
Subject key identifier: 01:3B:9E:58:57:2A:9E:FB:99:0D:5F:E4:2F:65:F0:56:35:77:63:62
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D7797F39858A8546D6D8884A08BB2C786
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ATueWFcqnvuZDV_kL2XwVjV3Y2I.roa
Signing time: Fri 10 Apr 2026 13:32:20 +0000
ROA not before: Fri 10 Apr 2026 13:32:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215238
IP address blocks: 87.76.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:97:f3:98:58:a8:54:6d:6d:88:84:a0:8b:b2:c7:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 10 13:32:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=013b9e58572a9efb990d5fe42f65f05635776362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:6d:c6:6c:65:d9:46:b6:62:54:b5:01:99:
84:fc:f6:0f:af:f1:24:a9:11:c1:41:66:e1:f7:ef:
24:b5:f6:62:cb:f9:0b:66:98:af:5e:70:97:e2:44:
f0:7b:ca:be:41:57:d9:54:57:29:33:0d:99:ef:85:
50:65:a3:ee:db:03:57:57:1e:48:a8:0a:66:26:e0:
cc:2d:42:fe:35:fb:42:44:9b:ea:b4:25:cc:b7:0d:
46:da:11:b8:9f:b0:31:fb:2d:9b:8d:08:4c:c7:41:
a3:3e:c7:af:e1:4c:1c:93:75:89:db:e6:5b:7b:59:
e9:cc:7a:ff:3f:62:57:ae:0c:21:d2:6a:a6:b8:81:
93:4e:fd:2a:42:db:16:d7:48:d7:79:ff:ae:c3:8f:
aa:dd:ac:72:1f:6e:81:37:f6:c7:8f:86:38:b4:2e:
3b:72:93:54:eb:3e:4f:23:58:8d:f4:a4:73:79:84:
4e:69:48:e1:ad:f4:a3:a0:14:e8:83:9f:8c:fe:e4:
95:64:49:e6:f0:ce:ba:d8:6d:35:78:fd:1d:c1:00:
cf:f2:e0:ba:cb:20:64:26:d2:44:e9:0b:32:22:b4:
74:69:3b:3a:41:8c:9a:a7:7f:23:15:f2:99:48:aa:
75:3c:4e:53:9a:cb:fe:37:2a:42:d8:5e:a4:19:92:
4b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3B:9E:58:57:2A:9E:FB:99:0D:5F:E4:2F:65:F0:56:35:77:63:62
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/ATueWFcqnvuZDV_kL2XwVjV3Y2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.161.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:04:e0:98:76:56:32:c8:48:28:35:00:84:d6:c7:41:96:af:
37:df:82:8d:9d:d7:4a:dc:96:1e:82:92:4c:74:b7:3f:9e:e9:
8a:93:9a:1b:fe:28:b9:2b:c6:3e:fd:b2:e9:f2:c9:27:76:92:
e0:b3:1a:86:76:c0:1b:3a:75:84:25:5a:73:99:e0:6d:df:e1:
c9:94:fa:83:2c:84:fa:9b:d5:b1:ba:a5:a0:1b:78:64:89:f6:
26:22:e9:8a:bf:ff:e6:1f:66:46:49:b5:b4:5e:8a:21:f2:38:
ab:ce:23:9a:67:ad:f1:9f:a6:3c:a2:ac:12:46:97:61:04:b5:
57:b4:be:7c:39:b9:c7:35:b4:6a:51:e5:ad:d8:70:9e:ea:67:
de:50:e9:b3:d7:64:31:35:ba:56:41:8b:60:2e:68:85:ca:77:
67:22:7c:f6:2f:9f:7a:88:24:d8:2b:8d:53:d7:82:71:99:82:
26:5a:44:5b:eb:b6:6a:4d:0c:66:e9:21:72:bf:16:91:b8:1e:
a6:d7:3d:83:6c:bb:7b:f6:e0:7b:76:85:f2:9e:fe:ab:e1:3e:
a3:aa:66:cd:1f:e5:e9:a6:a5:0c:fd:3d:63:82:bf:3b:62:3c:
bd:5e:db:c9:38:c5:a4:6d:90:99:d2:9e:d3:46:99:b1:ea:4a:
c4:e8:27:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ13l/OYWKhUbW2IhKCLsseGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDEwMTMzMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTNiOWU1ODU3MmE5ZWZiOTkwZDVmZTQyZjY1ZjA1NjM1Nzc2MzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7ltxmxl2Ua2YlS1AZmE/PYPr/Ek
qRHBQWbh9+8ktfZiy/kLZpivXnCX4kTwe8q+QVfZVFcpMw2Z74VQZaPu2wNXVx5I
qApmJuDMLUL+NftCRJvqtCXMtw1G2hG4n7Ax+y2bjQhMx0GjPsev4Uwck3WJ2+Zb
e1npzHr/P2JXrgwh0mqmuIGTTv0qQtsW10jXef+uw4+q3axyH26BN/bHj4Y4tC47
cpNU6z5PI1iN9KRzeYROaUjhrfSjoBTog5+M/uSVZEnm8M662G01eP0dwQDP8uC6
yyBkJtJE6QsyIrR0aTs6QYyap38jFfKZSKp1PE5Tmsv+NypC2F6kGZJLhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAE7nlhXKp77mQ1f5C9l8FY1d2NiMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvQVR1ZVdGY3FudnVaRFZfa0wyWHdWalYzWTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0yhMA0G
CSqGSIb3DQEBCwUAA4IBAQA9BOCYdlYyyEgoNQCE1sdBlq8334KNnddK3JYegpJM
dLc/numKk5ob/ii5K8Y+/bLp8skndpLgsxqGdsAbOnWEJVpzmeBt3+HJlPqDLIT6
m9WxuqWgG3hkifYmIumKv//mH2ZGSbW0Xooh8jirziOaZ63xn6Y8oqwSRpdhBLVX
tL58ObnHNbRqUeWt2HCe6mfeUOmz12QxNbpWQYtgLmiFyndnInz2L596iCTYK41T
14JxmYImWkRb67ZqTQxm6SFyvxaRuB6m1z2DbLt79uB7doXynv6r4T6jqmbNH+Xp
pqUM/T1jgr87Yjy9XtvJOMWkbZCZ0p7TRpmx6krE6Ced
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:13:03 2026 by rpki-client