Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ba5fXG6jmbh2acBviV-iIIKo76Y.roa
File: Ba5fXG6jmbh2acBviV-iIIKo76Y.roa (raw, json)
Hash identifier: sPziRn27AjBAPFRy3zSLQQKsc8W/cg21d5WvStLKdlg=
Subject key identifier: 05:AE:5F:5C:6E:A3:99:B8:76:69:C0:6F:89:5F:A2:20:82:A8:EF:A6
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D520BEA91E798425E25EA599AC1D9D099
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ba5fXG6jmbh2acBviV-iIIKo76Y.roa
Signing time: Fri 03 Apr 2026 06:33:25 +0000
ROA not before: Fri 03 Apr 2026 06:33:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26769
IP address blocks: 87.76.186.0/24 maxlen: 24
87.76.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:0b:ea:91:e7:98:42:5e:25:ea:59:9a:c1:d9:d0:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 3 06:33:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05ae5f5c6ea399b87669c06f895fa22082a8efa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1d:c2:31:c0:c5:be:bd:96:bf:14:66:6d:cd:
5f:d3:7a:54:2e:32:8b:3f:b8:f5:4a:7a:0d:96:49:
82:df:47:df:a2:92:f9:29:f3:a7:40:f4:ab:16:fa:
ca:ea:31:68:e8:13:f8:5a:43:3a:0c:7a:5a:1f:91:
14:1d:45:41:15:6b:1f:81:2e:b6:cb:a5:99:33:86:
f6:ea:e5:01:c8:34:1e:28:0b:31:e2:df:ad:bb:e8:
bb:c4:98:2b:10:34:e5:32:1b:2b:c6:0d:69:ac:55:
bd:0c:82:cb:5e:0c:02:49:5a:3c:af:fb:1a:99:e9:
73:a0:0d:3b:a3:a0:ff:7b:52:18:57:ef:41:56:d2:
23:12:b4:bf:13:89:d2:f0:3c:04:ed:28:e9:1d:a2:
45:3b:47:08:32:fb:0b:1d:7f:12:65:e5:d9:18:c2:
7d:27:55:d6:3f:ba:ba:96:8d:54:8b:ac:14:81:f0:
8d:50:41:0a:f9:8a:97:d0:65:73:e1:64:2e:5b:cd:
7e:b8:1f:13:81:4c:1b:0f:61:7b:80:af:dd:f0:91:
0d:83:b6:29:ce:61:29:7e:fd:fd:c9:4a:1b:05:01:
c1:7b:f1:8f:7f:f4:06:8a:01:81:6c:f3:cb:30:68:
c3:07:ab:de:0d:9c:9f:8a:4e:8b:d8:a6:d8:eb:28:
7a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AE:5F:5C:6E:A3:99:B8:76:69:C0:6F:89:5F:A2:20:82:A8:EF:A6
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Ba5fXG6jmbh2acBviV-iIIKo76Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.186.0/24
87.76.220.0/24
Signature Algorithm: sha256WithRSAEncryption
78:b2:2d:72:0c:3a:f3:a6:d6:f1:76:b8:08:1e:1c:ba:76:a8:
e6:ee:0f:fb:8f:c2:0c:d5:e3:f9:f1:89:05:cd:eb:b8:48:fb:
c2:b9:98:15:e3:7b:96:21:95:f6:38:5c:60:41:95:fa:3e:76:
11:f6:61:af:13:e1:dc:fd:ac:ba:4b:ad:8e:2a:02:32:c2:7f:
5f:ec:58:cc:5b:5f:78:b2:e4:df:2d:c3:8e:5f:85:37:19:6d:
ca:24:34:89:bc:66:92:f9:4b:fc:6d:a9:36:15:d0:37:1d:5e:
82:18:5c:01:ad:e6:1d:6a:3f:bd:25:0a:07:58:65:27:91:de:
f4:29:93:73:8c:81:c1:01:c9:1e:b1:e5:0f:d6:61:7a:87:2c:
98:70:a6:f5:be:7a:89:b1:43:cd:4a:6a:75:29:e5:28:d7:48:
fe:11:2d:2f:d9:d2:3f:bb:61:4d:70:dc:18:2c:c5:42:b3:75:
21:4b:08:cc:f6:2b:02:14:47:99:6e:5a:bd:36:87:cb:87:89:
88:a4:74:2f:02:e5:e8:3c:a3:6b:b1:11:de:f3:af:76:92:b3:
9e:9a:45:c9:90:e4:e0:f8:c3:d8:71:b8:4e:85:93:34:0a:e7:
d7:87:94:4f:3c:45:0b:08:72:f0:0a:37:fe:c0:ca:9e:c5:1f:
54:f4:2b:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1SC+qR55hCXiXqWZrB2dCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDAzMDYzMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFlNWY1YzZlYTM5OWI4NzY2OWMwNmY4OTVmYTIyMDgyYThlZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAth3CMcDFvr2WvxRmbc1f03pULjKL
P7j1SnoNlkmC30ffopL5KfOnQPSrFvrK6jFo6BP4WkM6DHpaH5EUHUVBFWsfgS62
y6WZM4b26uUByDQeKAsx4t+tu+i7xJgrEDTlMhsrxg1prFW9DILLXgwCSVo8r/sa
melzoA07o6D/e1IYV+9BVtIjErS/E4nS8DwE7SjpHaJFO0cIMvsLHX8SZeXZGMJ9
J1XWP7q6lo1Ui6wUgfCNUEEK+YqX0GVz4WQuW81+uB8TgUwbD2F7gK/d8JENg7Yp
zmEpfv39yUobBQHBe/GPf/QGigGBbPPLMGjDB6veDZyfik6L2KbY6yh62QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAWuX1xuo5m4dmnAb4lfoiCCqO+mMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvQmE1ZlhHNmptYmgyYWNCdmlWLWlJSUtvNzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0y6AwQA
V0zcMA0GCSqGSIb3DQEBCwUAA4IBAQB4si1yDDrzptbxdrgIHhy6dqjm7g/7j8IM
1eP58YkFzeu4SPvCuZgV43uWIZX2OFxgQZX6PnYR9mGvE+Hc/ay6S62OKgIywn9f
7FjMW194suTfLcOOX4U3GW3KJDSJvGaS+Uv8bak2FdA3HV6CGFwBreYdaj+9JQoH
WGUnkd70KZNzjIHBAckeseUP1mF6hyyYcKb1vnqJsUPNSmp1KeUo10j+ES0v2dI/
u2FNcNwYLMVCs3UhSwjM9isCFEeZblq9NofLh4mIpHQvAuXoPKNrsRHe8692krOe
mkXJkOTg+MPYcbhOhZM0CufXh5RPPEULCHLwCjf+wMqexR9U9Cst
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:50:19 2026 by rpki-client