Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/D1jqmx7zgrM24HcsfAdM7H7e6TU.roa
File: D1jqmx7zgrM24HcsfAdM7H7e6TU.roa (raw, json)
Hash identifier: z9M641aDlhELJSePrkssedI/+dVAAWfwDtnl21FFKuo=
Subject key identifier: 0F:58:EA:9B:1E:F3:82:B3:36:E0:77:2C:7C:07:4C:EC:7E:DE:E9:35
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D71E0EFDA3FBD862585EA4129778E85F1
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/D1jqmx7zgrM24HcsfAdM7H7e6TU.roa
Signing time: Thu 09 Apr 2026 10:54:20 +0000
ROA not before: Thu 09 Apr 2026 10:54:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62240
IP address blocks: 87.76.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:e0:ef:da:3f:bd:86:25:85:ea:41:29:77:8e:85:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 9 10:54:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0f58ea9b1ef382b336e0772c7c074cec7edee935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:5d:57:87:bb:45:cb:01:a2:e1:1b:56:31:
ee:df:03:1c:8a:33:b5:d1:92:df:1e:72:f4:58:49:
cb:6a:f8:47:06:c1:47:77:d1:22:92:f9:3d:20:cc:
5d:cf:2e:6a:74:50:eb:9c:c7:8a:34:7b:b2:95:03:
1f:7d:25:8d:ef:fe:27:16:8a:07:3e:90:80:09:61:
4e:9e:e1:9b:a1:07:79:5f:36:59:de:e6:e0:a3:09:
bb:5a:57:78:ce:ec:c7:68:f7:e4:05:19:6e:03:a5:
b5:57:61:45:76:7a:e9:30:3e:2b:cf:83:fc:ed:b1:
0e:30:19:34:98:5f:ad:31:b2:8f:47:9e:82:f3:33:
69:85:3f:fa:e8:50:44:fd:44:91:02:8a:c1:19:75:
3f:78:50:33:71:eb:6d:57:15:49:7d:08:21:16:0e:
04:3c:35:a2:cb:8f:3c:13:73:03:dd:90:ec:40:83:
f7:75:6a:7f:d0:d4:56:97:45:8c:d5:87:41:30:82:
6d:83:73:3c:ae:19:f1:66:07:15:50:04:da:33:7f:
e3:0c:97:4a:0a:d4:f5:44:7b:80:39:f7:df:ee:b8:
c9:1b:0e:03:53:aa:15:2c:76:70:5b:6c:cc:81:3e:
e0:f8:02:26:6a:5f:a9:18:ac:15:7a:74:8d:e7:63:
b0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:58:EA:9B:1E:F3:82:B3:36:E0:77:2C:7C:07:4C:EC:7E:DE:E9:35
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/D1jqmx7zgrM24HcsfAdM7H7e6TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:40:59:16:52:71:0f:39:a6:dd:bf:23:e6:9f:c5:c3:92:9d:
4e:98:6d:9d:ac:9b:68:a5:6d:c5:85:26:d9:b6:6e:b0:e8:bb:
e3:cd:e6:af:0c:b8:81:86:ac:09:a1:df:55:d3:f0:48:ce:6c:
b3:8c:83:bd:fd:4f:03:6b:f8:df:cd:e5:42:ca:66:03:c8:2d:
38:dc:e3:4c:50:c6:67:c4:a1:db:36:a1:5d:4b:79:9b:80:b6:
43:3a:be:68:6c:a7:7e:f3:7e:46:de:f9:14:3b:11:84:ce:94:
52:81:c0:13:b0:0f:08:c3:7c:88:f6:15:2c:54:c5:a0:fc:74:
7a:30:15:fd:69:c3:fe:69:cc:a6:e3:1d:bc:35:51:a6:ad:55:
61:99:3f:6c:21:b3:a8:c4:a9:c4:11:ea:34:f0:77:19:1c:91:
9e:51:13:2d:8d:55:f5:8d:72:8f:fc:b6:d9:96:75:5c:e3:36:
f0:ef:8d:91:6b:29:69:62:32:4c:43:a5:80:6f:76:62:49:52:
10:aa:bd:05:be:68:58:6d:07:b1:c1:08:5c:8c:d4:87:f2:a6:
03:bb:a3:d4:36:5f:e6:db:2d:83:16:c9:d1:74:11:3a:5b:23:
08:89:83:09:18:29:8d:69:ca:59:39:d5:df:dd:83:4c:15:31:
b4:1f:7b:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1x4O/aP72GJYXqQSl3joXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDA5MTA1NDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU4ZWE5YjFlZjM4MmIzMzZlMDc3MmM3YzA3NGNlYzdlZGVlOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk1dV4e7RcsBouEbVjHu3wMcijO1
0ZLfHnL0WEnLavhHBsFHd9Eikvk9IMxdzy5qdFDrnMeKNHuylQMffSWN7/4nFooH
PpCACWFOnuGboQd5XzZZ3ubgowm7Wld4zuzHaPfkBRluA6W1V2FFdnrpMD4rz4P8
7bEOMBk0mF+tMbKPR56C8zNphT/66FBE/USRAorBGXU/eFAzcettVxVJfQghFg4E
PDWiy488E3MD3ZDsQIP3dWp/0NRWl0WM1YdBMIJtg3M8rhnxZgcVUATaM3/jDJdK
CtT1RHuAOfff7rjJGw4DU6oVLHZwW2zMgT7g+AImal+pGKwVenSN52OwoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9Y6pse84KzNuB3LHwHTOx+3uk1MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvRDFqcW14N3pnck0yNEhjc2ZBZE03SDdlNlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zRMA0G
CSqGSIb3DQEBCwUAA4IBAQAcQFkWUnEPOabdvyPmn8XDkp1OmG2drJtopW3FhSbZ
tm6w6LvjzeavDLiBhqwJod9V0/BIzmyzjIO9/U8Da/jfzeVCymYDyC043ONMUMZn
xKHbNqFdS3mbgLZDOr5obKd+835G3vkUOxGEzpRSgcATsA8Iw3yI9hUsVMWg/HR6
MBX9acP+acym4x28NVGmrVVhmT9sIbOoxKnEEeo08HcZHJGeURMtjVX1jXKP/LbZ
lnVc4zbw742RaylpYjJMQ6WAb3ZiSVIQqr0FvmhYbQexwQhcjNSH8qYDu6PUNl/m
2y2DFsnRdBE6WyMIiYMJGCmNacpZOdXf3YNMFTG0H3sE
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:31:21 2026 by rpki-client