Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/HvAtAw82mb2P8pILjF60U4f_W7Q.roa
File: HvAtAw82mb2P8pILjF60U4f_W7Q.roa (raw, json)
Hash identifier: Us0J6p7vFRUPlcgG6YMEzbozuwgsdEmzBWIYiS8p86k=
Subject key identifier: 1E:F0:2D:03:0F:36:99:BD:8F:F2:92:0B:8C:5E:B4:53:87:FF:5B:B4
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019CA14DA83E3ED9D1DD411BA0127BC65E04
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/HvAtAw82mb2P8pILjF60U4f_W7Q.roa
Signing time: Fri 27 Feb 2026 22:52:26 +0000
ROA not before: Fri 27 Feb 2026 22:52:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 87.76.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:4d:a8:3e:3e:d9:d1:dd:41:1b:a0:12:7b:c6:5e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Feb 27 22:52:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ef02d030f3699bd8ff2920b8c5eb45387ff5bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6a:64:22:4c:7d:91:cf:3a:9a:56:db:0a:c4:
49:56:6d:26:10:8d:6f:d9:c2:3a:94:28:c4:96:99:
b9:78:8a:0e:3e:62:d0:14:5b:01:0d:26:3a:0c:9a:
e0:7f:bc:6e:f9:ad:f0:4d:4f:20:2a:15:96:78:62:
4f:62:bc:86:a9:69:d6:f5:30:8a:7e:a1:ca:14:b7:
b2:cc:11:54:02:1b:41:10:06:29:b5:fb:90:c1:88:
37:54:32:72:b8:d7:37:0e:d8:e6:e9:4a:43:ee:4a:
c1:f6:38:4d:44:dd:ec:05:a2:28:00:42:1c:56:71:
5a:09:c4:0e:75:d7:19:a9:e2:85:40:2e:4a:5c:4d:
14:c8:3b:c4:45:7e:87:77:71:1f:24:3f:b1:ba:26:
39:40:f4:b3:a5:1d:40:47:63:bb:da:59:14:d4:8b:
fb:b0:e9:47:67:41:1f:b0:1c:18:72:ca:55:0c:b5:
4e:f8:d2:0f:1f:98:a8:12:7e:ab:f6:ce:e0:50:91:
3d:79:1e:a4:d2:28:ae:15:88:cc:60:b9:ff:40:0e:
ef:ed:8c:f4:ee:8d:23:47:bc:a3:0f:91:27:17:47:
89:f3:5c:bf:eb:30:1e:a0:18:db:61:e7:47:ae:94:
99:49:d3:78:e1:f0:39:ce:20:88:1c:c5:4c:f3:16:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:F0:2D:03:0F:36:99:BD:8F:F2:92:0B:8C:5E:B4:53:87:FF:5B:B4
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/HvAtAw82mb2P8pILjF60U4f_W7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:e3:75:46:31:1b:10:be:ef:c8:bf:8a:32:9c:9e:f5:9b:81:
7f:00:1a:11:07:70:2d:7a:c0:e8:6a:14:d4:75:d4:a7:da:e1:
fb:55:d5:2e:bd:32:64:04:3a:f6:51:a7:18:08:6f:4f:bb:0e:
2d:dd:04:09:79:a7:77:70:07:2d:46:5a:6c:c9:cc:80:95:72:
2a:a3:b1:28:f3:4a:1b:c9:1a:a8:a1:09:c4:93:f2:00:3a:d6:
8b:29:e8:e7:56:02:01:c8:d1:af:0b:16:b9:ab:3a:80:d1:77:
ec:08:98:34:59:6e:cf:d7:5a:ef:22:29:f0:a2:97:9c:48:1a:
4c:81:69:f5:8e:52:40:4e:17:d8:24:f5:9d:ca:fd:d6:26:ff:
70:34:08:73:10:b9:1e:e6:e2:77:99:3a:0f:e3:1b:1b:5c:69:
1b:52:f0:ff:47:a7:dc:d7:8e:ab:44:43:60:df:e1:1e:44:4f:
6e:95:63:1b:1d:f9:2e:6f:89:4e:3f:c0:6f:3f:b4:91:08:8d:
68:85:0b:11:5b:83:80:a0:fd:1a:0a:51:88:4f:1e:61:16:ea:
48:0c:ff:ee:1e:05:1d:17:9c:f6:e9:e1:17:2d:08:e2:db:ac:
56:8b:24:54:d2:de:15:d0:bd:7f:d5:26:6f:ac:44:1c:4d:4f:
25:d4:5a:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyhTag+PtnR3UEboBJ7xl4EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMjI3MjI1MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWYwMmQwMzBmMzY5OWJkOGZmMjkyMGI4YzVlYjQ1Mzg3ZmY1YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2pkIkx9kc86mlbbCsRJVm0mEI1v
2cI6lCjElpm5eIoOPmLQFFsBDSY6DJrgf7xu+a3wTU8gKhWWeGJPYryGqWnW9TCK
fqHKFLeyzBFUAhtBEAYptfuQwYg3VDJyuNc3Dtjm6UpD7krB9jhNRN3sBaIoAEIc
VnFaCcQOddcZqeKFQC5KXE0UyDvERX6Hd3EfJD+xuiY5QPSzpR1AR2O72lkU1Iv7
sOlHZ0EfsBwYcspVDLVO+NIPH5ioEn6r9s7gUJE9eR6k0iiuFYjMYLn/QA7v7Yz0
7o0jR7yjD5EnF0eJ81y/6zAeoBjbYedHrpSZSdN44fA5ziCIHMVM8xaqGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7wLQMPNpm9j/KSC4xetFOH/1u0MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvSHZBdEF3ODJtYjJQOHBJTGpGNjBVNGZfVzdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zcMA0G
CSqGSIb3DQEBCwUAA4IBAQBq43VGMRsQvu/Iv4oynJ71m4F/ABoRB3AtesDoahTU
ddSn2uH7VdUuvTJkBDr2UacYCG9Puw4t3QQJead3cActRlpsycyAlXIqo7Eo80ob
yRqooQnEk/IAOtaLKejnVgIByNGvCxa5qzqA0XfsCJg0WW7P11rvIinwopecSBpM
gWn1jlJAThfYJPWdyv3WJv9wNAhzELke5uJ3mToP4xsbXGkbUvD/R6fc146rRENg
3+EeRE9ulWMbHfkub4lOP8BvP7SRCI1ohQsRW4OAoP0aClGITx5hFupIDP/uHgUd
F5z26eEXLQji26xWiyRU0t4V0L1/1SZvrEQcTU8l1Fpf
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:36:30 2026 by rpki-client