Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Otsl-ayZTXF5yOkpIvkl3cYrqpM.roa
File: Otsl-ayZTXF5yOkpIvkl3cYrqpM.roa (raw, json)
Hash identifier: U3vcJPQ8n9zuoWkpParwY7e2feI8hY4jslrWDMq7wn0=
Subject key identifier: 3A:DB:25:F9:AC:99:4D:71:79:C8:E9:29:22:F9:25:DD:C6:2B:AA:93
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019C9FFE92E52797426BCB96967F83971FBF
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Otsl-ayZTXF5yOkpIvkl3cYrqpM.roa
Signing time: Fri 27 Feb 2026 16:46:26 +0000
ROA not before: Fri 27 Feb 2026 16:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 87.76.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:fe:92:e5:27:97:42:6b:cb:96:96:7f:83:97:1f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Feb 27 16:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3adb25f9ac994d7179c8e92922f925ddc62baa93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:dd:d9:2f:f5:f9:37:1c:8e:be:c5:df:09:51:
0f:70:be:0b:51:c0:64:9b:31:bc:a5:41:5a:bb:85:
39:ed:6a:88:e0:b2:12:79:11:1d:a7:2a:21:46:f9:
a7:e4:6f:12:61:73:8a:84:0f:07:7f:91:9e:4d:05:
b3:2f:90:ce:2d:3f:48:96:23:b8:7a:66:38:95:66:
d1:bb:9d:52:10:aa:ee:66:04:c3:9d:fc:93:2c:b1:
31:56:70:2b:96:ed:a9:af:b7:b7:04:2c:47:09:31:
af:0d:ae:16:83:88:36:f5:b9:80:ea:ac:16:07:c3:
6d:e3:d9:06:aa:a6:68:39:8b:55:2f:92:f9:09:74:
13:b3:17:12:a1:0b:b7:a2:21:06:29:58:cf:72:b1:
81:8f:7f:44:9d:77:09:42:2a:8d:ec:2b:91:0a:09:
ba:2a:2a:2f:cc:2b:26:19:52:89:aa:9a:ae:f0:e8:
40:99:39:ca:d0:4c:dd:d2:e2:2c:80:25:a5:99:30:
0d:a9:15:26:dd:95:b7:26:7b:f9:e5:de:23:58:27:
c6:ac:37:cb:d9:79:1a:e1:91:e9:bb:25:b0:f3:71:
2e:b6:16:95:f1:d7:2d:3f:c7:f8:c9:d9:d6:b4:dd:
9c:a7:83:cf:78:79:03:1a:95:88:2f:0a:c9:42:ff:
bb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:DB:25:F9:AC:99:4D:71:79:C8:E9:29:22:F9:25:DD:C6:2B:AA:93
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Otsl-ayZTXF5yOkpIvkl3cYrqpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.217.0/24
Signature Algorithm: sha256WithRSAEncryption
24:45:3a:3c:b1:5d:c8:e6:a1:97:a8:11:14:43:d8:d4:f3:5f:
aa:6e:23:43:76:4b:b3:12:52:42:59:ba:45:cd:26:99:53:c4:
87:27:ce:bc:86:03:fe:48:8a:e6:07:90:e7:ee:f2:f7:87:38:
79:ce:01:e1:35:b2:f7:ff:ce:c6:30:f8:7c:9b:f0:89:ea:b4:
a5:66:c7:73:5d:d0:6f:73:f0:3f:a0:fa:fa:3f:47:19:df:e3:
33:9a:ea:b1:a5:b9:65:ba:6c:0b:a2:ae:ba:a1:fc:8c:1d:33:
39:f7:f3:ae:d3:47:f1:e4:08:22:c6:45:2b:7e:8d:1c:ec:62:
75:b5:5a:08:b2:42:21:7b:4a:f6:04:74:ea:b9:fc:d2:7a:e2:
92:e9:fd:92:af:0e:cc:2a:a6:02:83:b5:24:23:12:f8:91:ac:
21:92:79:72:d1:a9:b0:49:95:d1:6a:bb:2d:6d:cd:58:22:21:
bb:57:f4:e9:b6:5e:ad:0d:bb:52:e6:61:00:6e:31:e0:ca:27:
a4:6a:8d:65:c8:79:d3:29:23:fb:a1:85:95:90:3c:03:d5:89:
3d:eb:b6:fa:08:b2:29:c5:99:f4:04:bc:9c:79:7f:5f:9e:1f:
6b:de:ac:f8:40:82:b1:cb:e5:1d:12:70:6f:90:8f:47:2f:e8:
aa:54:e5:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyf/pLlJ5dCa8uWln+Dlx+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMjI3MTY0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWRiMjVmOWFjOTk0ZDcxNzljOGU5MjkyMmY5MjVkZGM2MmJhYTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx93ZL/X5NxyOvsXfCVEPcL4LUcBk
mzG8pUFau4U57WqI4LISeREdpyohRvmn5G8SYXOKhA8Hf5GeTQWzL5DOLT9IliO4
emY4lWbRu51SEKruZgTDnfyTLLExVnArlu2pr7e3BCxHCTGvDa4Wg4g29bmA6qwW
B8Nt49kGqqZoOYtVL5L5CXQTsxcSoQu3oiEGKVjPcrGBj39EnXcJQiqN7CuRCgm6
KiovzCsmGVKJqpqu8OhAmTnK0Ezd0uIsgCWlmTANqRUm3ZW3Jnv55d4jWCfGrDfL
2Xka4ZHpuyWw83EuthaV8dctP8f4ydnWtN2cp4PPeHkDGpWILwrJQv+7AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDrbJfmsmU1xecjpKSL5Jd3GK6qTMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvT3RzbC1heVpUWEY1eU9rcEl2a2wzY1lycXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zZMA0G
CSqGSIb3DQEBCwUAA4IBAQAkRTo8sV3I5qGXqBEUQ9jU81+qbiNDdkuzElJCWbpF
zSaZU8SHJ868hgP+SIrmB5Dn7vL3hzh5zgHhNbL3/87GMPh8m/CJ6rSlZsdzXdBv
c/A/oPr6P0cZ3+MzmuqxpbllumwLoq66ofyMHTM59/Ou00fx5AgixkUrfo0c7GJ1
tVoIskIhe0r2BHTqufzSeuKS6f2Srw7MKqYCg7UkIxL4kawhknly0amwSZXRarst
bc1YIiG7V/Tptl6tDbtS5mEAbjHgyiekao1lyHnTKSP7oYWVkDwD1Yk967b6CLIp
xZn0BLyceX9fnh9r3qz4QIKxy+UdEnBvkI9HL+iqVOWV
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:26:27 2026 by rpki-client