Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/URFT6fKsY2OtyB_MOBIcyuYtLjI.roa
File: URFT6fKsY2OtyB_MOBIcyuYtLjI.roa (raw, json)
Hash identifier: Bi6srY4oh+V5Uw676tTyw8yvtKoGhpD37htv9PBY0t8=
Subject key identifier: 51:11:53:E9:F2:AC:63:63:AD:C8:1F:CC:38:12:1C:CA:E6:2D:2E:32
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D4310A5B8D2B0533F16ED492B17C71FFB
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/URFT6fKsY2OtyB_MOBIcyuYtLjI.roa
Signing time: Tue 31 Mar 2026 08:44:17 +0000
ROA not before: Tue 31 Mar 2026 08:44:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 87.76.178.0/24 maxlen: 24
87.76.189.0/24 maxlen: 24
87.76.190.0/24 maxlen: 24
87.76.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:10:a5:b8:d2:b0:53:3f:16:ed:49:2b:17:c7:1f:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 31 08:44:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=511153e9f2ac6363adc81fcc38121ccae62d2e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:66:1e:43:73:18:32:dc:d3:b3:5e:dc:85:ff:
ec:c4:9d:21:40:64:fd:a0:b1:b1:28:65:4f:05:d7:
1f:9d:0e:ce:05:a7:0e:3a:c6:e2:f4:11:1c:91:1a:
22:6c:48:8c:7e:43:f9:ba:16:5d:36:53:80:a5:dc:
4d:f5:ff:95:b8:ea:34:68:ac:5c:b2:ad:4c:31:7b:
6d:58:55:37:87:90:3a:5a:87:eb:be:19:eb:50:ed:
f3:ca:dd:f5:4d:35:24:2d:0a:40:a1:cc:fb:4d:b5:
4a:8b:57:b8:bb:26:73:31:8e:f2:bb:a4:49:3a:cd:
4f:57:fd:b8:34:04:1c:19:6e:d8:cf:8f:7b:71:a7:
7c:35:3f:3d:ff:11:30:82:0e:e4:85:55:f9:b9:aa:
40:e9:66:34:f4:f4:32:55:93:f0:12:13:8d:b3:fc:
2c:eb:1f:55:59:bb:59:e2:ed:a5:76:62:cf:b7:b6:
ed:2c:7e:6c:b1:35:53:56:ad:46:5d:ba:58:29:d9:
e5:09:70:8b:0e:25:9c:1f:91:b2:c9:72:ab:d6:a9:
7b:da:d2:fd:1d:13:fa:8e:96:9c:34:30:0d:57:ed:
8c:f9:a1:f5:71:90:5b:7d:04:d2:b9:b4:f7:0b:b2:
95:fe:3c:9e:55:53:5c:84:31:9a:66:e9:88:03:71:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:11:53:E9:F2:AC:63:63:AD:C8:1F:CC:38:12:1C:CA:E6:2D:2E:32
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/URFT6fKsY2OtyB_MOBIcyuYtLjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.178.0/24
87.76.189.0-87.76.190.255
87.76.217.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b4:80:26:56:eb:4b:af:a3:8d:a2:84:bb:15:9d:79:a8:df:
68:14:f0:61:43:92:27:38:08:19:3f:ef:bc:97:9c:0d:2d:c5:
ea:15:7c:94:01:cb:36:4e:b7:d4:c5:c8:7b:c8:ae:c9:89:e5:
d9:bc:6b:00:f2:dd:de:c1:89:22:15:f7:1e:ad:8c:15:a9:3e:
85:cb:a4:fe:93:1b:d0:f1:2d:a9:a1:70:82:9b:14:99:a4:e1:
53:a3:64:12:e3:76:43:b7:78:6d:b6:90:8f:37:d5:91:53:61:
0d:92:ca:8d:14:90:72:d8:5a:7a:77:ab:1e:41:98:f5:29:95:
19:f9:a0:84:c1:50:74:9d:2a:fd:01:96:7d:4d:01:31:83:2c:
e8:7e:b8:e8:fb:2c:0e:3a:ae:a2:dc:d4:bb:40:80:25:d6:23:
6a:d5:fc:bb:73:a4:8d:80:44:b5:0f:e0:f4:df:fb:b3:d0:b4:
f8:25:bf:fa:8a:7b:bc:dd:fa:74:78:d6:8b:d8:b4:ac:56:7a:
ae:a1:41:8d:10:68:e9:bb:42:b3:bf:d8:9a:a6:8d:96:f4:be:
71:c0:dd:65:7c:d1:7a:c5:f9:46:89:0f:56:9b:4c:6c:f4:bb:
fa:eb:5c:54:d0:4b:e2:5e:e0:54:4a:a5:50:f8:e8:41:ee:f0:
77:42:39:8f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1DEKW40rBTPxbtSSsXxx/7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzMxMDg0NDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTExNTNlOWYyYWM2MzYzYWRjODFmY2MzODEyMWNjYWU2MmQyZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGYeQ3MYMtzTs17chf/sxJ0hQGT9
oLGxKGVPBdcfnQ7OBacOOsbi9BEckRoibEiMfkP5uhZdNlOApdxN9f+VuOo0aKxc
sq1MMXttWFU3h5A6WofrvhnrUO3zyt31TTUkLQpAocz7TbVKi1e4uyZzMY7yu6RJ
Os1PV/24NAQcGW7Yz497cad8NT89/xEwgg7khVX5uapA6WY09PQyVZPwEhONs/ws
6x9VWbtZ4u2ldmLPt7btLH5ssTVTVq1GXbpYKdnlCXCLDiWcH5GyyXKr1ql72tL9
HRP6jpacNDANV+2M+aH1cZBbfQTSubT3C7KV/jyeVVNchDGaZumIA3HfTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFERU+nyrGNjrcgfzDgSHMrmLS4yMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvVVJGVDZmS3NZMk90eUJfTU9CSWN5dVl0TGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAV0yyMAwD
BABXTL0DBABXTL4DBABXTNkwDQYJKoZIhvcNAQELBQADggEBAGy0gCZW60uvo42i
hLsVnXmo32gU8GFDkic4CBk/77yXnA0txeoVfJQByzZOt9TFyHvIrsmJ5dm8awDy
3d7BiSIV9x6tjBWpPoXLpP6TG9DxLamhcIKbFJmk4VOjZBLjdkO3eG22kI831ZFT
YQ2Syo0UkHLYWnp3qx5BmPUplRn5oITBUHSdKv0Bln1NATGDLOh+uOj7LA46rqLc
1LtAgCXWI2rV/LtzpI2ARLUP4PTf+7PQtPglv/qKe7zd+nR41ovYtKxWeq6hQY0Q
aOm7QrO/2JqmjZb0vnHA3WV80XrF+UaJD1abTGz0u/rrXFTQS+Je4FRKpVD46EHu
8HdCOY8=
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:00:18 2026 by rpki-client