Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bLqAv8qJ1yamxnSzN-ZJySLZiH4.roa
File: bLqAv8qJ1yamxnSzN-ZJySLZiH4.roa (raw, json)
Hash identifier: X+3tvGzRayA2xyP8S1hTpfCmnILZBZQ0R1nzlin9oHw=
Subject key identifier: 6C:BA:80:BF:CA:89:D7:26:A6:C6:74:B3:37:E6:49:C9:22:D9:88:7E
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019CA8B9601F0D4A1C0E77ECA47D154FA636
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bLqAv8qJ1yamxnSzN-ZJySLZiH4.roa
Signing time: Sun 01 Mar 2026 09:27:26 +0000
ROA not before: Sun 01 Mar 2026 09:27:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 87.76.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:b9:60:1f:0d:4a:1c:0e:77:ec:a4:7d:15:4f:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Mar 1 09:27:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6cba80bfca89d726a6c674b337e649c922d9887e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:77:87:82:5e:09:d5:34:29:f4:65:38:b2:
05:74:5c:8a:2d:db:c6:c6:29:47:f5:db:f2:6e:f8:
ec:a4:30:47:3e:21:c9:3f:ec:b6:fc:86:3c:2f:35:
e8:07:79:4b:8f:71:84:b9:61:52:b0:4c:4d:d9:bd:
94:40:55:d1:01:0d:8b:b0:da:d4:a3:4f:23:1b:5c:
9b:f5:33:c0:10:2d:37:c7:00:e6:85:9e:a3:c9:ab:
2a:28:f7:58:4e:8a:94:17:ca:da:4e:52:0a:25:92:
fd:ad:d5:4c:73:6c:0b:0c:52:bc:c9:76:6c:9e:c2:
fc:93:03:48:43:81:bb:24:68:9c:e9:35:35:5b:fe:
f3:3d:14:6c:3d:f4:aa:fc:67:49:5a:cf:09:75:3a:
41:23:46:0e:cb:b1:88:cc:b0:34:cb:49:a4:07:98:
9e:66:39:e1:d6:d9:ab:73:37:a3:ff:a7:ce:c4:87:
a9:c5:00:70:26:30:ce:c1:e8:63:08:fa:bd:48:b7:
f0:ae:d3:99:fd:f7:10:67:8c:da:94:3e:63:ff:ad:
49:78:7a:5f:a5:18:04:53:48:28:2a:97:54:9e:2d:
99:6f:6d:53:45:9d:16:fe:59:c0:65:c4:0b:5e:42:
5f:be:2a:40:a6:85:4b:27:b4:1d:84:7a:1e:9a:83:
7a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BA:80:BF:CA:89:D7:26:A6:C6:74:B3:37:E6:49:C9:22:D9:88:7E
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/bLqAv8qJ1yamxnSzN-ZJySLZiH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a3:33:a9:c4:76:90:05:ed:3f:07:f4:f9:4d:bf:dc:0b:1b:
73:54:cc:3b:f2:c9:47:64:e2:6c:d9:c2:49:3d:9c:b6:a2:85:
b0:2c:bd:87:20:be:9e:93:4a:1d:00:34:b6:60:72:6a:1e:b1:
0c:9d:64:4d:65:95:5c:b9:d5:d8:7c:4b:c4:02:b9:b4:c3:a4:
02:aa:92:a3:f2:b5:b4:01:33:4a:79:fb:bf:ee:ae:f9:d8:95:
77:2b:f6:19:3c:a0:f1:af:65:64:f7:89:7e:b8:4c:99:5e:d6:
b7:a2:5c:d8:df:18:b6:fb:6a:b9:9c:95:b2:3f:0a:bf:c8:2e:
f7:6e:e6:1e:43:d9:54:f6:fc:f0:77:c6:4d:76:04:41:68:75:
c0:07:49:8c:e3:ab:22:a3:9c:a1:66:ec:46:73:2c:9e:b9:d4:
a4:7a:f9:0c:05:34:b0:3f:fb:70:b3:47:9b:1e:4f:e6:29:27:
73:41:7e:80:ea:cc:b6:ee:ba:e9:c5:68:27:da:01:94:d1:c6:
bd:27:49:94:6d:9a:ce:a5:4d:b9:36:74:d1:f0:90:ea:4f:20:
2b:1a:9c:5f:53:24:52:24:6e:bc:2e:b1:17:6d:86:48:d3:cf:
ce:be:e0:80:4f:40:9b:8d:59:de:fd:c0:59:9a:e7:72:b9:c4:
b5:d9:dc:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyouWAfDUocDnfspH0VT6Y2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMzAxMDkyNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JhODBiZmNhODlkNzI2YTZjNjc0YjMzN2U2NDljOTIyZDk4ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6t3h4JeCdU0KfRlOLIFdFyKLdvG
xilH9dvybvjspDBHPiHJP+y2/IY8LzXoB3lLj3GEuWFSsExN2b2UQFXRAQ2LsNrU
o08jG1yb9TPAEC03xwDmhZ6jyasqKPdYToqUF8raTlIKJZL9rdVMc2wLDFK8yXZs
nsL8kwNIQ4G7JGic6TU1W/7zPRRsPfSq/GdJWs8JdTpBI0YOy7GIzLA0y0mkB5ie
Zjnh1tmrczej/6fOxIepxQBwJjDOwehjCPq9SLfwrtOZ/fcQZ4zalD5j/61JeHpf
pRgEU0goKpdUni2Zb21TRZ0W/lnAZcQLXkJfvipApoVLJ7QdhHoemoN60wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGy6gL/KidcmpsZ0szfmScki2Yh+MB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvYkxxQXY4cUoxeWFteG5Tek4tWkp5U0xaaUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zQMA0G
CSqGSIb3DQEBCwUAA4IBAQAaozOpxHaQBe0/B/T5Tb/cCxtzVMw78slHZOJs2cJJ
PZy2ooWwLL2HIL6ek0odADS2YHJqHrEMnWRNZZVcudXYfEvEArm0w6QCqpKj8rW0
ATNKefu/7q752JV3K/YZPKDxr2Vk94l+uEyZXta3olzY3xi2+2q5nJWyPwq/yC73
buYeQ9lU9vzwd8ZNdgRBaHXAB0mM46sio5yhZuxGcyyeudSkevkMBTSwP/tws0eb
Hk/mKSdzQX6A6sy27rrpxWgn2gGU0ca9J0mUbZrOpU25NnTR8JDqTyArGpxfUyRS
JG68LrEXbYZI08/OvuCAT0CbjVne/cBZmudyucS12dwy
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:20:14 2026 by rpki-client