Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/incGxDt764oMGRtfZeZZ_kX4KeQ.roa
File: incGxDt764oMGRtfZeZZ_kX4KeQ.roa (raw, json)
Hash identifier: KdTy7ub2fyYQq8g6+ACxK+mVuEXMYA3+OvDx5xZtisU=
Subject key identifier: 8A:77:06:C4:3B:7B:EB:8A:0C:19:1B:5F:65:E6:59:FE:45:F8:29:E4
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E9DCE67223F5F2F6D90ABCD45604040AA
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/incGxDt764oMGRtfZeZZ_kX4KeQ.roa
Signing time: Sat 06 Jun 2026 16:40:10 +0000
ROA not before: Sat 06 Jun 2026 16:40:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 399631
IP address blocks: 87.76.129.0/24 maxlen: 24
87.76.139.0/24 maxlen: 24
87.76.141.0/24 maxlen: 24
87.76.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9d:ce:67:22:3f:5f:2f:6d:90:ab:cd:45:60:40:40:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Jun 6 16:40:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8a7706c43b7beb8a0c191b5f65e659fe45f829e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:3a:a8:45:29:87:e0:13:04:1e:8e:04:a7:
a2:6c:5b:a1:e3:1b:be:e7:20:c4:d6:e3:6d:f6:0e:
7a:8b:46:90:45:77:0d:eb:1e:35:47:dc:6f:ed:8b:
49:01:9d:5c:c5:14:a3:4f:10:9f:02:22:0f:56:65:
80:0d:72:7f:4c:cb:53:1f:a6:b0:b0:e7:31:2f:71:
5e:3c:b0:27:c2:e2:76:e1:3f:9b:70:9e:17:6f:cc:
fc:a7:e2:89:78:90:92:3a:46:8e:57:df:02:e0:59:
5e:64:78:14:10:5d:a4:74:eb:b8:33:de:cf:81:02:
65:a9:59:23:9c:a8:36:14:ab:e8:39:6a:27:17:78:
0a:b8:bb:fa:14:7c:fe:51:0e:4f:8a:c7:1d:c6:7a:
98:3f:57:91:3b:57:72:77:47:c2:d0:60:f3:bc:39:
88:ab:83:18:1c:2e:79:57:33:45:54:18:03:a9:fb:
4c:02:d1:dc:a4:53:b0:ad:13:81:51:8e:ee:12:48:
96:81:be:ec:24:a2:d4:e8:05:53:5c:e4:0a:8d:46:
c2:1c:66:3b:45:fc:fa:8a:36:41:4b:5d:dd:f0:2d:
48:84:91:2f:4d:71:02:9d:bd:01:0d:4a:8a:c5:2a:
34:51:1f:ce:47:d9:d0:6d:f1:06:07:6a:1c:b0:ff:
41:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:77:06:C4:3B:7B:EB:8A:0C:19:1B:5F:65:E6:59:FE:45:F8:29:E4
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/incGxDt764oMGRtfZeZZ_kX4KeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.129.0/24
87.76.139.0/24
87.76.141.0/24
87.76.143.0/24
Signature Algorithm: sha256WithRSAEncryption
80:6a:2a:05:7e:6c:80:05:d6:70:02:a0:03:e2:97:59:cc:f5:
29:aa:16:d4:50:d4:f5:cd:65:f4:d7:4d:fd:85:4b:4d:4f:b1:
54:a9:99:fe:de:e6:da:1c:18:2d:51:92:91:3e:f2:b6:59:1b:
4c:d4:19:42:b7:2c:33:e0:4d:59:00:02:70:65:81:2a:d4:98:
2d:91:74:e4:ce:6b:30:63:0c:cc:c1:ad:d3:84:e7:24:41:ca:
76:06:a0:63:ce:60:ca:d7:31:90:1f:3d:df:f1:58:0c:14:fd:
45:d6:fe:ed:51:28:cd:26:bc:a1:9c:85:7d:20:7b:9f:93:8a:
5b:47:dc:84:c4:da:26:a2:4e:ba:12:56:3a:ff:40:58:66:e6:
f8:4e:4e:02:2f:d7:37:c5:0a:67:e3:ea:b2:43:bc:64:d7:21:
91:e1:43:b4:87:49:04:e8:0f:2d:cd:20:ad:7d:df:1a:1d:02:
3e:fe:21:fd:8a:6c:52:e5:dc:68:54:e4:c8:77:17:58:2a:f9:
01:35:81:c5:4b:67:8e:2c:28:61:57:99:3a:72:e9:ae:84:48:
3d:94:24:68:f6:40:e1:e0:4f:ae:fd:52:f7:b7:bd:fd:28:a1:
d1:ab:e9:96:c1:15:83:a4:97:58:02:f4:85:8f:72:d4:5b:e6:
d6:85:22:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6dzmciP18vbZCrzUVgQECqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNjA2MTY0MDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc3MDZjNDNiN2JlYjhhMGMxOTFiNWY2NWU2NTlmZTQ1ZjgyOWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj806qEUph+ATBB6OBKeibFuh4xu+
5yDE1uNt9g56i0aQRXcN6x41R9xv7YtJAZ1cxRSjTxCfAiIPVmWADXJ/TMtTH6aw
sOcxL3FePLAnwuJ24T+bcJ4Xb8z8p+KJeJCSOkaOV98C4FleZHgUEF2kdOu4M97P
gQJlqVkjnKg2FKvoOWonF3gKuLv6FHz+UQ5PiscdxnqYP1eRO1dyd0fC0GDzvDmI
q4MYHC55VzNFVBgDqftMAtHcpFOwrROBUY7uEkiWgb7sJKLU6AVTXOQKjUbCHGY7
Rfz6ijZBS13d8C1IhJEvTXECnb0BDUqKxSo0UR/OR9nQbfEGB2ocsP9BMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIp3BsQ7e+uKDBkbX2XmWf5F+CnkMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvaW5jR3hEdDc2NG9NR1J0ZlplWlpfa1g0S2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV0yBAwQA
V0yLAwQAV0yNAwQAV0yPMA0GCSqGSIb3DQEBCwUAA4IBAQCAaioFfmyABdZwAqAD
4pdZzPUpqhbUUNT1zWX01039hUtNT7FUqZn+3ubaHBgtUZKRPvK2WRtM1BlCtywz
4E1ZAAJwZYEq1JgtkXTkzmswYwzMwa3ThOckQcp2BqBjzmDK1zGQHz3f8VgMFP1F
1v7tUSjNJryhnIV9IHufk4pbR9yExNomok66ElY6/0BYZub4Tk4CL9c3xQpn4+qy
Q7xk1yGR4UO0h0kE6A8tzSCtfd8aHQI+/iH9imxS5dxoVOTIdxdYKvkBNYHFS2eO
LChhV5k6cumuhEg9lCRo9kDh4E+u/VL3t739KKHRq+mWwRWDpJdYAvSFj3LUW+bW
hSKm
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:56:21 2026 by rpki-client