Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/khlkjl5hiRGrNdSs9YuZpj9Hqys.roa
File: khlkjl5hiRGrNdSs9YuZpj9Hqys.roa (raw, json)
Hash identifier: 58pFJdiky9TnYK2GCLZS26KepT7TDfppnNHXzC1bps0=
Subject key identifier: 92:19:64:8E:5E:61:89:11:AB:35:D4:AC:F5:8B:99:A6:3F:47:AB:2B
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E25BB10FB3A2DCA1FF636840F5AE08C5A
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/khlkjl5hiRGrNdSs9YuZpj9Hqys.roa
Signing time: Thu 14 May 2026 09:04:36 +0000
ROA not before: Thu 14 May 2026 09:04:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198599
IP address blocks: 87.76.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:25:bb:10:fb:3a:2d:ca:1f:f6:36:84:0f:5a:e0:8c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 14 09:04:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9219648e5e618911ab35d4acf58b99a63f47ab2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:87:67:eb:51:01:c5:27:1b:3f:ba:10:b5:
c3:26:96:b8:1d:4b:e2:97:9d:08:6a:41:66:be:74:
2f:72:2b:01:e7:ba:13:69:d8:87:73:d7:fa:f0:98:
5d:0c:ea:7e:ab:22:52:27:a1:4a:ba:f8:17:d8:a0:
ed:dc:64:06:b3:65:be:57:c6:b5:93:98:03:cb:a5:
65:a4:84:64:51:5f:82:66:c2:e5:4a:7c:26:0f:ab:
7f:8a:e8:2d:4d:cf:7b:2c:fd:97:d1:a5:d2:14:0f:
fb:0e:01:a5:66:73:bc:f3:30:f9:7b:d4:36:a5:c4:
11:be:a5:8f:90:07:a6:ab:38:5d:fb:e1:aa:3f:bc:
95:e8:09:7e:9a:f9:db:2b:aa:e7:b6:f2:6f:c3:e7:
87:ad:a2:dc:1f:a2:96:a9:73:53:d1:a9:f9:c5:ef:
0b:1f:a0:f5:18:6c:be:a6:09:43:8a:04:c9:dd:ca:
da:c2:3d:9b:83:a7:cc:04:6f:b5:c5:9a:b9:b1:59:
e0:ff:31:2a:ba:ac:11:79:9f:97:4c:3d:fe:1f:ed:
01:2a:58:05:a8:e2:94:9f:be:96:dc:20:7f:13:84:
ae:86:8a:01:5a:16:28:25:8d:e5:46:9c:c9:b3:94:
9c:9d:0b:ad:7b:29:d1:c6:c2:58:4c:e6:3a:01:e8:
23:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:19:64:8E:5E:61:89:11:AB:35:D4:AC:F5:8B:99:A6:3F:47:AB:2B
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/khlkjl5hiRGrNdSs9YuZpj9Hqys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.136.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:70:22:40:0e:23:b6:e6:d8:c0:aa:bf:a3:68:c3:f4:09:f8:
d7:cc:49:2b:b1:5f:7c:d3:84:0f:50:6e:54:a6:59:dd:3a:f0:
69:98:74:ba:cc:cf:e8:67:b3:45:b4:b3:9c:01:4c:5b:1e:7d:
d7:e3:31:60:2e:b4:3b:51:76:b5:86:59:52:62:28:8b:da:fc:
70:a7:e7:fd:f7:47:1c:fa:dd:83:d3:13:32:e9:7d:b3:9f:81:
07:29:c6:02:a1:bc:ae:04:5d:6d:66:de:61:c5:23:00:8c:32:
2e:72:fc:6d:b8:fb:34:99:89:b3:d3:65:bd:70:81:84:0b:3b:
e3:b0:70:b6:6f:41:a8:a2:e5:7b:ea:2a:74:42:e5:55:9c:6a:
06:8b:35:31:33:94:bd:cb:ae:99:34:79:3c:ff:93:d2:5f:56:
d3:45:9e:2c:6a:f1:97:04:36:8e:17:70:66:cc:92:25:f1:fd:
ce:12:1a:60:09:aa:38:6f:ff:06:d8:67:f5:ad:e6:a4:05:a4:
90:34:a0:15:48:74:39:6c:02:fd:f1:0a:d1:6b:4b:e8:b4:32:
ed:37:fc:bb:f3:c1:93:7c:bc:57:f6:95:2d:53:99:8c:ab:4e:
e4:82:d9:a7:1e:17:b1:86:8f:fb:eb:a0:6e:b5:5d:5d:27:28:
58:42:3a:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4luxD7Oi3KH/Y2hA9a4IxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTE0MDkwNDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE5NjQ4ZTVlNjE4OTExYWIzNWQ0YWNmNThiOTlhNjNmNDdhYjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpSHZ+tRAcUnGz+6ELXDJpa4HUvi
l50IakFmvnQvcisB57oTadiHc9f68JhdDOp+qyJSJ6FKuvgX2KDt3GQGs2W+V8a1
k5gDy6VlpIRkUV+CZsLlSnwmD6t/iugtTc97LP2X0aXSFA/7DgGlZnO88zD5e9Q2
pcQRvqWPkAemqzhd++GqP7yV6Al+mvnbK6rntvJvw+eHraLcH6KWqXNT0an5xe8L
H6D1GGy+pglDigTJ3crawj2bg6fMBG+1xZq5sVng/zEquqwReZ+XTD3+H+0BKlgF
qOKUn76W3CB/E4SuhooBWhYoJY3lRpzJs5ScnQuteynRxsJYTOY6AegjxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJIZZI5eYYkRqzXUrPWLmaY/R6srMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEva2hsa2psNWhpUkdyTmRTczlZdVpwajlIcXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0yIMA0G
CSqGSIb3DQEBCwUAA4IBAQBfcCJADiO25tjAqr+jaMP0CfjXzEkrsV9804QPUG5U
plndOvBpmHS6zM/oZ7NFtLOcAUxbHn3X4zFgLrQ7UXa1hllSYiiL2vxwp+f990cc
+t2D0xMy6X2zn4EHKcYCobyuBF1tZt5hxSMAjDIucvxtuPs0mYmz02W9cIGECzvj
sHC2b0GoouV76ip0QuVVnGoGizUxM5S9y66ZNHk8/5PSX1bTRZ4savGXBDaOF3Bm
zJIl8f3OEhpgCao4b/8G2Gf1reakBaSQNKAVSHQ5bAL98QrRa0votDLtN/y788GT
fLxX9pUtU5mMq07kgtmnHhexho/766ButV1dJyhYQjqu
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:06:42 2026 by rpki-client