Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mn7OLNCLzPBqkrsyYpqFg1imvZI.roa
File: mn7OLNCLzPBqkrsyYpqFg1imvZI.roa (raw, json)
Hash identifier: wxWSpC2c3XkI8LLnMMHI9jlxpk6lm3++ec6oKWD2Sas=
Subject key identifier: 9A:7E:CE:2C:D0:8B:CC:F0:6A:92:BB:32:62:9A:85:83:58:A6:BD:92
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D688C54062C0F67ED6072F1E08C775CA2
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mn7OLNCLzPBqkrsyYpqFg1imvZI.roa
Signing time: Tue 07 Apr 2026 15:25:20 +0000
ROA not before: Tue 07 Apr 2026 15:25:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198087
IP address blocks: 87.76.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:8c:54:06:2c:0f:67:ed:60:72:f1:e0:8c:77:5c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 7 15:25:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a7ece2cd08bccf06a92bb32629a858358a6bd92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:e2:0b:18:c4:2c:63:cb:a9:c2:31:a2:25:
00:e5:07:64:1d:0c:c8:ff:d8:23:29:05:26:01:19:
6c:b5:3f:a5:70:fd:2b:c8:39:86:5c:ef:d8:0a:94:
19:25:e2:63:7a:0f:76:f9:e0:d8:f4:f0:b9:58:33:
43:66:9d:2c:85:8f:50:4c:66:6f:7e:17:85:72:18:
e7:1b:9b:3c:52:d1:33:1c:04:14:c9:e7:16:16:ce:
95:1e:c6:f6:8a:d3:a1:54:f8:28:96:3b:0b:2e:10:
85:d4:04:de:e2:e0:a2:16:8b:fc:4a:21:57:0c:f5:
4b:19:5e:85:5d:b1:c8:f4:87:da:b6:72:7f:57:aa:
a5:b7:14:c0:10:d7:33:de:0d:8f:ec:78:11:15:01:
83:44:41:11:cf:9b:f8:2c:29:f5:bd:90:50:7e:4d:
e2:25:5a:de:d7:51:0f:84:93:56:5a:38:c6:6d:fd:
1a:b2:ee:fc:9c:0a:0f:ed:22:ff:2c:0e:be:f3:23:
b5:17:ec:c5:fb:4d:67:fc:34:b7:43:f3:ec:14:1c:
1b:b1:ce:62:51:b9:ad:93:db:b9:32:2c:f8:3a:41:
00:dc:9d:a4:dd:36:f9:f9:a9:fc:a2:2c:56:11:72:
1f:d3:68:08:27:c1:f7:89:73:7e:b6:f3:f9:ba:09:
eb:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7E:CE:2C:D0:8B:CC:F0:6A:92:BB:32:62:9A:85:83:58:A6:BD:92
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/mn7OLNCLzPBqkrsyYpqFg1imvZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.208.0/24
Signature Algorithm: sha256WithRSAEncryption
25:98:ef:54:2a:20:0f:9b:43:f5:4a:fd:78:ec:11:94:0a:31:
17:84:5b:db:a3:32:a9:74:6c:47:1a:94:e6:21:a6:80:9e:e4:
4d:69:4a:99:82:a2:5d:f4:4e:7d:97:d6:96:a4:17:b8:4b:ef:
55:d1:cf:24:5c:99:73:3e:ca:80:53:0c:e3:2a:d1:3e:95:ca:
d5:e5:ae:5e:85:9d:06:cf:53:7b:3f:48:bf:50:82:5f:fa:12:
c7:c0:3c:2f:ef:da:ea:0d:fc:3e:f7:ff:2c:06:a6:43:19:e0:
99:69:df:a6:92:b9:5c:08:f7:42:51:cb:ed:5e:fd:95:80:53:
7c:90:b4:cd:b1:2d:0a:02:7b:d0:48:38:ef:53:f6:79:af:34:
11:68:4d:ce:fe:2f:59:6f:ed:48:30:ca:1b:93:46:52:f7:70:
20:2b:c3:ea:b6:e6:9a:cb:82:fa:79:db:33:c8:9a:28:7a:3e:
38:4d:c2:14:c9:95:53:b0:6c:e5:6f:d2:47:d4:56:d8:07:54:
a0:18:38:59:43:80:8e:db:1c:41:2a:5b:70:2b:7f:48:12:e9:
32:aa:26:bb:4c:fe:18:9e:93:aa:32:39:61:e3:64:52:b1:22:
7f:93:52:52:81:6c:7c:df:9b:10:ae:11:8c:f8:1c:cd:32:27:
9a:20:5f:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1ojFQGLA9n7WBy8eCMd1yiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDA3MTUyNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdlY2UyY2QwOGJjY2YwNmE5MmJiMzI2MjlhODU4MzU4YTZiZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDbiCxjELGPLqcIxoiUA5QdkHQzI
/9gjKQUmARlstT+lcP0ryDmGXO/YCpQZJeJjeg92+eDY9PC5WDNDZp0shY9QTGZv
fheFchjnG5s8UtEzHAQUyecWFs6VHsb2itOhVPgoljsLLhCF1ATe4uCiFov8SiFX
DPVLGV6FXbHI9IfatnJ/V6qltxTAENcz3g2P7HgRFQGDREERz5v4LCn1vZBQfk3i
JVre11EPhJNWWjjGbf0asu78nAoP7SL/LA6+8yO1F+zF+01n/DS3Q/PsFBwbsc5i
Ubmtk9u5Miz4OkEA3J2k3Tb5+an8oixWEXIf02gIJ8H3iXN+tvP5ugnrRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJp+zizQi8zwapK7MmKahYNYpr2SMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvbW43T0xOQ0x6UEJxa3JzeVlwcUZnMWltdlpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zQMA0G
CSqGSIb3DQEBCwUAA4IBAQAlmO9UKiAPm0P1Sv147BGUCjEXhFvbozKpdGxHGpTm
IaaAnuRNaUqZgqJd9E59l9aWpBe4S+9V0c8kXJlzPsqAUwzjKtE+lcrV5a5ehZ0G
z1N7P0i/UIJf+hLHwDwv79rqDfw+9/8sBqZDGeCZad+mkrlcCPdCUcvtXv2VgFN8
kLTNsS0KAnvQSDjvU/Z5rzQRaE3O/i9Zb+1IMMobk0ZS93AgK8Pqtuaay4L6edsz
yJooej44TcIUyZVTsGzlb9JH1FbYB1SgGDhZQ4CO2xxBKltwK39IEukyqia7TP4Y
npOqMjlh42RSsSJ/k1JSgWx835sQrhGM+BzNMieaIF+t
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:22:39 2026 by rpki-client