Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/vknJmZc8lZ8Oy1hJBrtBaepMtiI.roa
File: vknJmZc8lZ8Oy1hJBrtBaepMtiI.roa (raw, json)
Hash identifier: wdzP1RztW0dfhRuXdIBcqLw2HYHw7i/OCqitHNgLA4g=
Subject key identifier: BE:49:C9:99:97:3C:95:9F:0E:CB:58:49:06:BB:41:69:EA:4C:B6:22
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019E7C319B50FE104F07DFF5FD80E7202619
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/vknJmZc8lZ8Oy1hJBrtBaepMtiI.roa
Signing time: Sun 31 May 2026 04:01:26 +0000
ROA not before: Sun 31 May 2026 04:01:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15386
IP address blocks: 87.76.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7c:31:9b:50:fe:10:4f:07:df:f5:fd:80:e7:20:26:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: May 31 04:01:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be49c999973c959f0ecb584906bb4169ea4cb622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:89:58:1b:4d:5b:ba:ea:23:11:30:20:3d:
67:c9:60:9e:8d:b3:cd:fe:16:9c:65:c7:81:04:40:
49:65:e6:72:d6:60:73:d1:c2:83:6c:f0:ff:cb:f2:
6d:9b:f1:5e:c1:43:33:2c:94:9e:42:4a:54:3d:af:
87:ae:ec:0a:05:eb:e9:cb:8a:8c:b9:e7:f0:09:eb:
d8:71:ed:59:a2:b0:fa:d8:89:16:f2:a0:eb:9d:e4:
aa:96:cb:f0:0d:f4:04:37:83:a8:2a:86:93:49:2f:
cc:60:91:af:55:9a:38:ef:6a:ef:c3:2f:bd:1a:6b:
c4:f7:d6:15:ce:08:27:ce:03:89:11:fa:58:89:6e:
e9:01:2f:68:12:4f:aa:14:98:68:1e:12:b5:ab:3f:
39:97:4f:5d:41:6f:a1:c6:51:11:83:42:ca:7c:c8:
98:e2:8b:29:92:7c:13:6e:78:2f:9e:67:59:6a:03:
1e:bf:77:19:45:6c:78:56:ee:d0:cf:99:c3:06:19:
a9:e8:58:dd:2b:80:fc:dc:0d:d2:09:5b:8d:31:cb:
50:b1:38:ef:8c:7d:83:bf:10:92:38:0f:cb:3e:50:
bc:7b:88:12:c5:47:21:97:f2:bd:91:f1:64:bc:31:
70:68:66:65:a1:d9:44:67:9f:f5:d3:01:c6:4c:c1:
ba:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:49:C9:99:97:3C:95:9F:0E:CB:58:49:06:BB:41:69:EA:4C:B6:22
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/vknJmZc8lZ8Oy1hJBrtBaepMtiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.192.0/24
Signature Algorithm: sha256WithRSAEncryption
16:14:ab:47:68:92:56:76:af:84:78:2a:72:74:7e:06:e6:5c:
83:99:7a:f3:e7:ce:6b:d0:fe:a5:e2:04:61:7f:d3:af:38:9d:
14:ad:6f:57:37:fe:74:e7:02:2f:80:21:bf:24:cd:6d:c8:f5:
02:a0:72:7e:fe:43:85:1a:1f:0e:b4:ed:6b:03:48:27:78:d7:
04:75:d5:7c:80:3e:18:e7:a6:77:a6:ea:79:e1:a9:e7:d1:6c:
21:33:97:4c:5d:0e:4b:0b:02:d9:40:ff:a4:b5:44:cb:72:0a:
5e:a0:b2:1d:8a:2c:21:f5:2d:82:6a:80:9c:bf:4c:ed:39:a2:
11:5b:4a:b6:aa:4d:d4:e6:7a:65:e6:1f:d0:13:48:07:52:be:
33:68:a3:12:f9:26:2b:54:d7:e3:3a:a8:61:47:e5:19:fc:2a:
bf:17:e8:34:f1:d5:b9:81:a6:20:44:13:59:ce:af:84:09:ac:
53:82:0d:b8:30:d8:d9:bd:c7:0a:d6:fb:21:94:ef:f8:78:30:
68:3c:c2:05:02:67:9d:19:a1:12:81:03:07:ff:60:b4:51:1a:
af:d0:7a:77:76:cf:6e:67:b3:74:2b:89:56:14:85:48:8e:a1:
a6:2c:b2:98:aa:79:d0:f8:16:a8:ef:61:2d:2d:14:88:5c:46:
ef:b5:80:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ58MZtQ/hBPB9/1/YDnICYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNTMxMDQwMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ5Yzk5OTk3M2M5NTlmMGVjYjU4NDkwNmJiNDE2OWVhNGNiNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB6JWBtNW7rqIxEwID1nyWCejbPN
/hacZceBBEBJZeZy1mBz0cKDbPD/y/Jtm/FewUMzLJSeQkpUPa+HruwKBevpy4qM
uefwCevYce1ZorD62IkW8qDrneSqlsvwDfQEN4OoKoaTSS/MYJGvVZo472rvwy+9
GmvE99YVzggnzgOJEfpYiW7pAS9oEk+qFJhoHhK1qz85l09dQW+hxlERg0LKfMiY
4ospknwTbngvnmdZagMev3cZRWx4Vu7Qz5nDBhmp6FjdK4D83A3SCVuNMctQsTjv
jH2DvxCSOA/LPlC8e4gSxUchl/K9kfFkvDFwaGZlodlEZ5/10wHGTMG6ZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL5JyZmXPJWfDstYSQa7QWnqTLYiMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEvdmtuSm1aYzhsWjhPeTFoSkJydEJhZXBNdGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zAMA0G
CSqGSIb3DQEBCwUAA4IBAQAWFKtHaJJWdq+EeCpydH4G5lyDmXrz585r0P6l4gRh
f9OvOJ0UrW9XN/505wIvgCG/JM1tyPUCoHJ+/kOFGh8OtO1rA0gneNcEddV8gD4Y
56Z3pup54ann0WwhM5dMXQ5LCwLZQP+ktUTLcgpeoLIdiiwh9S2CaoCcv0ztOaIR
W0q2qk3U5npl5h/QE0gHUr4zaKMS+SYrVNfjOqhhR+UZ/Cq/F+g08dW5gaYgRBNZ
zq+ECaxTgg24MNjZvccK1vshlO/4eDBoPMIFAmedGaESgQMH/2C0URqv0Hp3ds9u
Z7N0K4lWFIVIjqGmLLKYqnnQ+Bao72EtLRSIXEbvtYC9
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:23:33 2026 by rpki-client