Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/x7UH7ZJrApI32sK581_akJQW4t8.roa
File: x7UH7ZJrApI32sK581_akJQW4t8.roa (raw, json)
Hash identifier: 7fHtqcAW0zaDA/MAx+F9yZB2mEvSMVFZMHyQwzDUnVo=
Subject key identifier: C7:B5:07:ED:92:6B:02:92:37:DA:C2:B9:F3:5F:DA:90:94:16:E2:DF
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019CA14E920F9C68E4AB6F9CA8BDD4989B42
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/x7UH7ZJrApI32sK581_akJQW4t8.roa
Signing time: Fri 27 Feb 2026 22:53:26 +0000
ROA not before: Fri 27 Feb 2026 22:53:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198057
IP address blocks: 87.76.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a1:4e:92:0f:9c:68:e4:ab:6f:9c:a8:bd:d4:98:9b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Feb 27 22:53:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7b507ed926b029237dac2b9f35fda909416e2df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:08:9d:7b:61:d4:5e:d5:c5:f9:f4:f5:5f:
cf:95:4e:52:b1:2c:b2:d2:4a:34:25:88:64:f2:ac:
30:18:ad:6c:25:c0:77:fa:1b:fa:ed:4c:e6:1d:f2:
c3:83:a3:63:54:bf:d0:65:ad:58:e2:3b:74:5b:31:
e4:65:f8:39:2c:d4:4c:28:37:25:b8:8a:98:7e:ae:
5f:63:18:df:58:27:d8:21:e1:5a:5d:e6:c6:73:51:
9a:96:5d:0d:f7:e5:79:14:23:9b:37:1f:d9:c8:e0:
c4:a5:fa:e1:71:12:5f:a0:68:b2:10:99:13:d4:20:
a3:f3:c1:49:29:2d:c0:44:10:dc:26:ce:4d:b3:42:
b7:bd:05:5b:e4:e1:78:4f:27:33:ac:26:cb:05:31:
81:1a:f5:12:ca:f5:a8:ff:6d:33:64:f6:72:2a:d9:
f7:94:88:81:3a:97:fa:01:79:4c:13:2c:0e:d9:17:
64:f7:e2:75:fd:64:ee:34:75:54:b2:df:ef:8b:62:
40:80:36:6a:36:fc:94:e2:26:b2:fa:8c:53:29:c6:
cd:36:e3:e5:42:6e:a2:c3:09:cc:10:1d:48:5b:66:
d3:bf:c3:df:b1:db:d5:e1:00:36:bf:d6:e7:8d:f0:
2b:68:ff:4d:f9:05:a9:4a:29:dc:de:02:49:3c:b4:
4a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:B5:07:ED:92:6B:02:92:37:DA:C2:B9:F3:5F:DA:90:94:16:E2:DF
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/x7UH7ZJrApI32sK581_akJQW4t8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.219.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d4:40:64:05:0e:fb:0c:0a:9e:8a:87:0c:86:01:0d:c8:95:
5e:e5:50:21:af:5a:ef:aa:ca:d5:2f:18:bf:ee:f1:65:62:98:
cb:d4:b4:3f:bb:92:87:ac:80:8f:8f:b3:b0:62:a9:26:12:4b:
c8:06:48:a2:7e:c8:c5:16:e9:2d:27:29:e9:1a:fe:23:90:0e:
31:93:ba:60:3a:57:a6:69:2a:64:b6:11:95:59:2f:d0:49:07:
3e:35:4e:b1:23:7e:97:f4:48:81:d8:a9:2f:fb:25:7d:54:d6:
e2:55:1e:f8:57:f1:69:f1:34:ce:61:5f:9f:dd:20:07:c6:1b:
7c:18:a5:95:43:7e:04:16:2a:aa:48:20:6a:c9:57:be:65:fc:
b9:ec:a3:27:e6:01:87:d8:da:06:a6:75:44:d4:0d:a3:fd:7a:
f9:d9:ce:f2:51:a7:80:d7:85:90:3f:02:4a:ec:47:fd:14:1b:
1b:91:78:06:dd:c1:74:d7:06:db:36:74:46:15:9f:64:e9:c1:
62:b5:2e:a5:5c:a3:6f:09:2f:2f:75:63:f9:55:ad:c4:76:9f:
94:89:f5:7f:83:ea:ba:d1:53:d9:80:5d:5b:bd:e2:44:c3:ef:
bb:79:8a:91:16:75:f0:c4:0b:6c:e2:6c:ab:fc:07:f9:a7:b2:
cd:39:03:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyhTpIPnGjkq2+cqL3UmJtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwMjI3MjI1MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2I1MDdlZDkyNmIwMjkyMzdkYWMyYjlmMzVmZGE5MDk0MTZlMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/sInXth1F7Vxfn09V/PlU5SsSyy
0ko0JYhk8qwwGK1sJcB3+hv67UzmHfLDg6NjVL/QZa1Y4jt0WzHkZfg5LNRMKDcl
uIqYfq5fYxjfWCfYIeFaXebGc1Gall0N9+V5FCObNx/ZyODEpfrhcRJfoGiyEJkT
1CCj88FJKS3ARBDcJs5Ns0K3vQVb5OF4TyczrCbLBTGBGvUSyvWo/20zZPZyKtn3
lIiBOpf6AXlMEywO2Rdk9+J1/WTuNHVUst/vi2JAgDZqNvyU4iay+oxTKcbNNuPl
Qm6iwwnMEB1IW2bTv8PfsdvV4QA2v9bnjfAraP9N+QWpSinc3gJJPLRKrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMe1B+2SawKSN9rCufNf2pCUFuLfMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEveDdVSDdaSnJBcEkzMnNLNTgxX2FrSlFXNHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV0zbMA0G
CSqGSIb3DQEBCwUAA4IBAQA01EBkBQ77DAqeiocMhgENyJVe5VAhr1rvqsrVLxi/
7vFlYpjL1LQ/u5KHrICPj7OwYqkmEkvIBkiifsjFFuktJynpGv4jkA4xk7pgOlem
aSpkthGVWS/QSQc+NU6xI36X9EiB2Kkv+yV9VNbiVR74V/Fp8TTOYV+f3SAHxht8
GKWVQ34EFiqqSCBqyVe+Zfy57KMn5gGH2NoGpnVE1A2j/Xr52c7yUaeA14WQPwJK
7Ef9FBsbkXgG3cF01wbbNnRGFZ9k6cFitS6lXKNvCS8vdWP5Va3Edp+UifV/g+q6
0VPZgF1bveJEw++7eYqRFnXwxAts4myr/Af5p7LNOQMw
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:04:26 2026 by rpki-client