Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/xfcNNr-RUiHUybTluYi9uzkIfaM.roa
File: xfcNNr-RUiHUybTluYi9uzkIfaM.roa (raw, json)
Hash identifier: aHivb/k+955qSn60sRyboNx3HuHGKe4bMkpui5dM9h0=
Subject key identifier: C5:F7:0D:36:BF:91:52:21:D4:C9:B4:E5:B9:88:BD:BB:39:08:7D:A3
Certificate issuer: /CN=521f0cba10daa302e3b167cee5395f742f530b09
Certificate serial: 019D9FD0E52D35D053429E1DE322BE9DAF06
Authority key identifier: 52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/xfcNNr-RUiHUybTluYi9uzkIfaM.roa
Signing time: Sat 18 Apr 2026 08:59:20 +0000
ROA not before: Sat 18 Apr 2026 08:59:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 87.76.170.0/24 maxlen: 24
87.76.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9f:d0:e5:2d:35:d0:53:42:9e:1d:e3:22:be:9d:af:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521f0cba10daa302e3b167cee5395f742f530b09
Validity
Not Before: Apr 18 08:59:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c5f70d36bf915221d4c9b4e5b988bdbb39087da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:b7:6b:65:b3:7e:9f:50:32:cf:06:00:e1:
17:ab:37:ed:ec:e8:93:d7:c1:30:0d:d5:b4:9f:b4:
08:55:b8:50:ba:e2:81:c8:bc:b5:39:55:8c:35:5b:
bb:c8:27:c2:90:c5:30:34:58:5d:70:11:c6:5b:ac:
51:5c:55:f1:8e:03:b0:fb:2b:5e:48:cb:c1:5d:da:
40:b1:18:81:41:24:64:69:10:4d:05:cf:cf:b8:10:
32:8b:26:89:4e:b1:be:4f:c0:9d:a4:1d:cb:28:70:
ad:5b:c4:7d:d7:c3:b5:d0:65:2b:2d:20:bb:5a:4e:
4a:7a:ad:10:0b:2e:25:ef:96:0d:f0:a8:a7:5c:8f:
24:72:fd:d0:8f:3d:e1:b4:4f:b5:8e:a2:2c:c6:45:
d5:c1:69:a9:97:77:99:9c:4c:23:41:af:c4:ef:bb:
87:69:46:46:92:42:32:7a:38:03:48:b3:9d:75:17:
24:33:92:c5:1c:43:9b:90:b7:d0:76:ed:62:6c:5a:
15:fb:82:c2:ea:7e:6f:7c:8d:96:62:26:e9:cc:c6:
f7:94:cc:8a:fb:45:63:a8:2a:0f:5c:43:a5:c9:d0:
1a:d8:ad:df:04:47:95:6d:c7:49:71:b4:91:db:7f:
4d:78:64:63:08:c4:81:5b:88:e6:fa:7f:61:72:e6:
3e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F7:0D:36:BF:91:52:21:D4:C9:B4:E5:B9:88:BD:BB:39:08:7D:A3
X509v3 Authority Key Identifier:
keyid:52:1F:0C:BA:10:DA:A3:02:E3:B1:67:CE:E5:39:5F:74:2F:53:0B:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uh8MuhDaowLjsWfO5TlfdC9TCwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/xfcNNr-RUiHUybTluYi9uzkIfaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/68ce36-74e4-443b-aef1-3bb8b075d69f/1/Uh8MuhDaowLjsWfO5TlfdC9TCwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.76.170.0/24
87.76.206.0/24
Signature Algorithm: sha256WithRSAEncryption
75:99:0b:aa:e7:bb:72:cc:60:8b:ba:92:24:8f:61:55:63:0c:
f1:1a:e0:63:31:d6:ea:11:e0:4c:64:35:4d:1c:68:6a:65:71:
26:52:7f:c2:4d:a7:d3:3e:6a:da:48:bc:1f:82:51:cd:03:a8:
ff:44:2b:15:11:e7:5e:44:a4:69:1d:0a:e3:81:f3:80:68:04:
f7:51:1d:21:c5:18:9e:7f:7a:e4:fc:26:08:2f:a2:92:0a:e2:
89:9a:a6:e3:19:f8:60:6f:bc:0b:fd:5e:56:2e:b5:d4:2b:ac:
d2:17:30:26:b6:a3:4f:4c:fd:b7:ae:1c:a7:a0:99:7b:84:a8:
d0:d1:60:ee:4e:4d:a1:b0:8b:b3:c2:0a:34:2d:a1:ec:f2:d4:
7f:15:51:7a:3a:ce:8b:fc:e7:40:c3:a1:06:ae:b0:18:c3:9e:
0b:df:58:de:9b:d0:39:45:a8:a5:b8:63:b1:5a:42:72:2f:20:
18:5c:17:8b:5c:c4:f7:2b:ec:23:6e:09:ec:54:ca:9c:54:e8:
56:15:a9:32:d7:82:03:6d:1f:51:b2:32:56:a8:6f:d5:58:bd:
b7:65:14:3d:85:fb:85:74:96:f4:6d:4d:61:26:55:e8:76:16:
bc:76:b7:4e:0b:60:14:72:08:32:4e:40:fa:95:a0:97:56:54:
eb:7c:97:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2f0OUtNdBTQp4d4yK+na8GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWYwY2JhMTBkYWEzMDJlM2IxNjdjZWU1Mzk1Zjc0MmY1
MzBiMDkwHhcNMjYwNDE4MDg1OTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY3MGQzNmJmOTE1MjIxZDRjOWI0ZTViOTg4YmRiYjM5MDg3ZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMK3a2Wzfp9QMs8GAOEXqzft7OiT
18EwDdW0n7QIVbhQuuKByLy1OVWMNVu7yCfCkMUwNFhdcBHGW6xRXFXxjgOw+yte
SMvBXdpAsRiBQSRkaRBNBc/PuBAyiyaJTrG+T8CdpB3LKHCtW8R918O10GUrLSC7
Wk5Keq0QCy4l75YN8KinXI8kcv3Qjz3htE+1jqIsxkXVwWmpl3eZnEwjQa/E77uH
aUZGkkIyejgDSLOddRckM5LFHEObkLfQdu1ibFoV+4LC6n5vfI2WYibpzMb3lMyK
+0VjqCoPXEOlydAa2K3fBEeVbcdJcbSR239NeGRjCMSBW4jm+n9hcuY+wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMX3DTa/kVIh1Mm05bmIvbs5CH2jMB8GA1UdIwQY
MBaAFFIfDLoQ2qMC47FnzuU5X3QvUwsJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEt
M2JiOGIwNzVkNjlmLzEveGZjTk5yLVJVaUhVeWJUbHVZaTl1emtJZmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82OGNlMzYtNzRlNC00NDNiLWFlZjEtM2JiOGIwNzVkNjlm
LzEvVWg4TXVoRGFvd0xqc1dmTzVUbGZkQzlUQ3drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV0yqAwQA
V0zOMA0GCSqGSIb3DQEBCwUAA4IBAQB1mQuq57tyzGCLupIkj2FVYwzxGuBjMdbq
EeBMZDVNHGhqZXEmUn/CTafTPmraSLwfglHNA6j/RCsVEedeRKRpHQrjgfOAaAT3
UR0hxRief3rk/CYIL6KSCuKJmqbjGfhgb7wL/V5WLrXUK6zSFzAmtqNPTP23rhyn
oJl7hKjQ0WDuTk2hsIuzwgo0LaHs8tR/FVF6Os6L/OdAw6EGrrAYw54L31jem9A5
RailuGOxWkJyLyAYXBeLXMT3K+wjbgnsVMqcVOhWFaky14IDbR9RsjJWqG/VWL23
ZRQ9hfuFdJb0bU1hJlXodha8drdOC2AUcggyTkD6laCXVlTrfJci
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:12:31 2026 by rpki-client