Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/CCduChNSaAb2PKcgGQT2z132vwI.roa
File: CCduChNSaAb2PKcgGQT2z132vwI.roa (raw, json)
Hash identifier: D6fq59U3qTFEi15GjEIO4x20l7UxzPxRXQZjCYY8VvA=
Subject key identifier: 08:27:6E:0A:13:52:68:06:F6:3C:A7:20:19:04:F6:CF:5D:F6:BF:02
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019CF12EEBBAB9F8F53D0BEFD222F1349CCC
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/CCduChNSaAb2PKcgGQT2z132vwI.roa
Signing time: Sun 15 Mar 2026 11:08:29 +0000
ROA not before: Sun 15 Mar 2026 11:08:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48300
IP address blocks: 147.90.104.0/21 maxlen: 24
158.173.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f1:2e:eb:ba:b9:f8:f5:3d:0b:ef:d2:22:f1:34:9c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 15 11:08:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=08276e0a13526806f63ca7201904f6cf5df6bf02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1a:32:c1:17:1c:8d:12:34:71:30:6f:9f:e9:
4d:99:65:b0:ed:05:f4:73:74:c0:7b:7d:d7:2d:47:
38:98:eb:b3:00:95:0c:b5:b5:6a:30:76:eb:28:95:
81:54:7c:d5:0b:34:b8:86:93:59:94:fa:57:b6:6a:
3a:67:43:ce:e3:89:52:23:89:f2:90:fe:16:de:a6:
c6:5e:67:cf:63:c8:40:7c:96:8b:13:84:78:39:53:
43:a9:28:26:02:e7:a8:4e:3b:c7:dc:48:04:e4:f2:
2d:c9:eb:71:ae:c0:8c:8d:95:35:dd:2d:89:e7:9f:
39:39:7a:d0:21:b2:3c:dd:60:80:e1:e2:7a:61:6c:
d2:32:99:4b:58:2b:62:17:ef:60:c5:eb:c2:e1:4f:
24:80:5e:a8:23:a3:61:54:95:c8:de:47:4e:ec:cc:
8c:aa:b1:7e:61:9e:31:99:62:ea:c5:ad:96:44:2b:
e0:8e:0c:79:ae:34:ff:57:b6:06:ea:7a:6a:ec:84:
6c:d4:6e:30:16:4e:26:64:e2:4c:c1:d8:79:dd:c6:
b0:51:b0:01:50:70:3d:d9:6d:fd:a8:8f:06:82:3e:
78:f0:86:9d:6b:f9:b5:d7:5a:44:f3:0c:0f:cf:c1:
90:d8:cf:07:43:d2:48:8f:c4:9d:46:a2:9c:f5:c3:
4e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:27:6E:0A:13:52:68:06:F6:3C:A7:20:19:04:F6:CF:5D:F6:BF:02
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/CCduChNSaAb2PKcgGQT2z132vwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.104.0/21
158.173.184.0/21
Signature Algorithm: sha256WithRSAEncryption
bb:09:73:3b:27:81:c7:53:f4:32:9b:58:f5:f6:1a:7d:b8:02:
a4:ff:79:61:ab:79:f6:94:c3:9b:89:1e:b2:2c:21:be:b0:f0:
2d:51:14:ec:80:45:82:d5:d4:0e:50:ff:cd:3c:57:cb:24:bd:
c2:2a:47:4e:52:3d:69:17:b7:bf:ce:e6:9d:9d:e6:b9:7e:f7:
95:48:6e:34:0f:e7:52:96:5d:49:a8:bf:ce:62:97:fd:8a:6c:
2d:ef:f8:7a:13:09:ed:a8:c2:31:7d:83:a2:b8:37:44:c1:7a:
df:78:a1:cc:34:82:8f:4f:e6:a9:74:2b:ac:83:ec:51:2a:9a:
9f:53:c6:fa:79:d8:d8:b2:f5:da:ce:a5:39:ca:3e:57:1a:ca:
7c:db:37:0b:24:96:80:5e:a7:61:a0:76:77:df:92:d2:18:a0:
2c:8a:3d:0f:50:c3:70:fd:58:6c:20:8a:a6:a4:f5:d0:d8:3f:
99:bf:72:8f:0b:57:f0:46:b3:e5:d7:fd:94:d3:8a:8f:ea:da:
80:63:65:84:01:54:c6:9b:4b:f0:5e:46:17:98:b0:47:e7:24:
cb:41:44:54:20:0e:05:1f:a2:47:7f:bb:23:bf:a0:76:c6:be:
11:11:fb:af:9f:04:9f:79:70:ae:5d:d1:de:ac:9f:17:1e:7b:
50:b4:ed:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzxLuu6ufj1PQvv0iLxNJzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzE1MTEwODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODI3NmUwYTEzNTI2ODA2ZjYzY2E3MjAxOTA0ZjZjZjVkZjZiZjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhoywRccjRI0cTBvn+lNmWWw7QX0
c3TAe33XLUc4mOuzAJUMtbVqMHbrKJWBVHzVCzS4hpNZlPpXtmo6Z0PO44lSI4ny
kP4W3qbGXmfPY8hAfJaLE4R4OVNDqSgmAueoTjvH3EgE5PItyetxrsCMjZU13S2J
5585OXrQIbI83WCA4eJ6YWzSMplLWCtiF+9gxevC4U8kgF6oI6NhVJXI3kdO7MyM
qrF+YZ4xmWLqxa2WRCvgjgx5rjT/V7YG6npq7IRs1G4wFk4mZOJMwdh53cawUbAB
UHA92W39qI8Ggj548Iada/m111pE8wwPz8GQ2M8HQ9JIj8SdRqKc9cNO6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAgnbgoTUmgG9jynIBkE9s9d9r8CMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvQ0NkdUNoTlNhQWIyUEtjZ0dRVDJ6MTMydndJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDk1poAwQD
nq24MA0GCSqGSIb3DQEBCwUAA4IBAQC7CXM7J4HHU/Qym1j19hp9uAKk/3lhq3n2
lMObiR6yLCG+sPAtURTsgEWC1dQOUP/NPFfLJL3CKkdOUj1pF7e/zuadnea5fveV
SG40D+dSll1JqL/OYpf9imwt7/h6EwntqMIxfYOiuDdEwXrfeKHMNIKPT+apdCus
g+xRKpqfU8b6edjYsvXazqU5yj5XGsp82zcLJJaAXqdhoHZ335LSGKAsij0PUMNw
/VhsIIqmpPXQ2D+Zv3KPC1fwRrPl1/2U04qP6tqAY2WEAVTGm0vwXkYXmLBH5yTL
QURUIA4FH6JHf7sjv6B2xr4REfuvnwSfeXCuXdHerJ8XHntQtO10
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:07:16 2026 by rpki-client