Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPhHtO6upH71_3UlWcv8ONJ_kJ0.roa
File: RPhHtO6upH71_3UlWcv8ONJ_kJ0.roa (raw, json)
Hash identifier: TAzHKsaBP7dszX0QGyCvs0CEvezgvBAAPQMoGBFBdcA=
Subject key identifier: 44:F8:47:B4:EE:AE:A4:7E:F5:FF:75:25:59:CB:FC:38:D2:7F:90:9D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D07B892B3DE1FF214F974B9B3376BBA37
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPhHtO6upH71_3UlWcv8ONJ_kJ0.roa
Signing time: Thu 19 Mar 2026 20:10:29 +0000
ROA not before: Thu 19 Mar 2026 20:10:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 140900
IP address blocks: 147.90.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:07:b8:92:b3:de:1f:f2:14:f9:74:b9:b3:37:6b:ba:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 19 20:10:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=44f847b4eeaea47ef5ff752559cbfc38d27f909d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:ea:69:08:1e:2d:78:41:3c:97:39:82:ff:
11:5b:e0:d3:c0:13:38:79:05:17:31:26:27:7b:02:
4b:78:59:39:90:59:15:8f:b0:68:3d:b9:1e:c8:59:
79:8c:be:4a:27:b7:fc:a8:64:e6:b1:1f:91:52:c8:
f9:5b:8e:8a:76:f9:ca:5b:5a:98:12:54:56:ae:81:
99:68:68:96:b8:f9:1c:62:71:8d:30:86:75:c2:69:
18:52:64:f5:28:c6:dd:d6:7c:a1:89:5d:63:5b:9f:
d3:91:83:4f:b1:b4:19:11:49:81:bd:71:02:b1:7f:
3a:2d:a9:ed:03:99:fd:73:0c:11:fa:38:89:71:55:
66:ab:3a:c7:c0:1d:10:48:bb:37:24:7d:68:95:75:
42:eb:ab:56:a4:d9:15:19:60:13:a8:0c:8e:45:88:
c4:ea:9e:11:7d:f4:bc:e1:c0:02:78:9e:af:47:c4:
2c:7d:d1:ca:a3:f8:85:09:ae:ec:46:66:32:e6:03:
55:84:c9:74:9e:e3:33:3f:95:75:a8:b4:35:94:34:
66:74:c8:9a:63:00:d2:bb:ce:61:a9:12:29:05:07:
8d:44:06:f2:0d:e7:b4:fc:b6:02:03:7f:43:fc:53:
b8:c2:b1:5c:f7:23:ec:35:b5:c3:f3:6a:b7:80:38:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F8:47:B4:EE:AE:A4:7E:F5:FF:75:25:59:CB:FC:38:D2:7F:90:9D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/RPhHtO6upH71_3UlWcv8ONJ_kJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.96.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:e1:78:28:a9:33:37:02:51:86:9b:3e:cd:b9:d7:5b:00:46:
4e:27:9b:98:7d:4b:3d:69:f1:c8:9b:19:18:4b:64:25:ef:fc:
b1:0f:b0:97:21:26:7f:b7:fe:38:92:58:aa:ae:5a:4a:44:97:
73:10:da:58:ee:3c:a3:47:bb:2e:67:54:68:b0:65:cc:b6:5c:
bb:cd:75:f3:f7:07:f3:47:8e:ed:76:a2:b0:03:7d:bc:bc:40:
df:9d:97:2c:3a:11:2a:39:d6:cd:75:1a:79:4e:ad:12:b6:a7:
e6:1a:cb:a0:7f:43:30:84:06:64:4a:de:18:92:da:4c:8d:af:
e2:f2:8b:6a:a6:75:18:73:0f:f9:3c:2d:fe:6f:6d:7d:a3:12:
a2:73:0c:6f:98:ac:ea:bc:be:01:7a:b0:fb:92:83:a8:4c:41:
8c:5d:ae:84:e6:f1:1b:70:a4:70:e1:9b:d0:5d:1c:3b:be:80:
7b:b3:d7:1f:3b:0f:6d:6d:4c:33:08:62:9b:d9:a5:05:3f:d5:
d1:64:00:04:0c:d3:98:c6:8c:07:e2:bb:b2:bf:47:d7:23:60:
82:26:df:bf:1b:fa:42:3c:5f:17:52:00:34:05:44:91:0c:a2:
54:25:2b:6d:2c:33:0d:aa:16:24:ed:0f:9f:f4:9d:50:3d:ba:
67:e6:b8:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0HuJKz3h/yFPl0ubM3a7o3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzE5MjAxMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGY4NDdiNGVlYWVhNDdlZjVmZjc1MjU1OWNiZmMzOGQyN2Y5MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzPqaQgeLXhBPJc5gv8RW+DTwBM4
eQUXMSYnewJLeFk5kFkVj7BoPbkeyFl5jL5KJ7f8qGTmsR+RUsj5W46KdvnKW1qY
ElRWroGZaGiWuPkcYnGNMIZ1wmkYUmT1KMbd1nyhiV1jW5/TkYNPsbQZEUmBvXEC
sX86LantA5n9cwwR+jiJcVVmqzrHwB0QSLs3JH1olXVC66tWpNkVGWATqAyORYjE
6p4RffS84cACeJ6vR8QsfdHKo/iFCa7sRmYy5gNVhMl0nuMzP5V1qLQ1lDRmdMia
YwDSu85hqRIpBQeNRAbyDee0/LYCA39D/FO4wrFc9yPsNbXD82q3gDh4ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFET4R7TurqR+9f91JVnL/DjSf5CdMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvUlBoSHRPNnVwSDcxXzNVbFdjdjhPTkpfa0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDk1pgMA0G
CSqGSIb3DQEBCwUAA4IBAQAq4XgoqTM3AlGGmz7NuddbAEZOJ5uYfUs9afHImxkY
S2Ql7/yxD7CXISZ/t/44kliqrlpKRJdzENpY7jyjR7suZ1RosGXMtly7zXXz9wfz
R47tdqKwA328vEDfnZcsOhEqOdbNdRp5Tq0StqfmGsugf0MwhAZkSt4YktpMja/i
8otqpnUYcw/5PC3+b219oxKicwxvmKzqvL4BerD7koOoTEGMXa6E5vEbcKRw4ZvQ
XRw7voB7s9cfOw9tbUwzCGKb2aUFP9XRZAAEDNOYxowH4ruyv0fXI2CCJt+/G/pC
PF8XUgA0BUSRDKJUJSttLDMNqhYk7Q+f9J1QPbpn5rhy
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:23:11 2026 by rpki-client