Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2xaswnLg7XvwtWvKLA0kTjam0hA.roa
File: 2xaswnLg7XvwtWvKLA0kTjam0hA.roa (raw, json)
Hash identifier: eLHffJvBeBSBxxAubEPCZTycB0y2HNCO8vQUPpuFyfU=
Subject key identifier: DB:16:AC:C2:72:E0:ED:7B:F0:B5:6B:CA:2C:0D:24:4E:36:A6:D2:10
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D6E7A47343AE8C23F4B92C5F12ABBFAAD
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2xaswnLg7XvwtWvKLA0kTjam0hA.roa
Signing time: Wed 08 Apr 2026 19:03:20 +0000
ROA not before: Wed 08 Apr 2026 19:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5650
IP address blocks: 147.90.1.0/24 maxlen: 24
158.173.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 00:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6e:7a:47:34:3a:e8:c2:3f:4b:92:c5:f1:2a:bb:fa:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 8 19:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db16acc272e0ed7bf0b56bca2c0d244e36a6d210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:21:ba:6b:b9:3c:6e:a7:d5:d2:63:7f:bc:2b:
98:f2:d6:cb:6c:0a:58:32:1b:75:65:90:3b:b7:0a:
53:87:72:74:3f:57:be:22:21:f6:cd:1d:39:e7:c6:
4d:f7:ef:07:f2:9b:eb:a8:97:ed:a8:18:2c:62:1e:
04:1b:8f:63:72:c4:41:b3:24:0c:b1:76:4c:b6:0d:
96:54:8f:2d:5a:d2:e3:50:ba:4c:b7:6c:3e:f6:77:
52:c8:70:83:f9:46:f8:ae:93:4f:41:35:3c:a6:43:
83:ae:da:40:bf:3f:df:0f:de:3a:50:af:0c:d6:96:
df:d3:a6:fe:9f:bc:39:3b:c4:91:02:bd:58:71:2e:
74:ef:2c:88:11:ba:e6:9e:40:d4:7d:2c:26:94:fe:
75:e5:d0:52:f3:a6:1d:c8:41:8f:1d:d2:1d:a7:53:
2c:33:e6:ac:45:c5:5f:fc:60:9b:57:66:d7:14:db:
46:39:74:65:b4:92:a6:d0:30:67:10:c7:00:2e:1f:
23:fb:75:69:32:13:7b:25:24:c6:e6:ac:b8:23:d9:
12:8b:ce:05:37:10:0f:e6:73:2d:b4:89:e5:44:3b:
68:b8:4a:f4:5b:62:0d:60:47:68:1e:e8:4b:7c:44:
2e:29:50:a2:5a:ad:cf:b0:c7:81:4d:a7:16:5b:2e:
92:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:16:AC:C2:72:E0:ED:7B:F0:B5:6B:CA:2C:0D:24:4E:36:A6:D2:10
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2xaswnLg7XvwtWvKLA0kTjam0hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.1.0/24
158.173.180.0/22
Signature Algorithm: sha256WithRSAEncryption
28:63:00:37:97:97:09:cf:4e:ee:ce:ef:04:cc:4e:40:6b:fc:
a4:3c:e2:79:76:36:42:17:e0:66:ff:3e:a0:c1:af:1a:73:79:
79:cd:c2:b8:c4:f2:f3:17:ad:72:14:83:54:0a:19:b9:4c:f5:
ed:06:ed:96:20:ff:64:3d:db:02:80:7e:1b:6a:77:28:16:84:
26:b1:5a:eb:0c:c5:e5:83:2c:1f:aa:e6:2c:fb:bb:4a:da:bb:
07:50:f8:4b:ca:44:0b:a2:66:a4:05:93:97:b5:ef:b4:76:72:
45:47:19:02:7e:11:dc:6b:be:cf:c9:36:e6:bd:90:eb:64:a4:
d2:90:29:90:c0:d0:96:51:d9:53:21:34:aa:ee:fd:21:a0:fa:
fd:c5:be:e4:5a:94:6e:b8:ba:49:2e:1c:65:ab:f3:78:0a:64:
e6:1d:c1:8c:01:00:ea:eb:9e:e0:56:dd:9a:8e:fa:9c:62:75:
cd:d7:42:8c:c9:b0:83:70:91:fb:6c:9f:fb:cf:74:bb:14:cc:
48:6d:69:84:5a:cf:0c:8e:aa:25:62:fc:91:4e:57:d3:30:27:
b3:ba:7a:48:42:db:2f:f2:96:8f:bf:84:7f:38:7e:48:2c:ce:
a2:60:ef:5b:dd:16:31:c3:18:dd:15:fe:82:42:26:7b:98:f9:
ca:5c:82:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1uekc0OujCP0uSxfEqu/qtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDA4MTkwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE2YWNjMjcyZTBlZDdiZjBiNTZiY2EyYzBkMjQ0ZTM2YTZkMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyG6a7k8bqfV0mN/vCuY8tbLbApY
Mht1ZZA7twpTh3J0P1e+IiH2zR0558ZN9+8H8pvrqJftqBgsYh4EG49jcsRBsyQM
sXZMtg2WVI8tWtLjULpMt2w+9ndSyHCD+Ub4rpNPQTU8pkODrtpAvz/fD946UK8M
1pbf06b+n7w5O8SRAr1YcS507yyIEbrmnkDUfSwmlP515dBS86YdyEGPHdIdp1Ms
M+asRcVf/GCbV2bXFNtGOXRltJKm0DBnEMcALh8j+3VpMhN7JSTG5qy4I9kSi84F
NxAP5nMttInlRDtouEr0W2INYEdoHuhLfEQuKVCiWq3PsMeBTacWWy6S3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsWrMJy4O178LVryiwNJE42ptIQMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMnhhc3duTGc3WHZ3dFd2S0xBMGtUamFtMGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk1oBAwQC
nq20MA0GCSqGSIb3DQEBCwUAA4IBAQAoYwA3l5cJz07uzu8EzE5Aa/ykPOJ5djZC
F+Bm/z6gwa8ac3l5zcK4xPLzF61yFINUChm5TPXtBu2WIP9kPdsCgH4bancoFoQm
sVrrDMXlgywfquYs+7tK2rsHUPhLykQLomakBZOXte+0dnJFRxkCfhHca77PyTbm
vZDrZKTSkCmQwNCWUdlTITSq7v0hoPr9xb7kWpRuuLpJLhxlq/N4CmTmHcGMAQDq
657gVt2ajvqcYnXN10KMybCDcJH7bJ/7z3S7FMxIbWmEWs8MjqolYvyRTlfTMCez
unpIQtsv8paPv4R/OH5ILM6iYO9b3RYxwxjdFf6CQiZ7mPnKXILJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:10:30 2026 by rpki-client