Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5mdEyDZDzefZQfBuMiCbWakZC-A.roa
File: 5mdEyDZDzefZQfBuMiCbWakZC-A.roa (raw, json)
Hash identifier: 1K8uybxalSBnH9x6jZo75ge/hw9dDZ2lbszxjDL3eso=
Subject key identifier: E6:67:44:C8:36:43:CD:E7:D9:41:F0:6E:32:20:9B:59:A9:19:0B:E0
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D8C7524C3E87A2DB3AA8FBAAC70EC6175
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5mdEyDZDzefZQfBuMiCbWakZC-A.roa
Signing time: Tue 14 Apr 2026 14:46:20 +0000
ROA not before: Tue 14 Apr 2026 14:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207550
IP address blocks: 147.90.120.0/23 maxlen: 24
147.90.211.0/24 maxlen: 24
147.90.233.0/24 maxlen: 24
158.173.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:75:24:c3:e8:7a:2d:b3:aa:8f:ba:ac:70:ec:61:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 14 14:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e66744c83643cde7d941f06e32209b59a9190be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:56:40:d6:81:ae:30:1c:f8:cf:99:bb:af:
b8:c3:b7:9e:ad:23:94:bb:6d:ad:3a:70:87:38:71:
d5:30:ab:22:46:aa:0a:e6:f7:35:bb:95:46:11:5f:
76:b8:a6:1c:86:d9:e2:3e:34:c7:ba:95:5d:a0:d3:
fd:b2:8a:a2:e8:26:cc:f7:25:e5:54:de:8b:12:5b:
ad:76:62:54:da:5b:e7:10:65:f6:f2:aa:be:ae:e2:
16:8d:f9:71:2a:b3:e9:12:ad:88:4f:4f:5d:e5:f1:
ce:c4:ca:45:86:be:aa:9e:fa:36:31:98:2f:00:f7:
d7:8f:03:88:5c:45:65:2d:ca:2b:bf:e8:f1:76:aa:
27:e0:47:96:56:db:6e:cf:bb:7d:66:36:6e:1b:70:
c8:0e:b7:2f:d1:98:37:dc:9e:f6:97:98:15:85:c2:
30:22:ab:fb:db:94:f8:67:e4:c8:7d:77:68:ab:30:
aa:bd:dd:ae:3d:19:18:65:81:e5:04:73:45:e3:1b:
0d:b1:b4:97:b8:37:a5:a9:31:0b:2d:e5:0a:8b:e9:
5d:be:1a:63:aa:bd:22:3a:2e:a6:08:c4:aa:dd:29:
62:65:a3:60:99:82:7b:b3:e9:16:60:bb:1f:c9:fa:
ae:fc:f9:c1:a6:7d:1b:94:c6:cd:7a:83:15:70:a1:
e0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:67:44:C8:36:43:CD:E7:D9:41:F0:6E:32:20:9B:59:A9:19:0B:E0
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/5mdEyDZDzefZQfBuMiCbWakZC-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.120.0/23
147.90.211.0/24
147.90.233.0/24
158.173.208.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:c5:28:5e:62:ef:17:51:2b:5f:91:a0:1c:a5:7e:be:0d:60:
c8:57:08:98:b3:f1:01:d7:12:49:9e:21:89:21:c8:04:b7:1e:
5c:32:44:f7:35:5a:9b:d1:40:e1:fd:2e:6e:c3:94:15:00:f5:
b2:5c:f7:81:06:50:40:6d:1f:2c:6a:f1:2e:cf:9b:9f:be:89:
1f:21:5d:31:f6:87:ea:37:e0:b9:5b:80:64:a1:50:51:49:51:
cf:67:1a:2f:de:99:89:84:0f:71:02:42:9d:2b:2d:62:1c:0c:
2e:f7:6c:3a:6a:20:4d:50:cb:75:19:df:b2:e7:ee:7f:24:07:
33:e8:32:12:66:fa:d8:56:e8:f4:02:8b:31:cf:44:46:b2:57:
98:07:c4:72:e9:9b:4c:11:0f:da:5f:ff:91:a1:21:c7:2b:5a:
12:74:b7:d6:0d:4e:e0:74:43:c0:81:07:34:8a:d7:85:1b:9a:
8e:10:16:5a:f3:d4:e2:10:0d:81:a5:2e:fc:04:0e:ec:45:51:
e6:a7:4c:9b:24:7d:75:a0:ea:a6:33:f8:ba:77:35:ec:9e:bd:
f2:05:34:e8:ba:cf:be:ed:bf:d6:e1:a5:ee:a3:c8:8f:aa:05:
9f:1a:d2:89:80:41:72:83:2c:ae:e6:eb:52:d4:30:bd:f2:50:
3a:a2:c6:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2MdSTD6Hots6qPuqxw7GF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDE0MTQ0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjY3NDRjODM2NDNjZGU3ZDk0MWYwNmUzMjIwOWI1OWE5MTkwYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm5WQNaBrjAc+M+Zu6+4w7eerSOU
u22tOnCHOHHVMKsiRqoK5vc1u5VGEV92uKYchtniPjTHupVdoNP9soqi6CbM9yXl
VN6LElutdmJU2lvnEGX28qq+ruIWjflxKrPpEq2IT09d5fHOxMpFhr6qnvo2MZgv
APfXjwOIXEVlLcorv+jxdqon4EeWVttuz7t9ZjZuG3DIDrcv0Zg33J72l5gVhcIw
Iqv725T4Z+TIfXdoqzCqvd2uPRkYZYHlBHNF4xsNsbSXuDelqTELLeUKi+ldvhpj
qr0iOi6mCMSq3SliZaNgmYJ7s+kWYLsfyfqu/PnBpn0blMbNeoMVcKHguQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOZnRMg2Q83n2UHwbjIgm1mpGQvgMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNW1kRXlEWkR6ZWZaUWZCdU1pQ2JXYWtaQy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBk1p4AwQA
k1rTAwQAk1rpAwQAnq3QMA0GCSqGSIb3DQEBCwUAA4IBAQAKxSheYu8XUStfkaAc
pX6+DWDIVwiYs/EB1xJJniGJIcgEtx5cMkT3NVqb0UDh/S5uw5QVAPWyXPeBBlBA
bR8savEuz5ufvokfIV0x9ofqN+C5W4BkoVBRSVHPZxov3pmJhA9xAkKdKy1iHAwu
92w6aiBNUMt1Gd+y5+5/JAcz6DISZvrYVuj0Aosxz0RGsleYB8Ry6ZtMEQ/aX/+R
oSHHK1oSdLfWDU7gdEPAgQc0iteFG5qOEBZa89TiEA2BpS78BA7sRVHmp0ybJH11
oOqmM/i6dzXsnr3yBTTous++7b/W4aXuo8iPqgWfGtKJgEFygyyu5utS1DC98lA6
osZp
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:40 2026 by rpki-client