Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EoLjvhX_xsWBitbr2ge0-NDdok.roa
File: 8EoLjvhX_xsWBitbr2ge0-NDdok.roa (raw, json)
Hash identifier: g0AHHOp6VZxX5ZRUumDU69per23TnjHibw8AHiCsLoE=
Subject key identifier: F0:4A:0B:8E:F8:57:FF:1B:16:06:2B:5B:AF:68:1E:D3:E3:43:76:89
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019C42BD50260D045CC76B5455A58C242863
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EoLjvhX_xsWBitbr2ge0-NDdok.roa
Signing time: Mon 09 Feb 2026 14:10:28 +0000
ROA not before: Mon 09 Feb 2026 14:10:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9318
IP address blocks: 147.90.2.0/24 maxlen: 24
147.90.4.0/24 maxlen: 24
147.90.200.0/24 maxlen: 24
147.90.201.0/24 maxlen: 24
147.90.202.0/24 maxlen: 24
147.90.203.0/24 maxlen: 24
147.90.204.0/24 maxlen: 24
147.90.216.0/24 maxlen: 24
147.90.217.0/24 maxlen: 24
147.90.218.0/24 maxlen: 24
147.90.219.0/24 maxlen: 24
158.173.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:42:bd:50:26:0d:04:5c:c7:6b:54:55:a5:8c:24:28:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 9 14:10:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f04a0b8ef857ff1b16062b5baf681ed3e3437689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a5:b9:4f:d0:3f:cc:d3:a7:0c:ff:b4:18:df:
c0:b9:98:f2:41:54:44:99:ad:20:96:9d:7a:5c:95:
ce:4a:24:64:c6:9c:0c:f2:9b:c4:28:e1:32:e2:9f:
15:41:4e:91:d4:ec:99:70:52:50:b7:5f:2b:65:42:
bb:df:31:7b:31:40:4f:9a:07:02:f2:b6:83:99:d5:
dc:5a:e1:05:29:50:41:60:fd:f8:82:a8:53:fd:ad:
58:3c:9f:63:a3:86:01:11:a6:90:45:92:07:57:2f:
2a:a7:99:2a:dc:05:31:5c:59:fd:2b:7d:cf:fb:01:
d5:5d:6e:ed:60:c0:98:5a:84:42:30:aa:a4:0f:37:
62:03:a4:58:4d:c4:41:2b:2b:68:51:e9:2f:0f:d0:
61:fe:ee:40:10:60:59:00:5c:7d:2d:2c:4e:3f:6b:
4c:0b:d2:7e:62:44:e0:5f:0c:8f:7e:df:f8:74:3c:
50:5e:8b:58:3d:5f:07:c5:75:5a:ff:d2:44:31:9f:
3e:90:da:33:d0:d0:14:14:6d:e5:d6:f7:b2:95:9f:
59:6a:53:76:76:0c:8f:d5:36:d7:ab:b6:8e:a1:a1:
7e:69:8f:3a:e7:89:16:73:19:eb:cb:60:b6:43:e0:
ff:f2:2e:11:1e:f2:29:f8:e3:54:10:f1:3e:0a:5b:
2e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4A:0B:8E:F8:57:FF:1B:16:06:2B:5B:AF:68:1E:D3:E3:43:76:89
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EoLjvhX_xsWBitbr2ge0-NDdok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.2.0/24
147.90.4.0/24
147.90.200.0-147.90.204.255
147.90.216.0/22
158.173.193.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d8:7b:89:71:ae:63:2c:e3:40:dd:47:78:67:90:c6:d1:1c:
c6:7a:0e:42:28:04:40:81:bc:e9:61:06:24:43:b9:ff:8d:9b:
ac:a9:b6:2f:10:2e:dc:e9:9d:fd:5f:b4:3d:76:bb:b4:8a:99:
7f:f6:fe:68:6d:82:f0:09:d7:d8:55:a5:aa:64:0c:8f:61:86:
af:f3:e8:65:74:f0:ea:f8:04:d3:e0:d1:15:ea:00:af:4e:cb:
e0:90:24:92:e2:d6:80:9a:4a:be:bf:3c:0f:47:b9:67:16:88:
e1:99:a3:fa:76:61:8f:2e:24:af:c4:ff:87:e7:a1:7f:75:a0:
bf:60:14:b3:b9:71:83:7b:d4:ba:47:2b:43:19:ea:62:12:a5:
40:27:b5:5a:78:c6:c2:f9:51:9f:93:f3:e7:45:33:73:26:6d:
79:cf:3f:94:1e:6e:54:8f:8e:da:7a:42:4c:0a:92:46:c8:87:
3c:70:d9:37:e7:84:c1:08:c8:30:e6:59:b1:eb:b8:b5:e5:61:
26:a4:b8:a8:e1:d4:4d:fe:06:9c:94:4b:9e:7e:06:e7:ec:17:
8b:a6:7d:86:ec:4b:03:8a:8c:c8:45:84:bb:c4:34:f2:9a:94:
66:d9:68:b7:55:da:66:10:26:f0:36:9d:83:66:b7:c9:f0:49:
00:b8:e8:c9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZxCvVAmDQRcx2tUVaWMJChjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMjA5MTQxMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDRhMGI4ZWY4NTdmZjFiMTYwNjJiNWJhZjY4MWVkM2UzNDM3Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaW5T9A/zNOnDP+0GN/AuZjyQVRE
ma0glp16XJXOSiRkxpwM8pvEKOEy4p8VQU6R1OyZcFJQt18rZUK73zF7MUBPmgcC
8raDmdXcWuEFKVBBYP34gqhT/a1YPJ9jo4YBEaaQRZIHVy8qp5kq3AUxXFn9K33P
+wHVXW7tYMCYWoRCMKqkDzdiA6RYTcRBKytoUekvD9Bh/u5AEGBZAFx9LSxOP2tM
C9J+YkTgXwyPft/4dDxQXotYPV8HxXVa/9JEMZ8+kNoz0NAUFG3l1veylZ9ZalN2
dgyP1TbXq7aOoaF+aY8654kWcxnry2C2Q+D/8i4RHvIp+ONUEPE+Clsu8QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPBKC474V/8bFgYrW69oHtPjQ3aJMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOEVvTGp2aFhfeHNXQml0YnIyZ2UwLU5EZG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAk1oCAwQA
k1oEMAwDBAOTWsgDBACTWswDBAKTWtgDBACercEwDQYJKoZIhvcNAQELBQADggEB
ABHYe4lxrmMs40DdR3hnkMbRHMZ6DkIoBECBvOlhBiRDuf+Nm6ypti8QLtzpnf1f
tD12u7SKmX/2/mhtgvAJ19hVpapkDI9hhq/z6GV08Or4BNPg0RXqAK9Oy+CQJJLi
1oCaSr6/PA9HuWcWiOGZo/p2YY8uJK/E/4fnoX91oL9gFLO5cYN71LpHK0MZ6mIS
pUAntVp4xsL5UZ+T8+dFM3MmbXnPP5QeblSPjtp6QkwKkkbIhzxw2TfnhMEIyDDm
WbHruLXlYSakuKjh1E3+BpyUS55+BufsF4umfYbsSwOKjMhFhLvENPKalGbZaLdV
2mYQJvA2nYNmt8nwSQC46Mk=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:36:05 2026 by rpki-client