Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8qoLK8ja1IOOuNoouqBbgd6UcIU.roa
File: 8qoLK8ja1IOOuNoouqBbgd6UcIU.roa (raw, json)
Hash identifier: FpWm39GCL3j6t94ogM6Ct3kskNcl7qWUutoAo9LEPwY=
Subject key identifier: F2:AA:0B:2B:C8:DA:D4:83:8E:B8:DA:28:BA:A0:5B:81:DE:94:70:85
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D8CC69FB5FEAFDF44887E56821D9F6889
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8qoLK8ja1IOOuNoouqBbgd6UcIU.roa
Signing time: Tue 14 Apr 2026 16:15:20 +0000
ROA not before: Tue 14 Apr 2026 16:15:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 45.144.196.0/24 maxlen: 32
147.90.222.0/23 maxlen: 24
147.90.224.0/24 maxlen: 24
147.90.248.0/21 maxlen: 24
170.62.96.0/22 maxlen: 32
170.62.101.0/24 maxlen: 32
170.62.105.0/24 maxlen: 32
170.62.109.0/24 maxlen: 32
170.62.176.0/21 maxlen: 32
185.102.172.0/22 maxlen: 32
192.253.211.0/24 maxlen: 32
203.188.173.0/24 maxlen: 32
203.188.174.0/24 maxlen: 32
203.188.180.0/24 maxlen: 32
213.254.162.0/24 maxlen: 32
213.254.172.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:c6:9f:b5:fe:af:df:44:88:7e:56:82:1d:9f:68:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 14 16:15:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f2aa0b2bc8dad4838eb8da28baa05b81de947085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7b:b4:c8:3a:17:50:4a:d7:e4:81:68:e3:e9:
39:37:13:8c:bf:c1:20:be:4d:db:39:57:ea:23:34:
fc:41:bd:3e:f8:2d:55:e4:6d:43:59:8f:bf:d9:74:
43:ce:95:f4:ef:f3:45:f3:71:00:a3:3c:df:0f:ab:
a4:e5:e3:b4:1e:7e:a3:40:c8:9b:5c:63:1d:91:e0:
4e:c4:48:43:c5:e2:1b:3a:d5:6c:a8:9f:df:42:c7:
52:22:de:a0:71:83:cc:75:b8:a4:d2:d0:fb:02:39:
4e:ba:71:76:af:9c:df:50:71:d5:8e:07:52:6d:a0:
60:4d:3b:75:62:02:af:32:7c:ea:f5:8c:81:67:27:
14:65:a7:cc:73:47:0f:4a:25:7c:f8:3d:0f:49:43:
f4:77:ac:5a:d7:35:3c:dd:e4:8d:5c:6f:27:59:be:
05:bc:11:fb:68:00:29:a7:c3:de:36:11:ca:78:27:
49:62:be:dc:f2:34:1f:2f:97:59:8d:58:23:73:de:
54:b7:f8:ac:ab:dc:95:fc:6f:05:a6:b7:a8:54:c7:
d3:45:0d:aa:36:3f:f5:93:b5:f5:4a:20:31:7b:45:
1c:fe:80:c0:b7:2c:33:d8:20:1c:e3:61:e1:83:ac:
9f:f9:1c:c5:e9:e3:09:33:ad:c7:51:ca:fb:91:c9:
6b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AA:0B:2B:C8:DA:D4:83:8E:B8:DA:28:BA:A0:5B:81:DE:94:70:85
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8qoLK8ja1IOOuNoouqBbgd6UcIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.196.0/24
147.90.222.0-147.90.224.255
147.90.248.0/21
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
170.62.176.0/21
185.102.172.0/22
192.253.211.0/24
203.188.173.0-203.188.174.255
203.188.180.0/24
213.254.162.0/24
213.254.172.0/23
Signature Algorithm: sha256WithRSAEncryption
49:ea:ce:c0:8e:df:e0:c4:b3:4d:98:0c:38:31:1e:a6:99:23:
72:91:89:8b:36:8d:a1:93:dd:98:9f:f9:d2:50:92:ae:1b:b6:
05:e8:d6:45:b0:1a:c6:9d:2f:f0:bb:23:e4:f1:b7:e8:62:50:
a4:ec:b8:20:0d:c7:53:9e:07:cb:aa:bd:f2:75:aa:40:d8:cb:
4e:53:1c:97:63:16:18:88:b5:aa:83:11:3d:ef:da:7e:ac:15:
c4:d3:e1:a7:10:82:59:f4:62:e4:9d:a0:07:4e:d9:55:45:ee:
e9:d0:bb:d9:11:9c:99:45:7c:20:37:66:99:f9:b3:db:26:9d:
8a:f1:a0:32:9b:1a:66:ba:29:f8:ac:65:4d:87:69:e0:c1:8c:
b0:c1:b3:62:71:0e:ca:6b:23:fd:13:b9:77:a8:21:47:a1:09:
31:f6:85:45:5f:f0:44:31:c7:98:ec:b2:42:c4:02:69:60:6f:
97:fc:32:54:1d:6d:5d:47:e2:f4:d5:0e:4f:bc:94:e1:89:0c:
86:37:77:f4:02:ab:db:42:26:00:86:85:ee:e9:4f:67:d7:98:
33:d4:90:ef:36:95:97:fc:5d:b3:4f:04:ac:c1:eb:42:62:de:
2f:12:0e:da:16:00:41:92:00:75:f6:f4:12:49:22:3f:99:5f:
28:48:43:74
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZ2Mxp+1/q/fRIh+VoIdn2iJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDE0MTYxNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmFhMGIyYmM4ZGFkNDgzOGViOGRhMjhiYWEwNWI4MWRlOTQ3MDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3u0yDoXUErX5IFo4+k5NxOMv8Eg
vk3bOVfqIzT8Qb0++C1V5G1DWY+/2XRDzpX07/NF83EAozzfD6uk5eO0Hn6jQMib
XGMdkeBOxEhDxeIbOtVsqJ/fQsdSIt6gcYPMdbik0tD7AjlOunF2r5zfUHHVjgdS
baBgTTt1YgKvMnzq9YyBZycUZafMc0cPSiV8+D0PSUP0d6xa1zU83eSNXG8nWb4F
vBH7aAApp8PeNhHKeCdJYr7c8jQfL5dZjVgjc95Ut/isq9yV/G8FpreoVMfTRQ2q
Nj/1k7X1SiAxe0Uc/oDAtywz2CAc42Hhg6yf+RzF6eMJM63HUcr7kclr/wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFPKqCyvI2tSDjrjaKLqgW4HelHCFMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOHFvTEs4amExSU9PdU5vb3VxQmJnZDZVY0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALZDEMAwD
BAGTWt4DBACTWuADBAOTWvgDBAKqPmADBACqPmUDBACqPmkDBACqPm0DBAOqPrAD
BAK5ZqwDBADA/dMwDAMEAMu8rQMEAMu8rgMEAMu8tAMEANX+ogMEAdX+rDANBgkq
hkiG9w0BAQsFAAOCAQEASerOwI7f4MSzTZgMODEeppkjcpGJizaNoZPdmJ/50lCS
rhu2BejWRbAaxp0v8Lsj5PG36GJQpOy4IA3HU54Hy6q98nWqQNjLTlMcl2MWGIi1
qoMRPe/afqwVxNPhpxCCWfRi5J2gB07ZVUXu6dC72RGcmUV8IDdmmfmz2yadivGg
MpsaZrop+KxlTYdp4MGMsMGzYnEOymsj/RO5d6ghR6EJMfaFRV/wRDHHmOyyQsQC
aWBvl/wyVB1tXUfi9NUOT7yU4YkMhjd39AKr20ImAIaF7ulPZ9eYM9SQ7zaVl/xd
s08ErMHrQmLeLxIO2hYAQZIAdfb0EkkiP5lfKEhDdA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:36:28 2026 by rpki-client