Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/JkvaIRbWpxccYLRBCvGI84NW52E.roa
File: JkvaIRbWpxccYLRBCvGI84NW52E.roa (raw, json)
Hash identifier: e4B2o2KiVJ7wCUhjRV3Ua+ypv/YJ9gsq/C/WGmKS5M4=
Subject key identifier: 26:4B:DA:21:16:D6:A7:17:1C:60:B4:41:0A:F1:88:F3:83:56:E7:61
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019C7FADE159B96F93B4EBBB69FE5DA15967
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/JkvaIRbWpxccYLRBCvGI84NW52E.roa
Signing time: Sat 21 Feb 2026 10:10:27 +0000
ROA not before: Sat 21 Feb 2026 10:10:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 147.90.0.0/24 maxlen: 24
147.90.3.0/24 maxlen: 24
147.90.6.0/24 maxlen: 24
147.90.9.0/24 maxlen: 24
147.90.11.0/24 maxlen: 24
147.90.12.0/24 maxlen: 24
147.90.14.0/24 maxlen: 24
147.90.17.0/24 maxlen: 24
147.90.20.0/24 maxlen: 24
147.90.25.0/24 maxlen: 24
147.90.33.0/24 maxlen: 24
147.90.49.0/24 maxlen: 24
147.90.60.0/22 maxlen: 22
147.90.70.0/24 maxlen: 24
147.90.127.0/24 maxlen: 24
158.173.192.0/24 maxlen: 24
158.173.229.0/24 maxlen: 24
158.173.237.0/24 maxlen: 24
158.173.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7f:ad:e1:59:b9:6f:93:b4:eb:bb:69:fe:5d:a1:59:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 21 10:10:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=264bda2116d6a7171c60b4410af188f38356e761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:73:88:4a:6c:29:fc:35:81:65:98:3e:e0:06:
fe:07:32:0a:a6:75:07:c8:62:ab:5c:d8:77:a3:51:
a9:d1:6a:e9:49:40:83:39:29:c2:21:6e:f7:a3:03:
5e:5e:27:f6:60:75:49:a7:0c:47:c4:ba:63:87:6a:
c8:9d:f2:19:29:09:f3:67:45:f6:7e:fa:5a:98:17:
e0:41:bb:00:8a:df:e4:ec:04:bd:dd:93:4f:f1:49:
cd:5d:a4:16:71:99:74:df:86:86:ff:de:c3:1e:b5:
ea:9e:e4:50:51:9d:e2:29:42:f9:2e:94:ef:5a:f0:
6c:f0:6c:5c:b1:40:ac:c1:ce:f6:ab:e6:ac:f1:38:
23:e1:fa:82:60:5c:ef:67:fa:4a:ce:b0:22:00:13:
e6:b3:37:75:9e:3f:c9:5c:68:69:e7:14:b1:fe:56:
30:9e:17:5a:4e:b3:e7:61:48:4e:71:0b:30:5f:53:
1b:b5:6e:bb:fb:f3:26:d7:f6:d0:f8:75:99:ec:5e:
91:c4:5d:92:b7:58:a6:79:7c:fb:05:39:21:84:5f:
3d:fe:15:b4:40:15:bb:b7:83:ad:78:64:6a:0b:7a:
86:70:48:b1:e5:d5:da:73:b9:f6:07:ef:68:fe:25:
cf:db:7f:b1:10:92:a0:3d:fc:ab:75:61:89:c6:0b:
b4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4B:DA:21:16:D6:A7:17:1C:60:B4:41:0A:F1:88:F3:83:56:E7:61
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/JkvaIRbWpxccYLRBCvGI84NW52E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.0.0/24
147.90.3.0/24
147.90.6.0/24
147.90.9.0/24
147.90.11.0-147.90.12.255
147.90.14.0/24
147.90.17.0/24
147.90.20.0/24
147.90.25.0/24
147.90.33.0/24
147.90.49.0/24
147.90.60.0/22
147.90.70.0/24
147.90.127.0/24
158.173.192.0/24
158.173.229.0/24
158.173.237.0-158.173.238.255
Signature Algorithm: sha256WithRSAEncryption
2c:c2:1a:4a:ed:92:f8:16:30:a6:cb:4c:14:bb:1a:f0:27:ce:
ec:f9:36:9c:3d:63:68:5f:5f:f6:87:8b:11:a9:97:90:b3:e3:
c7:11:a7:10:52:30:96:a0:6a:42:21:f6:0c:36:a1:38:45:29:
0b:4a:31:3d:4a:83:56:88:39:43:fb:71:b9:f7:09:3c:54:65:
11:59:49:04:91:e6:ae:e5:6f:4a:14:90:a9:a6:4c:b2:e1:ea:
98:e2:f8:15:12:4a:8f:85:e9:6b:84:1f:7a:bd:72:b3:26:5b:
a6:35:2b:cf:01:71:b5:98:c8:8b:6e:ab:57:c4:a6:2d:d5:52:
30:2e:5e:0a:7d:2a:77:af:a9:e7:6c:93:82:ed:d9:57:01:c8:
b5:14:a9:8d:c5:85:16:e0:02:40:14:99:67:8a:4b:fd:58:c5:
77:dd:48:4f:7d:c8:a9:ce:dc:3a:06:83:99:64:17:b9:de:b2:
35:b1:83:e3:b3:c0:84:95:0f:ca:ab:3b:f5:5d:61:ff:12:86:
6a:f5:ed:ea:e9:6e:bf:d1:c4:28:39:2c:07:29:de:a8:52:c6:
4e:31:f8:d5:e8:ec:d1:c7:26:bd:93:b6:b1:19:b6:18:b4:08:
3e:6f:71:23:9b:f1:8f:f5:32:8f:ab:38:2f:f4:1b:91:f7:4a:
7c:3d:2f:fd
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZx/reFZuW+TtOu7af5doVlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMjIxMTAxMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjRiZGEyMTE2ZDZhNzE3MWM2MGI0NDEwYWYxODhmMzgzNTZlNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XOISmwp/DWBZZg+4Ab+BzIKpnUH
yGKrXNh3o1Gp0WrpSUCDOSnCIW73owNeXif2YHVJpwxHxLpjh2rInfIZKQnzZ0X2
fvpamBfgQbsAit/k7AS93ZNP8UnNXaQWcZl034aG/97DHrXqnuRQUZ3iKUL5LpTv
WvBs8GxcsUCswc72q+as8Tgj4fqCYFzvZ/pKzrAiABPmszd1nj/JXGhp5xSx/lYw
nhdaTrPnYUhOcQswX1MbtW67+/Mm1/bQ+HWZ7F6RxF2St1imeXz7BTkhhF89/hW0
QBW7t4OteGRqC3qGcEix5dXac7n2B+9o/iXP23+xEJKgPfyrdWGJxgu01QIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFCZL2iEW1qcXHGC0QQrxiPODVudhMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvSmt2YUlSYldweGNjWUxSQkN2R0k4NE5XNTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBACTWgAD
BACTWgMDBACTWgYDBACTWgkwDAMEAJNaCwMEAJNaDAMEAJNaDgMEAJNaEQMEAJNa
FAMEAJNaGQMEAJNaIQMEAJNaMQMEApNaPAMEAJNaRgMEAJNafwMEAJ6twAMEAJ6t
5TAMAwQAnq3tAwQAnq3uMA0GCSqGSIb3DQEBCwUAA4IBAQAswhpK7ZL4FjCmy0wU
uxrwJ87s+TacPWNoX1/2h4sRqZeQs+PHEacQUjCWoGpCIfYMNqE4RSkLSjE9SoNW
iDlD+3G59wk8VGURWUkEkeau5W9KFJCppkyy4eqY4vgVEkqPhelrhB96vXKzJlum
NSvPAXG1mMiLbqtXxKYt1VIwLl4KfSp3r6nnbJOC7dlXAci1FKmNxYUW4AJAFJln
ikv9WMV33UhPfcipztw6BoOZZBe53rI1sYPjs8CElQ/Kqzv1XWH/EoZq9e3q6W6/
0cQoOSwHKd6oUsZOMfjV6OzRxya9k7axGbYYtAg+b3Ejm/GP9TKPqzgv9BuR90p8
PS/9
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:33:08 2026 by rpki-client