Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/QjeUwa3W-av7zJA5w_fR1q7aAj0.roa
File: QjeUwa3W-av7zJA5w_fR1q7aAj0.roa (raw, json)
Hash identifier: tzv2H3JHXokzfonl+XwgGuGpSYBs4rH1PUAg3IdBidc=
Subject key identifier: 42:37:94:C1:AD:D6:F9:AB:FB:CC:90:39:C3:F7:D1:D6:AE:DA:02:3D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D2B3E547F72C39F4F69D6FB7E0089BFD2
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/QjeUwa3W-av7zJA5w_fR1q7aAj0.roa
Signing time: Thu 26 Mar 2026 17:43:18 +0000
ROA not before: Thu 26 Mar 2026 17:43:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 23061
IP address blocks: 147.90.73.0/24 maxlen: 24
158.173.230.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:3e:54:7f:72:c3:9f:4f:69:d6:fb:7e:00:89:bf:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 26 17:43:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=423794c1add6f9abfbcc9039c3f7d1d6aeda023d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bd:ec:00:ba:12:43:d0:7a:e7:27:d9:38:1e:
ab:40:6e:eb:b1:e4:b9:93:dc:b9:29:ac:63:30:de:
91:70:39:71:f3:ab:61:20:a2:85:c6:c8:5b:4e:a9:
90:d1:18:6d:1a:88:56:06:eb:3c:31:e2:67:c2:c5:
78:4b:21:4e:68:bd:ae:52:ad:93:29:58:68:22:39:
2e:69:82:bd:7b:70:fc:7e:45:20:f1:27:02:91:d0:
71:4c:34:11:a4:51:e0:df:c8:87:42:a7:11:5f:8d:
9f:8b:0f:58:f0:48:e5:71:fb:4a:99:be:94:4a:e9:
7b:95:21:6a:24:2e:69:93:86:a3:70:3e:7a:94:5c:
c6:d8:bb:ae:88:5d:00:0a:b2:6b:7d:14:f3:96:ad:
10:b4:a8:d9:99:81:9c:63:63:17:c3:14:ef:81:c6:
25:65:0c:57:b7:f7:ef:d5:c5:0c:2e:4c:3a:70:25:
8e:9c:dc:6f:2c:65:e7:7d:01:f3:35:9b:bf:ec:c0:
c3:63:c3:b9:40:ff:07:17:07:ea:10:d2:cb:2e:d9:
a6:cb:74:52:fc:ca:d3:05:e8:46:88:83:9b:b8:0f:
57:db:49:b6:94:29:48:cc:c1:e5:1d:17:86:d9:4f:
c8:da:c4:e2:24:c2:2b:23:2a:27:1c:e0:b9:f0:94:
76:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:37:94:C1:AD:D6:F9:AB:FB:CC:90:39:C3:F7:D1:D6:AE:DA:02:3D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/QjeUwa3W-av7zJA5w_fR1q7aAj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.73.0/24
158.173.230.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:cd:a0:07:16:be:3b:a9:f8:59:90:92:b4:1c:35:ba:c5:0b:
21:4f:78:aa:58:58:bc:cf:e0:d4:16:c8:e5:ad:10:69:c4:16:
ab:19:e7:5b:05:bb:0f:e0:c7:d6:2d:e9:ff:26:77:92:65:c3:
ec:ee:46:1f:ef:78:9f:62:d1:59:66:16:49:9d:71:35:bd:57:
46:b0:e5:bc:61:1e:63:7b:52:76:2e:d3:6b:ae:fe:35:1f:ea:
f8:70:ea:f7:4a:14:31:41:5f:02:b7:bf:c3:1a:4e:18:b5:4d:
56:c1:f9:5e:fb:b1:85:c4:8f:a0:c4:07:ed:68:00:7e:9f:24:
88:67:68:ca:af:38:25:32:bc:b4:69:08:fe:c2:64:20:9e:5d:
e7:35:a5:ed:19:6e:24:c9:0c:75:9c:d7:21:ea:9e:0a:80:23:
72:ff:84:b3:aa:78:28:d8:7b:19:7f:26:4c:68:49:64:c8:fc:
59:60:d5:8b:79:2b:d5:6e:e6:67:1a:80:a1:1c:22:b2:1c:30:
f1:98:cb:e4:70:2c:64:f8:c2:53:6e:7f:16:58:b8:88:f3:99:
47:36:17:2a:16:35:24:b6:71:94:3a:e5:0c:00:ed:b4:1d:f5:
2e:4f:ae:60:35:c6:aa:98:34:62:e8:ef:55:3e:3f:02:88:52:
f7:fa:56:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0rPlR/csOfT2nW+34Aib/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzI2MTc0MzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjM3OTRjMWFkZDZmOWFiZmJjYzkwMzljM2Y3ZDFkNmFlZGEwMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb3sALoSQ9B65yfZOB6rQG7rseS5
k9y5KaxjMN6RcDlx86thIKKFxshbTqmQ0RhtGohWBus8MeJnwsV4SyFOaL2uUq2T
KVhoIjkuaYK9e3D8fkUg8ScCkdBxTDQRpFHg38iHQqcRX42fiw9Y8EjlcftKmb6U
Sul7lSFqJC5pk4ajcD56lFzG2LuuiF0ACrJrfRTzlq0QtKjZmYGcY2MXwxTvgcYl
ZQxXt/fv1cUMLkw6cCWOnNxvLGXnfQHzNZu/7MDDY8O5QP8HFwfqENLLLtmmy3RS
/MrTBehGiIObuA9X20m2lClIzMHlHReG2U/I2sTiJMIrIyonHOC58JR27wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEI3lMGt1vmr+8yQOcP30dau2gI9MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvUWplVXdhM1ctYXY3ekpBNXdfZlIxcTdhQWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk1pJAwQB
nq3mMA0GCSqGSIb3DQEBCwUAA4IBAQCPzaAHFr47qfhZkJK0HDW6xQshT3iqWFi8
z+DUFsjlrRBpxBarGedbBbsP4MfWLen/JneSZcPs7kYf73ifYtFZZhZJnXE1vVdG
sOW8YR5je1J2LtNrrv41H+r4cOr3ShQxQV8Ct7/DGk4YtU1Wwfle+7GFxI+gxAft
aAB+nySIZ2jKrzglMry0aQj+wmQgnl3nNaXtGW4kyQx1nNch6p4KgCNy/4Szqngo
2HsZfyZMaElkyPxZYNWLeSvVbuZnGoChHCKyHDDxmMvkcCxk+MJTbn8WWLiI85lH
NhcqFjUktnGUOuUMAO20HfUuT65gNcaqmDRi6O9VPj8CiFL3+lZS
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:49:22 2026 by rpki-client