Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/YhjZHW43ZYmKVjKDI9Q_9RXfEI0.roa
File: YhjZHW43ZYmKVjKDI9Q_9RXfEI0.roa (raw, json)
Hash identifier: YtHrfg3pCAaZsYWzi/IR5tskGQH5BTDJZbRp3xveSlg=
Subject key identifier: 62:18:D9:1D:6E:37:65:89:8A:56:32:83:23:D4:3F:F5:15:DF:10:8D
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D681BD00CFEF4E90AA422D57D0E65A2B4
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/YhjZHW43ZYmKVjKDI9Q_9RXfEI0.roa
Signing time: Tue 07 Apr 2026 13:22:26 +0000
ROA not before: Tue 07 Apr 2026 13:22:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205987
IP address blocks: 147.90.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:1b:d0:0c:fe:f4:e9:0a:a4:22:d5:7d:0e:65:a2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 7 13:22:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6218d91d6e3765898a56328323d43ff515df108d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:91:df:b2:88:0d:fa:a9:9a:67:2c:cd:98:d1:
1e:8a:10:21:b4:9d:ce:5a:2f:4a:2c:c8:d2:35:10:
63:8b:3b:28:8c:05:55:00:17:dd:cb:ab:fe:c2:97:
d4:8c:28:b5:8f:d6:31:c7:54:29:29:67:11:71:ef:
3a:3b:8e:8a:ec:4a:8b:9b:9a:ad:ab:93:a0:2f:a1:
81:33:11:de:b8:0b:c0:91:ab:16:22:2a:ac:94:c0:
3d:f5:83:f7:0b:93:c4:91:bf:4c:6b:f3:51:be:31:
d3:d9:6e:7d:2a:29:ce:87:83:26:2f:03:0a:49:ad:
ac:20:71:0f:cb:95:d7:17:aa:be:8e:f4:ec:3e:73:
c0:2e:52:79:f3:1a:15:46:73:15:75:99:b5:23:b6:
ce:41:6f:31:5f:79:b1:c1:c2:74:0a:fe:c6:e9:d3:
b3:11:c3:6f:97:03:73:33:94:7f:31:d2:b8:fa:cc:
ba:81:9f:43:9a:3f:b0:4f:b0:17:32:63:7d:c7:ea:
30:42:e3:00:25:3f:74:00:81:b7:2d:74:a2:78:bb:
03:f7:84:08:0d:c8:13:1c:ac:4f:c5:3a:83:8e:37:
e2:8f:8b:21:f5:75:9b:4f:11:65:9b:1b:5b:9c:76:
7c:99:e5:d5:f4:b5:54:99:b5:5f:cc:bb:3e:ed:75:
ee:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:18:D9:1D:6E:37:65:89:8A:56:32:83:23:D4:3F:F5:15:DF:10:8D
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/YhjZHW43ZYmKVjKDI9Q_9RXfEI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.45.0/24
Signature Algorithm: sha256WithRSAEncryption
33:a5:e2:30:25:ff:a3:53:51:a0:b2:89:bc:86:2b:bc:bd:b6:
33:73:28:41:58:ca:de:15:ba:7d:f1:92:ab:43:ca:14:bf:ea:
8e:16:1a:c2:89:07:f6:e5:c5:eb:dd:66:01:f5:fa:1e:8d:8e:
76:ce:7b:ed:59:22:bc:36:9b:3d:49:70:24:4d:8c:c0:cf:39:
b5:23:cc:4c:74:75:54:cc:b2:83:0b:aa:60:a7:55:16:7f:6b:
b8:26:b7:a0:f3:b7:25:64:71:a2:e3:5a:d5:39:d4:59:c4:3a:
53:cf:7c:2e:92:64:b2:c6:3d:32:69:68:25:af:e4:6e:ac:ee:
ca:2b:61:9f:53:2d:9b:5a:e9:50:f6:b5:d7:5e:2d:a4:95:8b:
34:18:0b:d5:f2:a3:29:da:83:ab:b1:3a:ac:e4:35:ca:86:ee:
dc:7d:30:f2:d3:91:de:c8:d7:ea:68:28:ac:bf:ef:9a:09:d8:
bd:6e:f2:61:47:af:a8:b7:e1:96:3c:59:3b:2b:ad:de:77:4f:
c9:d3:fb:f1:ba:00:69:ee:ec:af:db:71:70:02:7a:65:5b:bb:
c6:4a:6b:16:5d:7f:29:69:50:b8:97:23:0c:2e:13:28:91:14:
dd:93:e9:a8:1a:a0:c8:00:e4:5c:45:19:bc:91:ee:9d:4c:0b:
c4:f5:d8:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1oG9AM/vTpCqQi1X0OZaK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDA3MTMyMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjE4ZDkxZDZlMzc2NTg5OGE1NjMyODMyM2Q0M2ZmNTE1ZGYxMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpHfsogN+qmaZyzNmNEeihAhtJ3O
Wi9KLMjSNRBjizsojAVVABfdy6v+wpfUjCi1j9Yxx1QpKWcRce86O46K7EqLm5qt
q5OgL6GBMxHeuAvAkasWIiqslMA99YP3C5PEkb9Ma/NRvjHT2W59KinOh4MmLwMK
Sa2sIHEPy5XXF6q+jvTsPnPALlJ58xoVRnMVdZm1I7bOQW8xX3mxwcJ0Cv7G6dOz
EcNvlwNzM5R/MdK4+sy6gZ9Dmj+wT7AXMmN9x+owQuMAJT90AIG3LXSieLsD94QI
DcgTHKxPxTqDjjfij4sh9XWbTxFlmxtbnHZ8meXV9LVUmbVfzLs+7XXu8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGIY2R1uN2WJilYygyPUP/UV3xCNMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvWWhqWkhXNDNaWW1LVmpLREk5UV85UlhmRUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk1otMA0G
CSqGSIb3DQEBCwUAA4IBAQAzpeIwJf+jU1Ggsom8hiu8vbYzcyhBWMreFbp98ZKr
Q8oUv+qOFhrCiQf25cXr3WYB9foejY52znvtWSK8Nps9SXAkTYzAzzm1I8xMdHVU
zLKDC6pgp1UWf2u4Jreg87clZHGi41rVOdRZxDpTz3wukmSyxj0yaWglr+RurO7K
K2GfUy2bWulQ9rXXXi2klYs0GAvV8qMp2oOrsTqs5DXKhu7cfTDy05HeyNfqaCis
v++aCdi9bvJhR6+ot+GWPFk7K63ed0/J0/vxugBp7uyv23FwAnplW7vGSmsWXX8p
aVC4lyMMLhMokRTdk+moGqDIAORcRRm8ke6dTAvE9dgp
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:36:23 2026 by rpki-client