Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZkpUCvjNfvmBtn2W3oE7cKvsOsE.roa
File: ZkpUCvjNfvmBtn2W3oE7cKvsOsE.roa (raw, json)
Hash identifier: yHimhNkDh0rAGSTZiQBFlLsVAo+1GoW1pI3cwh+nIck=
Subject key identifier: 66:4A:54:0A:F8:CD:7E:F9:81:B6:7D:96:DE:81:3B:70:AB:EC:3A:C1
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D8A6A60E8451E0CD34268B837EEDB6A43
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZkpUCvjNfvmBtn2W3oE7cKvsOsE.roa
Signing time: Tue 14 Apr 2026 05:15:20 +0000
ROA not before: Tue 14 Apr 2026 05:15:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 147.90.34.0/24 maxlen: 24
147.90.72.0/24 maxlen: 24
147.90.76.0/24 maxlen: 24
147.90.208.0/24 maxlen: 24
158.173.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:6a:60:e8:45:1e:0c:d3:42:68:b8:37:ee:db:6a:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 14 05:15:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=664a540af8cd7ef981b67d96de813b70abec3ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:ef:41:98:af:fa:01:ea:4a:51:d6:e8:0b:
9a:1a:e1:30:db:da:51:35:01:ac:cb:31:65:f1:ad:
ad:83:12:12:43:42:c2:39:96:d2:c7:1d:2f:f5:52:
85:56:32:57:cb:5e:8b:cf:e8:5f:45:0b:bb:1d:c2:
db:e3:11:73:fb:7e:0c:d6:08:0e:32:b7:32:f0:e4:
3e:01:8b:ea:66:f5:20:3a:bd:28:93:ba:76:cc:ef:
d5:47:54:6d:39:c6:8c:5a:3c:b1:51:f9:ad:01:fa:
f1:ce:13:f7:8a:4a:d2:11:68:83:5e:05:63:57:cf:
89:8e:d1:33:58:34:f4:43:eb:22:08:65:7a:cb:15:
b9:3a:cd:65:82:65:df:69:4d:1c:91:42:76:32:69:
ea:9d:b0:da:1d:c9:a6:95:63:76:df:5c:f2:25:c7:
3f:e5:14:82:f2:fe:93:2a:4c:4c:d6:ad:a0:61:85:
58:db:7f:49:c6:a2:2b:15:f2:8f:a6:4f:73:f4:b3:
dc:2b:b4:c6:da:3a:fd:09:4a:89:ba:52:09:8f:e7:
49:0d:9f:53:51:45:49:21:03:40:f1:a7:0f:20:6c:
45:2a:9f:71:4b:0a:bc:d9:24:ff:9b:cc:d2:b3:9b:
47:d4:7b:4e:62:42:99:03:fd:6d:59:53:4a:3c:f8:
a4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:4A:54:0A:F8:CD:7E:F9:81:B6:7D:96:DE:81:3B:70:AB:EC:3A:C1
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ZkpUCvjNfvmBtn2W3oE7cKvsOsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.34.0/24
147.90.72.0/24
147.90.76.0/24
147.90.208.0/24
158.173.197.0/24
Signature Algorithm: sha256WithRSAEncryption
53:e0:ba:1a:1f:65:ae:e0:11:07:a3:43:b8:f6:df:bb:04:49:
10:68:11:9e:c6:b8:34:9c:37:da:94:c6:60:39:fb:c7:c0:64:
b1:4c:73:41:07:d1:9f:52:44:54:4d:24:87:41:10:1e:07:52:
a2:66:a9:bd:8f:45:34:a1:ab:c1:38:6a:40:14:7d:03:80:fd:
b0:99:d3:42:fc:51:46:4a:3f:0c:2c:0f:df:a2:c2:64:31:c1:
91:da:65:b7:f6:63:20:5a:f3:bf:78:8a:f4:e6:d8:99:fb:22:
9e:8d:d1:51:83:14:d9:2f:2d:70:81:21:fe:1a:77:88:a8:3a:
14:6d:28:5f:1d:26:1e:f1:87:6f:a4:42:c0:ee:a0:a1:b9:13:
9d:d5:a9:95:91:19:f7:ab:99:54:80:55:5a:36:b1:b8:f1:88:
5f:01:d3:88:26:9f:82:6e:4f:c9:d7:d2:02:5f:76:d3:b3:48:
d1:46:12:09:60:8f:57:0d:4e:35:fb:4e:3d:28:c2:5d:88:c7:
e2:5c:e3:d4:b1:ee:f4:42:a6:60:d5:1b:38:8e:14:66:0c:ed:
aa:a1:81:c4:73:78:d5:6d:e6:b1:97:03:08:5e:92:28:0b:df:
71:18:1b:ca:c3:cf:24:56:ca:35:27:82:9f:df:a3:75:15:d9:
f3:6b:78:3e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2KamDoRR4M00JouDfu22pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDE0MDUxNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjRhNTQwYWY4Y2Q3ZWY5ODFiNjdkOTZkZTgxM2I3MGFiZWMzYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZvvQZiv+gHqSlHW6AuaGuEw29pR
NQGsyzFl8a2tgxISQ0LCOZbSxx0v9VKFVjJXy16Lz+hfRQu7HcLb4xFz+34M1ggO
Mrcy8OQ+AYvqZvUgOr0ok7p2zO/VR1RtOcaMWjyxUfmtAfrxzhP3ikrSEWiDXgVj
V8+JjtEzWDT0Q+siCGV6yxW5Os1lgmXfaU0ckUJ2MmnqnbDaHcmmlWN231zyJcc/
5RSC8v6TKkxM1q2gYYVY239JxqIrFfKPpk9z9LPcK7TG2jr9CUqJulIJj+dJDZ9T
UUVJIQNA8acPIGxFKp9xSwq82ST/m8zSs5tH1HtOYkKZA/1tWVNKPPiknwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGZKVAr4zX75gbZ9lt6BO3Cr7DrBMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvWmtwVUN2ak5mdm1CdG4yVzNvRTdjS3ZzT3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAk1oiAwQA
k1pIAwQAk1pMAwQAk1rQAwQAnq3FMA0GCSqGSIb3DQEBCwUAA4IBAQBT4LoaH2Wu
4BEHo0O49t+7BEkQaBGexrg0nDfalMZgOfvHwGSxTHNBB9GfUkRUTSSHQRAeB1Ki
Zqm9j0U0oavBOGpAFH0DgP2wmdNC/FFGSj8MLA/fosJkMcGR2mW39mMgWvO/eIr0
5tiZ+yKejdFRgxTZLy1wgSH+GneIqDoUbShfHSYe8YdvpELA7qChuROd1amVkRn3
q5lUgFVaNrG48YhfAdOIJp+Cbk/J19ICX3bTs0jRRhIJYI9XDU41+049KMJdiMfi
XOPUse70QqZg1Rs4jhRmDO2qoYHEc3jVbeaxlwMIXpIoC99xGBvKw88kVso1J4Kf
36N1Fdnza3g+
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:32:37 2026 by rpki-client