Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yLuldKCrn9oqdpxExBkXQMjqr1M.roa
File: yLuldKCrn9oqdpxExBkXQMjqr1M.roa (raw, json)
Hash identifier: 5bDauGpThUbDkKVvCmtbt74KVAt4b0MUUtE/9SM/o/w=
Subject key identifier: C8:BB:A5:74:A0:AB:9F:DA:2A:76:9C:44:C4:19:17:40:C8:EA:AF:53
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D73366EB1BC54341CEE3D15B615BBB4D8
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yLuldKCrn9oqdpxExBkXQMjqr1M.roa
Signing time: Thu 09 Apr 2026 17:07:20 +0000
ROA not before: Thu 09 Apr 2026 17:07:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209043
IP address blocks: 147.90.240.0/24 maxlen: 24
147.90.242.0/24 maxlen: 24
147.90.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:47:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:36:6e:b1:bc:54:34:1c:ee:3d:15:b6:15:bb:b4:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 9 17:07:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8bba574a0ab9fda2a769c44c4191740c8eaaf53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b7:32:7c:93:32:65:ba:ed:21:5b:24:6e:b3:
5d:87:87:78:8a:46:39:6a:b0:f2:4f:fd:61:d2:16:
fa:6a:8a:5e:6f:7b:c9:6c:22:9a:f0:e1:7f:f4:5b:
d2:41:96:70:d3:63:b1:d2:43:2b:05:e6:72:7a:9e:
4c:71:43:18:11:ae:1d:60:b0:07:68:e5:54:db:0f:
c8:62:50:c3:02:43:1a:56:3d:1e:a4:ac:f5:6b:17:
97:0b:f2:85:fc:93:46:63:fb:90:6a:31:5b:5d:14:
7e:14:2e:18:13:79:6f:a2:2c:44:ef:5c:2e:c5:fd:
b9:c8:23:17:0e:88:24:cf:ba:42:e8:cd:08:0c:c2:
aa:e3:99:5c:21:28:63:d5:d0:7a:22:25:b5:8a:8b:
27:d7:85:24:60:7f:1a:e0:16:3a:15:c5:24:7d:d3:
7b:af:29:b5:61:a1:be:61:3a:9d:8b:23:17:9c:51:
e7:69:cd:59:f8:a6:3d:ad:34:d7:73:f5:52:46:3c:
ac:b3:9c:c2:f3:cd:5f:d9:8a:82:9d:e3:89:7d:17:
9f:67:ed:b2:a6:b2:66:b1:a2:8b:8d:b4:23:c2:a1:
cb:85:f9:72:44:6f:b1:42:e9:96:d8:dd:22:d0:08:
d2:1e:90:c1:79:a0:8f:59:7f:4b:f9:19:f3:4e:b5:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BB:A5:74:A0:AB:9F:DA:2A:76:9C:44:C4:19:17:40:C8:EA:AF:53
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/yLuldKCrn9oqdpxExBkXQMjqr1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.240.0/24
147.90.242.0/23
Signature Algorithm: sha256WithRSAEncryption
71:2d:99:35:91:64:36:3c:81:79:37:5c:b9:4d:76:71:1a:47:
4b:9a:c5:1c:b1:6d:21:dd:3d:8a:e3:ab:0d:3b:f0:43:5a:23:
49:33:3b:a6:75:f7:a9:b1:73:f8:76:f4:54:b4:75:0c:92:79:
bb:7f:ef:0a:33:7a:1a:27:ec:00:3c:dc:4a:e9:59:d5:e9:18:
61:51:8e:a4:fb:2a:19:4d:f1:29:f2:f1:94:8c:83:e8:b0:bb:
c3:e0:c8:2a:36:eb:9d:9d:c2:b8:e6:a0:b1:a5:40:3f:6d:33:
82:c7:7c:f0:1d:63:37:d1:48:5e:81:c7:7c:fa:e3:5e:01:fa:
7f:12:ac:41:a9:d1:71:d8:02:f5:0d:3c:22:83:0b:e9:5a:c0:
14:d4:c9:f9:a9:e1:21:74:a5:a0:08:77:e6:45:72:27:3f:41:
ac:fc:c5:af:89:dc:0c:ba:60:e5:57:60:18:7a:08:27:eb:2c:
c6:f7:75:9c:45:f2:b3:52:22:9c:ba:86:fa:22:04:b0:1e:a0:
ed:c7:d4:62:d9:e8:bd:50:2a:af:f7:f2:f0:0b:4c:44:fd:2a:
4a:b3:9e:97:cb:81:ef:dc:16:bc:a0:70:93:dd:f3:2b:8e:64:
16:d4:15:07:7c:15:dd:b3:f8:d8:f3:28:aa:f8:2f:2c:4e:d2:
95:9f:90:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1zNm6xvFQ0HO49FbYVu7TYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDA5MTcwNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJiYTU3NGEwYWI5ZmRhMmE3NjljNDRjNDE5MTc0MGM4ZWFhZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7cyfJMyZbrtIVskbrNdh4d4ikY5
arDyT/1h0hb6aopeb3vJbCKa8OF/9FvSQZZw02Ox0kMrBeZyep5McUMYEa4dYLAH
aOVU2w/IYlDDAkMaVj0epKz1axeXC/KF/JNGY/uQajFbXRR+FC4YE3lvoixE71wu
xf25yCMXDogkz7pC6M0IDMKq45lcIShj1dB6IiW1iosn14UkYH8a4BY6FcUkfdN7
rym1YaG+YTqdiyMXnFHnac1Z+KY9rTTXc/VSRjyss5zC881f2YqCneOJfRefZ+2y
prJmsaKLjbQjwqHLhflyRG+xQumW2N0i0AjSHpDBeaCPWX9L+RnzTrWbEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMi7pXSgq5/aKnacRMQZF0DI6q9TMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveUx1bGRLQ3JuOW9xZHB4RXhCa1hRTWpxcjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk1rwAwQB
k1ryMA0GCSqGSIb3DQEBCwUAA4IBAQBxLZk1kWQ2PIF5N1y5TXZxGkdLmsUcsW0h
3T2K46sNO/BDWiNJMzumdfepsXP4dvRUtHUMknm7f+8KM3oaJ+wAPNxK6VnV6Rhh
UY6k+yoZTfEp8vGUjIPosLvD4MgqNuudncK45qCxpUA/bTOCx3zwHWM30Uhegcd8
+uNeAfp/EqxBqdFx2AL1DTwigwvpWsAU1Mn5qeEhdKWgCHfmRXInP0Gs/MWvidwM
umDlV2AYeggn6yzG93WcRfKzUiKcuob6IgSwHqDtx9Ri2ei9UCqv9/LwC0xE/SpK
s56Xy4Hv3Ba8oHCT3fMrjmQW1BUHfBXds/jY8yiq+C8sTtKVn5DD
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:06:52 2026 by rpki-client