Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2EG6toKiXqxvqV65n7A-8AyVsPI.roa
File: 2EG6toKiXqxvqV65n7A-8AyVsPI.roa (raw, json)
Hash identifier: 2G2LMz99nGqCLPKyelmJSEzUhHVrE8g0hhQS6fuZC4g=
Subject key identifier: D8:41:BA:B6:82:A2:5E:AC:6F:A9:5E:B9:9F:B0:3E:F0:0C:95:B0:F2
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019E5EB7FFA8F687360E532D77676B253474
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2EG6toKiXqxvqV65n7A-8AyVsPI.roa
Signing time: Mon 25 May 2026 10:39:37 +0000
ROA not before: Mon 25 May 2026 10:39:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 147.90.192.0/20 maxlen: 20
147.90.196.0/22 maxlen: 22
147.90.200.0/21 maxlen: 21
2a04:30c0::/32 maxlen: 32
2a06:25c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:b7:ff:a8:f6:87:36:0e:53:2d:77:67:6b:25:34:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: May 25 10:39:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d841bab682a25eac6fa95eb99fb03ef00c95b0f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:b3:4c:24:a3:5e:4a:f8:d4:64:55:c5:7e:f9:
bd:37:67:82:64:49:2e:e4:e6:4b:7e:1e:4f:52:15:
19:b1:01:eb:f4:08:f4:1c:71:3e:d8:8c:ec:44:4f:
88:2c:c6:aa:3c:48:15:23:2d:0d:9e:d0:82:c1:d6:
c2:31:8d:a6:41:a8:80:47:d4:6f:b7:0b:30:58:aa:
0f:f4:49:e7:a3:59:53:89:33:a8:35:62:12:b1:2f:
ff:ff:a8:7f:63:6a:a3:3c:d0:ff:a3:b7:c1:fc:ee:
f9:63:ab:1c:3a:56:26:19:41:4f:52:c8:94:10:1f:
c0:bd:93:31:8f:5b:6f:c3:c0:36:34:57:e5:1f:10:
ed:c4:cf:e8:2e:b7:b1:15:f8:2b:7e:99:e8:19:52:
ba:37:f1:a5:a5:6f:cc:01:1e:f1:46:8c:44:e4:a9:
49:32:cb:ab:5b:a3:98:6a:80:da:d0:b6:6a:72:f5:
08:16:6f:49:2c:bd:3a:5b:6d:c9:8c:ab:95:34:1c:
89:8d:bb:ad:ce:93:99:5b:08:90:d1:c9:bc:41:ee:
33:10:99:be:4d:b1:09:30:57:75:cc:f7:70:ff:19:
29:1d:8a:af:d8:c7:5b:c8:c0:fd:d5:4d:b9:73:f5:
72:f6:20:ce:a4:f8:74:b9:d7:55:96:86:fc:f6:f2:
a1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:41:BA:B6:82:A2:5E:AC:6F:A9:5E:B9:9F:B0:3E:F0:0C:95:B0:F2
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/2EG6toKiXqxvqV65n7A-8AyVsPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.192.0/20
IPv6:
2a04:30c0::/32
2a06:25c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:c1:c9:c3:a2:ca:d3:6b:15:b7:dc:be:21:22:50:e1:96:64:
f0:2c:87:f8:2c:59:19:f1:73:7a:b7:69:54:94:da:fd:0f:7a:
91:a8:dc:87:d6:8d:f1:f7:91:02:42:4a:2e:c1:2c:3e:90:c6:
0a:0a:7b:0d:ae:79:ae:52:1e:64:6d:29:82:dd:1e:79:bd:f0:
b5:96:5c:82:d8:4b:f5:0d:0b:c6:e6:2e:3d:85:70:a6:fd:84:
df:e0:c6:a0:f0:37:90:f3:df:56:7f:97:be:67:a8:ed:28:92:
3e:b0:63:3d:d6:09:2d:f8:17:35:2d:20:08:1b:40:76:d2:50:
57:cb:10:9f:05:a7:05:3b:26:d5:f4:70:df:f8:82:58:88:bb:
5f:c7:ae:57:59:32:36:4b:dd:22:c8:40:f0:de:c7:ed:2b:ba:
30:80:b6:75:b6:34:bb:65:c5:1f:5f:6f:4b:e6:15:62:e3:fb:
ee:d8:9b:50:64:83:a7:e7:71:2a:26:d7:c5:f2:16:ff:a0:4f:
d0:95:b4:aa:a2:6d:d6:e9:e7:33:61:de:dd:2c:9e:d0:d7:8a:
55:7d:7f:4b:ca:d6:ec:92:cb:1d:55:3c:fe:c4:56:f9:09:42:
16:bf:6f:4f:ce:e8:6e:c5:a8:03:6f:89:e7:24:8d:18:d9:87:
9a:7d:44:ba
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ5et/+o9oc2DlMtd2drJTR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNTI1MTAzOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQxYmFiNjgyYTI1ZWFjNmZhOTVlYjk5ZmIwM2VmMDBjOTViMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+7NMJKNeSvjUZFXFfvm9N2eCZEku
5OZLfh5PUhUZsQHr9Aj0HHE+2IzsRE+ILMaqPEgVIy0NntCCwdbCMY2mQaiAR9Rv
twswWKoP9Enno1lTiTOoNWISsS///6h/Y2qjPND/o7fB/O75Y6scOlYmGUFPUsiU
EB/AvZMxj1tvw8A2NFflHxDtxM/oLrexFfgrfpnoGVK6N/GlpW/MAR7xRoxE5KlJ
MsurW6OYaoDa0LZqcvUIFm9JLL06W23JjKuVNByJjbutzpOZWwiQ0cm8Qe4zEJm+
TbEJMFd1zPdw/xkpHYqv2MdbyMD91U25c/Vy9iDOpPh0uddVlob89vKh+QIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFNhBuraCol6sb6leuZ+wPvAMlbDyMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMkVHNnRvS2lYcXh2cVY2NW43QS04QXlWc1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQEk1rAMBQE
AgACMA4DBQAqBDDAAwUAKgYlwDANBgkqhkiG9w0BAQsFAAOCAQEAJsHJw6LK02sV
t9y+ISJQ4ZZk8CyH+CxZGfFzerdpVJTa/Q96kajch9aN8feRAkJKLsEsPpDGCgp7
Da55rlIeZG0pgt0eeb3wtZZcgthL9Q0LxuYuPYVwpv2E3+DGoPA3kPPfVn+Xvmeo
7SiSPrBjPdYJLfgXNS0gCBtAdtJQV8sQnwWnBTsm1fRw3/iCWIi7X8euV1kyNkvd
IshA8N7H7Su6MIC2dbY0u2XFH19vS+YVYuP77tibUGSDp+dxKibXxfIW/6BP0JW0
qqJt1unnM2He3Sye0NeKVX1/S8rW7JLLHVU8/sRW+QlCFr9vT87obsWoA2+J5ySN
GNmHmn1Eug==
-----END CERTIFICATE-----
Generated at Tue Jun 9 00:46:40 2026 by rpki-client