Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/52WU5RgddJv7xBdZUpOoR_aunzo.roa
File: 52WU5RgddJv7xBdZUpOoR_aunzo.roa (raw, json)
Hash identifier: dm+M2insA3rGUXyVbVQ/ShOzJ1Hjhp5cGSM+c3/1Q3Y=
Subject key identifier: E7:65:94:E5:18:1D:74:9B:FB:C4:17:59:52:93:A8:47:F6:AE:9F:3A
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019DAFCE51773BF87150B730AA2309FBA301
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/52WU5RgddJv7xBdZUpOoR_aunzo.roa
Signing time: Tue 21 Apr 2026 11:30:27 +0000
ROA not before: Tue 21 Apr 2026 11:30:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 147.90.236.0/24 maxlen: 24
158.173.240.0/24 maxlen: 24
170.62.239.0/24 maxlen: 24
170.62.244.0/24 maxlen: 24
170.62.245.0/24 maxlen: 24
193.142.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 12:24:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:ce:51:77:3b:f8:71:50:b7:30:aa:23:09:fb:a3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 21 11:30:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e76594e5181d749bfbc417595293a847f6ae9f3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d4:da:22:ae:bf:4e:cd:0a:75:3a:be:b6:69:
c4:67:5a:4f:23:7c:16:33:95:8f:cc:0e:3c:ed:19:
52:77:57:ca:6a:61:ca:ab:ae:ce:7e:ad:2e:96:b8:
9a:cb:b7:ee:1f:09:dd:13:a6:5a:d6:ec:ed:10:93:
c4:d3:ce:e4:a6:f6:cc:1c:79:ff:d8:a9:28:fe:a3:
4d:32:0f:a3:37:35:0a:89:11:b1:c8:be:8d:0e:64:
15:bb:db:c7:fc:2a:fb:52:e5:95:e6:ba:3f:6b:bf:
7b:a1:35:a7:bf:6d:ba:9c:d5:0b:54:98:f2:57:17:
29:db:f9:6c:8c:40:61:69:46:da:8b:20:d4:aa:a2:
e6:fb:19:df:49:b2:4c:c1:d1:d2:db:ad:5e:fa:6e:
f5:a3:c6:e2:2e:05:6e:83:61:da:3c:3e:2b:64:31:
90:a0:d5:87:5b:b0:2f:a1:9c:e2:f1:48:a9:d5:d0:
21:97:fa:32:49:40:b2:3c:dc:4a:94:eb:53:4b:b2:
81:47:7f:b4:29:69:79:0e:4b:69:db:84:7b:97:4b:
d2:49:18:46:61:42:f5:f2:2b:9b:d8:ac:3c:5f:16:
b8:98:36:ec:0d:a0:2e:d3:e8:2b:e0:54:90:91:33:
67:07:55:9c:fd:83:52:05:c5:76:b3:9c:c7:4d:16:
53:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:65:94:E5:18:1D:74:9B:FB:C4:17:59:52:93:A8:47:F6:AE:9F:3A
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/52WU5RgddJv7xBdZUpOoR_aunzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.236.0/24
158.173.240.0/24
170.62.239.0/24
170.62.244.0/23
193.142.58.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:67:d5:1b:14:86:2c:38:c9:8f:e8:df:13:17:7c:22:0f:50:
93:6d:9e:d4:5d:9f:d3:ea:40:63:d4:da:ae:2d:b7:d0:2f:18:
a8:53:3e:ae:b2:62:a7:94:a4:37:0b:2f:c8:7a:90:f5:39:61:
53:8b:75:4a:e1:42:9a:5b:0d:e3:0a:dd:52:8f:4c:53:c3:0c:
2d:b6:65:ea:b9:7e:f7:8a:b3:22:e3:3f:11:d4:c1:c5:78:0d:
3f:b2:b6:7c:ca:1f:84:1a:a1:d8:e5:3d:7f:1b:38:87:09:83:
99:98:4f:52:ff:35:37:68:87:d0:bd:e6:7f:42:d7:43:ed:15:
d2:85:20:f8:50:02:50:25:f8:81:3c:5d:c0:8e:cc:56:4a:6d:
95:24:b5:6c:00:fd:fd:e3:df:c2:e9:e4:b4:9a:44:78:8b:10:
f4:5d:6f:46:e5:3a:9e:d9:33:e7:a9:36:b6:af:54:aa:7c:68:
0e:ac:b3:ab:fb:28:71:81:fd:65:42:d9:df:47:94:56:7a:98:
ec:d0:76:08:55:cd:dd:0d:2a:93:37:3c:4a:dc:b8:46:37:74:
e9:67:7b:09:48:9e:0f:a3:9e:fe:8e:dd:73:b4:74:37:70:f7:
aa:59:68:b0:68:fd:4a:6a:1d:d0:05:d9:ae:65:07:10:90:13:
26:fc:ed:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2vzlF3O/hxULcwqiMJ+6MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDIxMTEzMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzY1OTRlNTE4MWQ3NDliZmJjNDE3NTk1MjkzYTg0N2Y2YWU5ZjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNTaIq6/Ts0KdTq+tmnEZ1pPI3wW
M5WPzA487RlSd1fKamHKq67Ofq0ulriay7fuHwndE6Za1uztEJPE087kpvbMHHn/
2Kko/qNNMg+jNzUKiRGxyL6NDmQVu9vH/Cr7UuWV5ro/a797oTWnv226nNULVJjy
Vxcp2/lsjEBhaUbaiyDUqqLm+xnfSbJMwdHS261e+m71o8biLgVug2HaPD4rZDGQ
oNWHW7AvoZzi8Uip1dAhl/oySUCyPNxKlOtTS7KBR3+0KWl5Dktp24R7l0vSSRhG
YUL18iub2Kw8Xxa4mDbsDaAu0+gr4FSQkTNnB1Wc/YNSBcV2s5zHTRZTMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOdllOUYHXSb+8QXWVKTqEf2rp86MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvNTJXVTVSZ2RkSnY3eEJkWlVwT29SX2F1bnpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAk1rsAwQA
nq3wAwQAqj7vAwQBqj70AwQAwY46MA0GCSqGSIb3DQEBCwUAA4IBAQDQZ9UbFIYs
OMmP6N8TF3wiD1CTbZ7UXZ/T6kBj1NquLbfQLxioUz6usmKnlKQ3Cy/IepD1OWFT
i3VK4UKaWw3jCt1Sj0xTwwwttmXquX73irMi4z8R1MHFeA0/srZ8yh+EGqHY5T1/
GziHCYOZmE9S/zU3aIfQveZ/QtdD7RXShSD4UAJQJfiBPF3AjsxWSm2VJLVsAP39
49/C6eS0mkR4ixD0XW9G5Tqe2TPnqTa2r1SqfGgOrLOr+yhxgf1lQtnfR5RWepjs
0HYIVc3dDSqTNzxK3LhGN3TpZ3sJSJ4Po57+jt1ztHQ3cPeqWWiwaP1Kah3QBdmu
ZQcQkBMm/O3R
-----END CERTIFICATE-----
Generated at Fri Apr 24 20:31:08 2026 by rpki-client