Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/FtpnCE7C3FqhArfMiXSxhYqyR_A.roa
File: FtpnCE7C3FqhArfMiXSxhYqyR_A.roa (raw, json)
Hash identifier: DMz5VMQf27+dlZWnqVRSswAvjHVyAFSKkZRrMqOsq9w=
Subject key identifier: 16:DA:67:08:4E:C2:DC:5A:A1:02:B7:CC:89:74:B1:85:8A:B2:47:F0
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019CE3B145CB85D8B3048A839E470191E5E5
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/FtpnCE7C3FqhArfMiXSxhYqyR_A.roa
Signing time: Thu 12 Mar 2026 20:16:11 +0000
ROA not before: Thu 12 Mar 2026 20:16:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 147.90.176.0/20 maxlen: 20
147.90.192.0/20 maxlen: 20
147.90.196.0/22 maxlen: 22
147.90.200.0/21 maxlen: 21
2a04:30c0::/32 maxlen: 32
2a06:25c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 20:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e3:b1:45:cb:85:d8:b3:04:8a:83:9e:47:01:91:e5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 12 20:16:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=16da67084ec2dc5aa102b7cc8974b1858ab247f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:16:21:ff:a1:ab:58:23:37:28:31:e5:f4:53:
9d:c2:d7:ce:88:17:8d:2c:7c:15:dd:c2:fe:f1:39:
37:b8:87:6b:26:77:d4:a5:d9:1b:14:1a:d7:4a:2c:
83:39:0b:d7:47:5b:60:a8:03:26:0c:db:5f:2e:59:
4e:f4:c8:cc:41:c0:0c:0e:9b:8f:41:48:7c:f8:cf:
a4:62:ba:a2:40:bf:1f:1d:b4:d7:00:3f:ad:f6:f3:
b8:ea:eb:9a:78:0c:43:20:f8:54:05:28:cc:ee:bc:
f1:ee:d7:dd:3c:5b:58:27:aa:8e:c4:29:33:d1:4b:
33:18:e6:d0:13:96:5e:a0:e3:e9:60:46:16:3d:ab:
48:ed:8a:a8:18:a1:ea:1c:45:e1:f7:9b:ed:c2:51:
27:8a:94:49:b9:20:6e:88:1f:b3:35:b4:bb:01:08:
c4:3c:03:16:43:ed:b0:6c:7b:74:9e:77:3d:f3:01:
ce:b8:ac:f5:11:e8:95:ce:1d:b1:88:9f:35:67:b6:
22:6a:14:5f:2c:3f:62:f3:0c:37:30:62:e5:a1:fb:
9a:b6:b3:0a:1f:58:57:42:f4:d5:68:1c:0e:f3:44:
81:6a:d4:7b:6b:3a:07:34:57:86:79:d3:54:cf:86:
cf:3f:bb:36:45:dd:75:82:e3:46:40:2a:5f:1d:f6:
15:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:DA:67:08:4E:C2:DC:5A:A1:02:B7:CC:89:74:B1:85:8A:B2:47:F0
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/FtpnCE7C3FqhArfMiXSxhYqyR_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.176.0-147.90.207.255
IPv6:
2a04:30c0::/32
2a06:25c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:26:84:eb:e7:31:eb:35:8b:99:73:f1:08:19:d9:71:aa:e0:
b9:43:29:87:2b:11:24:a6:5b:ca:c5:be:56:4a:62:8d:3f:f6:
43:8e:90:18:56:7e:5a:27:f3:4f:84:f0:da:2c:fe:27:59:4e:
79:96:f7:23:ca:44:9d:9c:2b:98:dc:dd:e1:4d:db:49:67:b3:
b3:d0:66:11:11:7f:d0:ae:c3:4b:8f:28:3d:07:58:f7:59:3b:
2f:6a:ce:17:45:ad:c2:e1:40:8d:a7:6c:f1:0c:9d:13:41:d1:
fe:a2:82:6f:03:b7:a1:07:85:7d:20:a8:c7:9a:e6:5f:22:18:
c6:cc:5a:de:c4:2d:c2:cd:23:88:9a:1f:7f:1e:c1:4f:5a:6b:
cf:59:fa:de:d9:21:a2:a6:83:0a:a0:a9:6a:f4:4e:f4:13:29:
03:ad:0d:f0:7b:39:54:90:ef:70:37:13:ca:8d:8a:88:27:d7:
35:ba:33:31:dd:38:29:7a:a6:2c:77:2e:8a:9b:20:0b:e7:6d:
e6:33:14:4f:29:07:38:24:45:ff:b8:51:0f:3c:59:52:9f:38:
8e:bf:bf:ff:1e:44:f7:e3:27:32:b8:50:e5:53:b8:40:83:ea:
1c:72:ac:1b:45:c5:34:1d:15:2a:96:f7:d7:27:a2:23:0b:fd:
9d:94:4d:f1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZzjsUXLhdizBIqDnkcBkeXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzEyMjAxNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmRhNjcwODRlYzJkYzVhYTEwMmI3Y2M4OTc0YjE4NThhYjI0N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBYh/6GrWCM3KDHl9FOdwtfOiBeN
LHwV3cL+8Tk3uIdrJnfUpdkbFBrXSiyDOQvXR1tgqAMmDNtfLllO9MjMQcAMDpuP
QUh8+M+kYrqiQL8fHbTXAD+t9vO46uuaeAxDIPhUBSjM7rzx7tfdPFtYJ6qOxCkz
0UszGObQE5ZeoOPpYEYWPatI7YqoGKHqHEXh95vtwlEnipRJuSBuiB+zNbS7AQjE
PAMWQ+2wbHt0nnc98wHOuKz1EeiVzh2xiJ81Z7YiahRfLD9i8ww3MGLlofuatrMK
H1hXQvTVaBwO80SBatR7azoHNFeGedNUz4bPP7s2Rd11guNGQCpfHfYVtwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBbaZwhOwtxaoQK3zIl0sYWKskfwMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvRnRwbkNFN0MzRnFoQXJmTWlYU3hoWXF5Ul9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAUBAIAATAOMAwDBASTWrAD
BASTWsAwFAQCAAIwDgMFACoEMMADBQAqBiXAMA0GCSqGSIb3DQEBCwUAA4IBAQAm
JoTr5zHrNYuZc/EIGdlxquC5QymHKxEkplvKxb5WSmKNP/ZDjpAYVn5aJ/NPhPDa
LP4nWU55lvcjykSdnCuY3N3hTdtJZ7Oz0GYREX/QrsNLjyg9B1j3WTsvas4XRa3C
4UCNp2zxDJ0TQdH+ooJvA7ehB4V9IKjHmuZfIhjGzFrexC3CzSOImh9/HsFPWmvP
Wfre2SGipoMKoKlq9E70EykDrQ3wezlUkO9wNxPKjYqIJ9c1ujMx3TgpeqYsdy6K
myAL523mMxRPKQc4JEX/uFEPPFlSnziOv7//HkT34ycyuFDlU7hAg+occqwbRcU0
HRUqlvfXJ6IjC/2dlE3x
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:18:53 2026 by rpki-client