Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LdAcVFZb8Exv2c1sbUksIFESlDw.roa
File: LdAcVFZb8Exv2c1sbUksIFESlDw.roa (raw, json)
Hash identifier: 3IMya5L+1CYyvTekZPvhdR3SZ6tAjHzRwnJbBzeuLTk=
Subject key identifier: 2D:D0:1C:54:56:5B:F0:4C:6F:D9:CD:6C:6D:49:2C:20:51:12:94:3C
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019E55DD285BF038544A8718B3451ABFA299
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LdAcVFZb8Exv2c1sbUksIFESlDw.roa
Signing time: Sat 23 May 2026 17:23:37 +0000
ROA not before: Sat 23 May 2026 17:23:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205987
IP address blocks: 147.90.54.0/24 maxlen: 24
147.90.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:55:dd:28:5b:f0:38:54:4a:87:18:b3:45:1a:bf:a2:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: May 23 17:23:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2dd01c54565bf04c6fd9cd6c6d492c205112943c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:02:80:d9:b6:6e:11:d7:9e:5d:a4:6d:23:
1c:83:cc:10:97:e9:29:cb:96:ba:ce:86:83:79:81:
d6:90:c1:55:af:5f:17:a6:75:fe:92:7f:13:f2:bb:
1b:36:dc:32:b1:f2:df:b6:5d:8e:33:63:46:5c:ac:
6c:e6:1b:c3:34:e8:1c:10:0d:c5:1c:db:c7:c7:0b:
c0:10:97:4b:e7:92:48:bc:89:c0:3a:98:a2:14:b7:
e7:02:cd:d9:0f:4a:5f:36:80:be:e3:41:66:bd:f4:
85:7e:9e:4f:55:45:d1:c7:d7:89:1d:f4:f1:6a:8c:
5d:42:98:4d:87:a6:66:c7:4e:78:46:78:17:08:07:
e7:60:5b:f2:d0:e2:e3:67:02:05:01:a3:4c:39:e9:
bd:28:f8:09:b6:f8:c5:ee:c1:ee:04:7f:06:ca:93:
61:6e:92:4e:24:67:98:8d:2b:a3:d9:b2:00:58:11:
8b:04:60:bb:16:24:ef:69:1f:2f:17:58:27:90:a3:
f6:47:1d:4e:ef:ba:0d:1b:c5:22:b5:cc:05:b5:5b:
17:d1:03:f0:5a:fc:b6:8a:f5:e2:02:84:35:72:b2:
36:f2:e7:5b:59:fa:09:e4:1b:51:41:8d:1b:79:37:
a4:23:f9:86:c2:17:49:17:38:ad:c3:64:bb:ed:6f:
5e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D0:1C:54:56:5B:F0:4C:6F:D9:CD:6C:6D:49:2C:20:51:12:94:3C
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/LdAcVFZb8Exv2c1sbUksIFESlDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.54.0/24
147.90.228.0/24
Signature Algorithm: sha256WithRSAEncryption
51:c2:e1:7e:23:02:d5:68:d6:79:6f:8c:7c:c2:2b:09:f1:b9:
95:74:1a:14:fa:49:4e:7c:8b:31:85:4e:8c:3d:07:d0:82:84:
7a:3f:72:d1:76:c7:45:aa:63:e8:f4:26:11:52:d3:15:1e:4e:
83:a9:a4:cf:0f:f4:82:f6:6b:ff:5e:83:1a:0e:20:4c:c9:2c:
6d:90:41:75:4d:b8:2b:3f:07:cf:65:1d:bd:c9:3e:50:67:8c:
ce:2e:ea:85:5e:74:6a:37:6c:b2:2e:0a:b3:b8:57:99:7a:c9:
78:18:0b:fc:0a:a9:aa:7f:11:59:7c:48:9a:46:c9:b6:e3:44:
e5:14:e1:70:95:e5:b4:53:e1:62:53:49:d1:64:00:d9:a2:ca:
d8:b2:46:15:bf:0b:b9:13:cf:a4:25:ce:10:b6:24:36:b5:0d:
16:be:5c:19:cf:9d:f8:59:80:4c:1e:7e:56:9f:99:50:f5:38:
36:0f:dc:e3:e1:40:5a:b9:dd:30:f8:e1:30:8d:3d:1f:22:b3:
15:6b:21:88:9e:ff:bf:ad:b6:7d:ed:a4:88:59:6b:0c:78:57:
ff:25:83:3f:4a:31:96:d9:39:d4:2a:a2:95:13:81:16:af:d8:
c2:5e:c0:e0:39:7e:41:2f:aa:e8:b4:6c:17:0d:a7:61:29:df:
81:dd:dc:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5V3Shb8DhUSocYs0Uav6KZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNTIzMTcyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQwMWM1NDU2NWJmMDRjNmZkOWNkNmM2ZDQ5MmMyMDUxMTI5NDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtykCgNm2bhHXnl2kbSMcg8wQl+kp
y5a6zoaDeYHWkMFVr18XpnX+kn8T8rsbNtwysfLftl2OM2NGXKxs5hvDNOgcEA3F
HNvHxwvAEJdL55JIvInAOpiiFLfnAs3ZD0pfNoC+40FmvfSFfp5PVUXRx9eJHfTx
aoxdQphNh6Zmx054RngXCAfnYFvy0OLjZwIFAaNMOem9KPgJtvjF7sHuBH8GypNh
bpJOJGeYjSuj2bIAWBGLBGC7FiTvaR8vF1gnkKP2Rx1O77oNG8UitcwFtVsX0QPw
Wvy2ivXiAoQ1crI28udbWfoJ5BtRQY0beTekI/mGwhdJFzitw2S77W9eKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC3QHFRWW/BMb9nNbG1JLCBREpQ8MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvTGRBY1ZGWmI4RXh2MmMxc2JVa3NJRkVTbER3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk1o2AwQA
k1rkMA0GCSqGSIb3DQEBCwUAA4IBAQBRwuF+IwLVaNZ5b4x8wisJ8bmVdBoU+klO
fIsxhU6MPQfQgoR6P3LRdsdFqmPo9CYRUtMVHk6DqaTPD/SC9mv/XoMaDiBMySxt
kEF1TbgrPwfPZR29yT5QZ4zOLuqFXnRqN2yyLgqzuFeZesl4GAv8CqmqfxFZfEia
Rsm240TlFOFwleW0U+FiU0nRZADZosrYskYVvwu5E8+kJc4QtiQ2tQ0WvlwZz534
WYBMHn5Wn5lQ9Tg2D9zj4UBaud0w+OEwjT0fIrMVayGInv+/rbZ97aSIWWsMeFf/
JYM/SjGW2TnUKqKVE4EWr9jCXsDgOX5BL6rotGwXDadhKd+B3dwM
-----END CERTIFICATE-----
Generated at Tue Jun 9 00:45:07 2026 by rpki-client