Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/PCIt_HKDI9SP3_scqA8vCvDieNA.roa
File: PCIt_HKDI9SP3_scqA8vCvDieNA.roa (raw, json)
Hash identifier: mkGTUCjk4b2f1i9/BgzHW60f/k5BPVMqXqLgnD61efs=
Subject key identifier: 3C:22:2D:FC:72:83:23:D4:8F:DF:FB:1C:A8:0F:2F:0A:F0:E2:78:D0
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019E8E0803E420343F50112CB2D8B512266D
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/PCIt_HKDI9SP3_scqA8vCvDieNA.roa
Signing time: Wed 03 Jun 2026 15:09:10 +0000
ROA not before: Wed 03 Jun 2026 15:09:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63099
IP address blocks: 147.90.6.0/24 maxlen: 24
158.173.211.0/24 maxlen: 24
158.173.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Jun 2026 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:08:03:e4:20:34:3f:50:11:2c:b2:d8:b5:12:26:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 3 15:09:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c222dfc728323d48fdffb1ca80f2f0af0e278d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:6f:f9:87:53:9e:de:a9:4f:6e:70:11:71:f7:
0e:4d:6f:03:e9:46:2b:18:11:e7:51:66:bf:4c:38:
e7:e2:82:19:37:24:bb:27:e2:50:49:ed:b6:c6:81:
29:09:4f:39:d6:b6:3f:a3:7e:ce:4c:44:0e:12:8a:
f9:ec:1e:3a:3d:6d:1c:f3:50:13:d6:c5:c3:93:58:
4f:3f:84:57:ac:fd:52:42:ad:96:aa:07:cf:d6:86:
21:e8:40:5b:e6:0f:c3:d1:11:ac:43:c7:ea:19:84:
d9:93:4c:b3:08:87:bf:a7:d2:ee:d3:27:3a:c5:b6:
7d:2b:38:fc:5e:5c:b8:83:af:d8:dd:56:19:60:f5:
bd:7c:2d:65:e5:eb:f8:d2:22:70:80:fa:31:d8:e7:
cd:0f:0b:7d:dc:a3:53:ee:93:34:78:66:8a:e7:6d:
30:98:40:bb:79:99:aa:99:54:d3:39:4f:31:4b:ea:
3c:1e:43:4a:48:0f:41:ec:97:1b:d9:4b:28:a9:00:
ab:a7:66:69:ae:e9:2d:09:9a:d2:17:9c:ed:63:a8:
54:9a:0e:89:14:78:c8:1a:dc:4a:7b:df:92:9e:b1:
0b:42:e9:63:10:93:10:92:c7:48:14:44:8a:7f:1a:
68:eb:4b:67:ed:61:73:4f:b9:6a:31:57:df:23:6a:
77:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:22:2D:FC:72:83:23:D4:8F:DF:FB:1C:A8:0F:2F:0A:F0:E2:78:D0
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/PCIt_HKDI9SP3_scqA8vCvDieNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.6.0/24
158.173.211.0/24
158.173.220.0/24
Signature Algorithm: sha256WithRSAEncryption
98:70:ee:21:11:48:b1:fc:9d:3d:74:32:09:bd:60:9a:0a:28:
c3:6f:44:ed:29:1d:e6:1c:cb:3f:05:a3:5a:63:1f:07:01:32:
5e:2b:e6:f0:fb:71:92:5d:c0:56:b5:4f:4c:91:73:ce:69:0f:
04:0c:84:a7:cb:b5:3f:b2:19:d1:e0:cb:bb:8d:41:45:62:31:
f4:5a:5b:55:22:0b:57:db:f8:e4:7e:7e:ac:e8:ac:0d:da:b5:
ab:16:a6:f6:3f:2c:e1:43:30:d2:5f:b9:c1:89:77:db:d6:40:
be:04:45:b0:3b:73:f9:79:a7:2f:2e:a4:04:15:6d:54:c6:24:
df:e2:a5:44:40:e0:c0:db:d8:d8:00:89:2d:b6:43:62:44:88:
4e:f7:49:61:81:45:7d:1b:e9:7e:31:6d:ee:f0:a9:20:cd:c1:
82:ce:4c:1c:a1:0d:83:97:d8:ff:61:71:92:cf:d2:fd:02:ad:
f4:42:d4:7b:cf:64:3f:fc:2d:9f:17:31:2c:fa:27:96:8e:72:
b3:1d:be:e5:85:b8:08:c3:96:25:f9:2b:c5:32:15:d8:7b:a5:
ad:15:04:39:56:d5:7d:22:5c:b7:91:b5:6f:b0:42:5f:d7:1d:
fd:ac:d0:73:9b:e4:5e:5b:87:15:84:8b:fb:fa:52:55:73:fd:
17:dd:e6:96
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6OCAPkIDQ/UBEssti1EiZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNjAzMTUwOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIyMmRmYzcyODMyM2Q0OGZkZmZiMWNhODBmMmYwYWYwZTI3OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4W/5h1Oe3qlPbnARcfcOTW8D6UYr
GBHnUWa/TDjn4oIZNyS7J+JQSe22xoEpCU851rY/o37OTEQOEor57B46PW0c81AT
1sXDk1hPP4RXrP1SQq2WqgfP1oYh6EBb5g/D0RGsQ8fqGYTZk0yzCIe/p9Lu0yc6
xbZ9Kzj8Xly4g6/Y3VYZYPW9fC1l5ev40iJwgPox2OfNDwt93KNT7pM0eGaK520w
mEC7eZmqmVTTOU8xS+o8HkNKSA9B7Jcb2UsoqQCrp2ZpruktCZrSF5ztY6hUmg6J
FHjIGtxKe9+SnrELQuljEJMQksdIFESKfxpo60tn7WFzT7lqMVffI2p3pwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDwiLfxygyPUj9/7HKgPLwrw4njQMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvUENJdF9IS0RJOVNQM19zY3FBOHZDdkRpZU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAk1oGAwQA
nq3TAwQAnq3cMA0GCSqGSIb3DQEBCwUAA4IBAQCYcO4hEUix/J09dDIJvWCaCijD
b0TtKR3mHMs/BaNaYx8HATJeK+bw+3GSXcBWtU9MkXPOaQ8EDISny7U/shnR4Mu7
jUFFYjH0WltVIgtX2/jkfn6s6KwN2rWrFqb2PyzhQzDSX7nBiXfb1kC+BEWwO3P5
eacvLqQEFW1UxiTf4qVEQODA29jYAIkttkNiRIhO90lhgUV9G+l+MW3u8KkgzcGC
zkwcoQ2Dl9j/YXGSz9L9Aq30QtR7z2Q//C2fFzEs+ieWjnKzHb7lhbgIw5Yl+SvF
MhXYe6WtFQQ5VtV9Ily3kbVvsEJf1x39rNBzm+ReW4cVhIv7+lJVc/0X3eaW
-----END CERTIFICATE-----
Generated at Tue Jun 9 00:45:06 2026 by rpki-client