Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/o3V5vXC6nkKPqe69o-xSo5bPMgw.roa
File: o3V5vXC6nkKPqe69o-xSo5bPMgw.roa (raw, json)
Hash identifier: Ytuwv9+fzlM/N4G/FC/FwHcmq92gzOaxq9h32KlyS5w=
Subject key identifier: A3:75:79:BD:70:BA:9E:42:8F:A9:EE:BD:A3:EC:52:A3:96:CF:32:0C
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D681651A86DAB4DF307097FD93FBB8E7E
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/o3V5vXC6nkKPqe69o-xSo5bPMgw.roa
Signing time: Tue 07 Apr 2026 13:16:26 +0000
ROA not before: Tue 07 Apr 2026 13:16:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34989
IP address blocks: 147.90.24.0/23 maxlen: 24
147.90.42.0/23 maxlen: 24
147.90.46.0/23 maxlen: 23
147.90.53.0/24 maxlen: 24
147.90.64.0/23 maxlen: 23
147.90.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:68:16:51:a8:6d:ab:4d:f3:07:09:7f:d9:3f:bb:8e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Apr 7 13:16:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a37579bd70ba9e428fa9eebda3ec52a396cf320c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b4:67:e4:2b:97:ae:1b:48:99:90:b9:d5:31:
dd:9d:9a:1b:22:6d:dd:dd:67:91:54:93:6b:5c:d5:
15:b0:84:dd:8e:e8:59:9e:b8:dd:5b:d6:61:8d:fd:
49:e0:a4:29:2c:94:b8:33:9c:0c:ae:1a:c5:a2:33:
0f:4e:67:6b:b3:ea:dd:56:88:e8:93:9a:80:c9:6e:
73:22:95:28:08:cb:a8:91:07:06:5d:ff:90:dc:a3:
fc:08:92:c2:64:90:e2:4e:8d:96:9d:d2:dc:f9:8c:
5f:97:cb:ed:ea:0f:05:a0:57:76:e2:6b:a2:3d:1f:
f4:67:18:83:5f:36:a2:68:b8:68:84:5c:38:ee:79:
63:73:6d:e1:6b:8b:39:ca:23:ed:7a:d3:d8:df:66:
36:f4:90:25:19:07:2f:7f:85:25:36:b8:3b:dd:12:
1b:6d:a7:22:fe:d9:08:9e:ea:a8:ea:28:d2:3b:d7:
4b:47:d2:07:eb:05:8e:85:23:77:81:56:d7:8d:50:
34:36:74:74:f8:b0:8d:0c:0e:28:b4:db:8d:88:9a:
f6:20:54:71:67:48:f5:00:6c:f9:36:4b:7c:5f:da:
11:a3:3a:f0:70:10:c7:b4:58:18:7a:e8:fe:21:7c:
55:40:3d:6a:e6:c8:be:92:a3:90:98:4e:f1:91:38:
8d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:75:79:BD:70:BA:9E:42:8F:A9:EE:BD:A3:EC:52:A3:96:CF:32:0C
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/o3V5vXC6nkKPqe69o-xSo5bPMgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.24.0/23
147.90.42.0/23
147.90.46.0/23
147.90.53.0/24
147.90.64.0/23
147.90.126.0/24
Signature Algorithm: sha256WithRSAEncryption
84:40:1c:27:2a:3c:4f:f4:4f:04:a1:56:af:2b:2d:67:9f:87:
28:b9:97:77:6c:eb:bd:88:e3:53:69:08:59:e5:37:c2:fd:b5:
ea:d2:6a:c0:98:5b:f4:99:ff:10:e7:8c:f9:c5:e1:65:d4:73:
84:4a:1b:e0:07:49:8e:23:35:7e:01:63:ca:0e:52:7e:97:ac:
e5:18:66:79:16:d0:64:5e:1e:2e:ea:a5:6e:37:c5:df:ff:e3:
9e:39:eb:fc:c9:02:9d:c9:fc:09:13:94:ad:eb:b3:ff:80:00:
cc:07:b7:73:d3:d5:d0:82:85:b9:5c:87:c3:b9:cf:8f:af:49:
f9:32:53:e5:2e:f2:05:be:7a:73:a4:9f:5b:ba:cd:e2:46:f6:
55:b1:2f:59:f9:d4:45:de:90:e9:ef:39:fc:ef:12:63:f1:9a:
0e:79:70:7d:5a:44:50:95:ae:76:97:75:56:04:b9:10:e4:87:
13:f6:be:f6:65:b5:f5:d1:1a:60:49:f1:fa:67:77:81:0e:f9:
3a:c4:a5:9f:1a:8d:35:9b:1b:f9:64:ec:15:38:70:6a:d4:9f:
ee:0e:56:77:d0:4e:5a:7d:ee:b5:44:f8:cf:d9:8d:7d:40:63:
73:03:b2:ce:1f:12:34:1f:dd:3d:7a:23:c7:cc:de:07:11:b3:
75:de:e7:ae
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ1oFlGobatN8wcJf9k/u45+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwNDA3MTMxNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc1NzliZDcwYmE5ZTQyOGZhOWVlYmRhM2VjNTJhMzk2Y2YzMjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7Rn5CuXrhtImZC51THdnZobIm3d
3WeRVJNrXNUVsITdjuhZnrjdW9Zhjf1J4KQpLJS4M5wMrhrFojMPTmdrs+rdVojo
k5qAyW5zIpUoCMuokQcGXf+Q3KP8CJLCZJDiTo2WndLc+Yxfl8vt6g8FoFd24mui
PR/0ZxiDXzaiaLhohFw47nljc23ha4s5yiPtetPY32Y29JAlGQcvf4UlNrg73RIb
baci/tkInuqo6ijSO9dLR9IH6wWOhSN3gVbXjVA0NnR0+LCNDA4otNuNiJr2IFRx
Z0j1AGz5Nkt8X9oRozrwcBDHtFgYeuj+IXxVQD1q5si+kqOQmE7xkTiN4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKN1eb1wup5Cj6nuvaPsUqOWzzIMMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvbzNWNXZYQzZua0tQcWU2OW8teFNvNWJQTWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBk1oYAwQB
k1oqAwQBk1ouAwQAk1o1AwQBk1pAAwQAk1p+MA0GCSqGSIb3DQEBCwUAA4IBAQCE
QBwnKjxP9E8EoVavKy1nn4couZd3bOu9iONTaQhZ5TfC/bXq0mrAmFv0mf8Q54z5
xeFl1HOEShvgB0mOIzV+AWPKDlJ+l6zlGGZ5FtBkXh4u6qVuN8Xf/+OeOev8yQKd
yfwJE5St67P/gADMB7dz09XQgoW5XIfDuc+Pr0n5MlPlLvIFvnpzpJ9bus3iRvZV
sS9Z+dRF3pDp7zn87xJj8ZoOeXB9WkRQla52l3VWBLkQ5IcT9r72ZbX10RpgSfH6
Z3eBDvk6xKWfGo01mxv5ZOwVOHBq1J/uDlZ30E5afe61RPjP2Y19QGNzA7LOHxI0
H909eiPHzN4HEbN13ueu
-----END CERTIFICATE-----
Generated at Thu Apr 9 08:24:34 2026 by rpki-client