Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/x_LTyqcliX1NgAFcsTFDolxqQHk.roa
File: x_LTyqcliX1NgAFcsTFDolxqQHk.roa (raw, json)
Hash identifier: k1y9PftbJu2s87c8iUgVN+sJUC0K8Vbv0UmDwIVi+k8=
Subject key identifier: C7:F2:D3:CA:A7:25:89:7D:4D:80:01:5C:B1:31:43:A2:5C:6A:40:79
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019CB314BF1C482599D0FA5C927CD6991AAA
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/x_LTyqcliX1NgAFcsTFDolxqQHk.roa
Signing time: Tue 03 Mar 2026 09:43:27 +0000
ROA not before: Tue 03 Mar 2026 09:43:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 402186
IP address blocks: 147.90.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:14:bf:1c:48:25:99:d0:fa:5c:92:7c:d6:99:1a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 3 09:43:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c7f2d3caa725897d4d80015cb13143a25c6a4079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:35:e7:2b:70:4f:15:96:aa:90:cd:74:23:9c:
a8:62:69:c3:77:fe:02:54:6d:99:e6:48:84:c8:28:
b2:c1:f0:b5:5e:9b:cd:e0:13:0a:1e:1d:44:85:60:
8a:01:95:0c:cb:02:5d:29:c6:2e:6e:b6:60:2f:33:
97:be:fa:96:0a:b0:11:60:64:1a:16:41:84:f6:d7:
5f:13:0a:b4:86:77:ef:de:0e:05:3f:9e:2b:b7:15:
ca:fb:70:e5:94:ef:4c:23:a2:1b:17:12:b1:28:a3:
19:f4:95:a7:4d:88:8b:0d:fb:15:34:71:94:9e:c0:
a0:4c:af:a0:c5:4f:52:a8:bb:15:f4:24:d1:42:f8:
3b:28:da:76:36:87:2b:0b:a1:39:33:c1:1c:14:92:
c9:40:98:1d:50:c4:b9:b5:34:4c:c2:00:a5:78:75:
5e:5d:6d:69:4a:71:7a:29:bf:04:c4:4a:28:07:de:
ab:79:85:3e:7e:9d:d3:d0:9f:a3:e7:58:a8:11:83:
a4:0a:f4:9e:8c:3f:b2:eb:b8:31:e5:1c:c2:e0:4f:
67:b9:2f:39:ae:d4:90:8d:80:0a:8f:45:f2:66:a7:
ab:95:b4:95:61:f7:64:2f:a2:26:21:df:c8:b6:59:
ce:ae:a2:a1:1c:0a:18:db:1d:46:d8:fb:ad:01:ed:
53:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F2:D3:CA:A7:25:89:7D:4D:80:01:5C:B1:31:43:A2:5C:6A:40:79
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/x_LTyqcliX1NgAFcsTFDolxqQHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.90.29.0/24
Signature Algorithm: sha256WithRSAEncryption
73:31:ac:e8:e5:12:ea:a2:2b:1c:55:7c:60:52:ca:27:9b:60:
66:df:05:56:85:64:2a:57:22:20:21:72:1c:89:15:e6:ec:56:
74:08:af:3a:2d:0b:6a:1d:76:8c:1b:05:24:3f:84:7d:f6:d8:
5b:cf:e0:55:d0:2f:e2:a8:9d:cf:1e:ab:35:71:ce:bd:91:ee:
a6:4d:29:fc:32:8a:4c:8c:73:88:3b:e3:76:6f:22:a2:3a:05:
a8:ef:18:74:97:7e:06:0d:81:76:55:0b:4e:be:76:de:13:0c:
8b:12:11:2f:66:f1:7f:74:fc:e4:d4:47:e1:bd:51:bc:d3:43:
39:2f:04:d1:90:55:99:ca:75:06:7d:dd:37:48:fc:ca:43:83:
d5:f9:1a:c7:d2:d6:01:4c:56:6e:3c:d6:59:ed:7b:32:af:dd:
0d:74:ab:cd:5a:d3:3d:1f:ee:b8:bd:d0:39:be:46:60:cb:35:
59:c7:6d:01:bf:3d:2d:27:ec:47:d6:07:9e:0d:76:15:1a:2c:
ba:36:15:8a:4a:92:db:e1:08:e5:13:ea:d0:63:39:e9:df:85:
66:cd:f5:6a:77:1f:d3:57:d6:7d:0d:79:15:79:dc:e1:e6:75:
89:a9:4c:6f:19:80:6e:21:9d:96:9e:34:a0:a1:1d:19:a5:b1:
b4:70:63:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyzFL8cSCWZ0PpcknzWmRqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzAzMDk0MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2YyZDNjYWE3MjU4OTdkNGQ4MDAxNWNiMTMxNDNhMjVjNmE0MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzXnK3BPFZaqkM10I5yoYmnDd/4C
VG2Z5kiEyCiywfC1XpvN4BMKHh1EhWCKAZUMywJdKcYubrZgLzOXvvqWCrARYGQa
FkGE9tdfEwq0hnfv3g4FP54rtxXK+3DllO9MI6IbFxKxKKMZ9JWnTYiLDfsVNHGU
nsCgTK+gxU9SqLsV9CTRQvg7KNp2NocrC6E5M8EcFJLJQJgdUMS5tTRMwgCleHVe
XW1pSnF6Kb8ExEooB96reYU+fp3T0J+j51ioEYOkCvSejD+y67gx5RzC4E9nuS85
rtSQjYAKj0XyZqerlbSVYfdkL6ImId/ItlnOrqKhHAoY2x1G2PutAe1TBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfy08qnJYl9TYABXLExQ6JcakB5MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEveF9MVHlxY2xpWDFOZ0FGY3NURkRvbHhxUUhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk1odMA0G
CSqGSIb3DQEBCwUAA4IBAQBzMazo5RLqoiscVXxgUsonm2Bm3wVWhWQqVyIgIXIc
iRXm7FZ0CK86LQtqHXaMGwUkP4R99thbz+BV0C/iqJ3PHqs1cc69ke6mTSn8MopM
jHOIO+N2byKiOgWo7xh0l34GDYF2VQtOvnbeEwyLEhEvZvF/dPzk1EfhvVG800M5
LwTRkFWZynUGfd03SPzKQ4PV+RrH0tYBTFZuPNZZ7Xsyr90NdKvNWtM9H+64vdA5
vkZgyzVZx20Bvz0tJ+xH1geeDXYVGiy6NhWKSpLb4QjlE+rQYznp34VmzfVqdx/T
V9Z9DXkVedzh5nWJqUxvGYBuIZ2WnjSgoR0ZpbG0cGN6
-----END CERTIFICATE-----
Generated at Tue Mar 10 09:17:13 2026 by rpki-client