Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/g4_OAGEyi5qApNV5EX1nPTfYMAs.roa
File: g4_OAGEyi5qApNV5EX1nPTfYMAs.roa (raw, json)
Hash identifier: yudfSbHqaDukPg9VNV6SadbRk7xOTp1Mm519XvH8D8Q=
Subject key identifier: 83:8F:CE:00:61:32:8B:9A:80:A4:D5:79:11:7D:67:3D:37:D8:30:0B
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019CFFD40126EE06B65737460B840B638E02
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/g4_OAGEyi5qApNV5EX1nPTfYMAs.roa
Signing time: Wed 18 Mar 2026 07:23:29 +0000
ROA not before: Wed 18 Mar 2026 07:23:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3491
IP address blocks: 82.108.0.0/24 maxlen: 24
82.108.16.0/20 maxlen: 24
82.108.176.0/20 maxlen: 24
82.108.224.0/19 maxlen: 24
82.109.16.0/20 maxlen: 24
82.109.32.0/20 maxlen: 24
82.109.80.0/20 maxlen: 24
82.109.112.0/20 maxlen: 24
82.109.128.0/20 maxlen: 24
82.110.0.0/19 maxlen: 24
82.110.64.0/19 maxlen: 24
82.110.160.0/19 maxlen: 24
82.110.192.0/19 maxlen: 24
87.82.0.0/19 maxlen: 24
87.82.32.0/20 maxlen: 24
87.82.64.0/18 maxlen: 24
87.82.128.0/18 maxlen: 24
87.83.128.0/19 maxlen: 24
87.83.176.0/20 maxlen: 24
87.83.240.0/20 maxlen: 24
87.84.96.0/19 maxlen: 24
87.85.192.0/19 maxlen: 24
212.212.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ff:d4:01:26:ee:06:b6:57:37:46:0b:84:0b:63:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Mar 18 07:23:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=838fce0061328b9a80a4d579117d673d37d8300b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:18:fc:80:8d:a9:60:92:28:f1:75:4b:e5:d3:
9e:3a:33:47:48:33:98:97:31:1e:93:f6:42:63:2a:
f6:d0:c9:ac:08:79:8e:50:92:10:7f:63:ee:35:66:
fb:4e:b5:bc:81:0a:ed:46:53:04:da:e4:10:41:3d:
f3:17:57:d2:cc:b7:c2:b1:65:64:59:db:3f:b8:e2:
fa:6e:12:07:39:bc:21:9a:26:02:f9:e9:a9:0e:66:
ca:d2:61:49:8e:cc:f7:7e:57:a8:de:0d:a6:bd:5f:
64:b9:57:f6:a4:f9:be:c8:5a:2f:8b:fc:e0:98:9b:
bd:b0:35:ea:b3:25:06:57:3d:36:e7:95:b1:ae:7d:
ab:1a:2f:61:be:69:f1:e6:39:7b:fa:7e:48:b8:21:
e7:ee:e3:c3:e4:20:56:86:e9:4e:1a:f7:a3:2f:b0:
b6:81:a8:b1:3b:44:1d:9f:48:f3:b8:3f:97:e8:c8:
b2:96:1b:97:b4:72:3e:bb:f2:f0:1a:20:54:d8:9c:
84:4c:c0:9d:f9:94:4c:df:45:87:f4:44:7e:d1:ba:
9b:20:67:d0:67:59:7d:7f:b6:0b:e2:e8:ee:0a:0e:
ec:8b:2d:48:a0:25:f2:fb:37:b0:80:c0:97:d5:5e:
03:ca:53:7e:a9:8b:92:9a:e6:78:2f:16:95:10:a8:
73:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:8F:CE:00:61:32:8B:9A:80:A4:D5:79:11:7D:67:3D:37:D8:30:0B
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/g4_OAGEyi5qApNV5EX1nPTfYMAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.108.0.0/24
82.108.16.0/20
82.108.176.0/20
82.108.224.0/19
82.109.16.0-82.109.47.255
82.109.80.0/20
82.109.112.0-82.109.143.255
82.110.0.0/19
82.110.64.0/19
82.110.160.0-82.110.223.255
87.82.0.0-87.82.47.255
87.82.64.0-87.82.191.255
87.83.128.0/19
87.83.176.0/20
87.83.240.0/20
87.84.96.0/19
87.85.192.0/19
212.212.128.0/17
Signature Algorithm: sha256WithRSAEncryption
09:34:70:00:89:a5:2e:70:81:4f:48:b2:43:20:51:8c:ea:af:
b5:c8:de:69:fb:09:11:21:47:f3:24:dc:b3:7b:85:ee:31:e3:
02:c3:f7:9f:37:a4:4e:3a:da:48:10:33:b2:04:3b:47:9f:75:
83:26:24:5e:10:43:d8:2f:37:d1:85:71:33:c6:59:90:ed:a3:
19:30:71:be:1d:23:21:39:0a:f7:b4:a1:2c:9d:3b:ec:c4:bd:
b8:ad:a3:cd:57:bb:21:bb:89:4d:cc:7b:46:bd:29:3e:8c:62:
da:98:fa:5f:81:16:c1:43:45:b2:5d:67:73:a9:01:90:db:04:
fb:74:91:8f:30:13:50:b5:fb:33:28:fe:f5:dd:5d:2d:e3:0d:
2f:c6:aa:68:5d:7c:14:a7:37:c8:b2:cb:07:b8:6c:a9:f1:c0:
3f:cc:8f:7d:10:26:be:ec:0e:fc:45:1e:19:fb:e6:4d:dc:e9:
19:a7:6b:14:0a:55:94:8e:47:48:a3:02:42:39:51:20:2e:3b:
6e:39:77:fb:ba:c5:8a:10:07:ff:94:e2:38:f9:a5:3a:94:f5:
e1:2e:7e:d5:16:02:f6:3f:ba:73:4a:0b:3b:d1:69:85:08:6d:
14:3b:24:ff:aa:66:fd:e3:db:3e:8a:7c:31:8b:c6:b2:01:e1:
f5:f5:48:bd
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZz/1AEm7ga2VzdGC4QLY44CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMzE4MDcyMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzhmY2UwMDYxMzI4YjlhODBhNGQ1NzkxMTdkNjczZDM3ZDgzMDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhj8gI2pYJIo8XVL5dOeOjNHSDOY
lzEek/ZCYyr20MmsCHmOUJIQf2PuNWb7TrW8gQrtRlME2uQQQT3zF1fSzLfCsWVk
Wds/uOL6bhIHObwhmiYC+empDmbK0mFJjsz3fleo3g2mvV9kuVf2pPm+yFovi/zg
mJu9sDXqsyUGVz0255Wxrn2rGi9hvmnx5jl7+n5IuCHn7uPD5CBWhulOGvejL7C2
gaixO0Qdn0jzuD+X6MiylhuXtHI+u/LwGiBU2JyETMCd+ZRM30WH9ER+0bqbIGfQ
Z1l9f7YL4ujuCg7siy1IoCXy+zewgMCX1V4DylN+qYuSmuZ4LxaVEKhzywIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFIOPzgBhMouagKTVeRF9Zz032DALMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvZzRfT0FHRXlpNXFBcE5WNUVYMW5QVGZZTUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAEwgZMDBABS
bAADBARSbBADBARSbLADBAVSbOAwDAMEBFJtEAMEBFJtIAMEBFJtUDAMAwQEUm1w
AwQEUm2AAwQFUm4AAwQFUm5AMAwDBAVSbqADBAVSbsAwCwMDAVdSAwQEV1IgMAwD
BAZXUkADBAZXUoADBAVXU4ADBARXU7ADBARXU/ADBAVXVGADBAVXVcADBAfU1IAw
DQYJKoZIhvcNAQELBQADggEBAAk0cACJpS5wgU9IskMgUYzqr7XI3mn7CREhR/Mk
3LN7he4x4wLD9583pE462kgQM7IEO0efdYMmJF4QQ9gvN9GFcTPGWZDtoxkwcb4d
IyE5Cve0oSydO+zEvbito81XuyG7iU3Me0a9KT6MYtqY+l+BFsFDRbJdZ3OpAZDb
BPt0kY8wE1C1+zMo/vXdXS3jDS/GqmhdfBSnN8iyywe4bKnxwD/Mj30QJr7sDvxF
Hhn75k3c6RmnaxQKVZSOR0ijAkI5USAuO245d/u6xYoQB/+U4jj5pTqU9eEuftUW
AvY/unNKCzvRaYUIbRQ7JP+qZv3j2z6KfDGLxrIB4fX1SL0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 12:10:00 2026 by rpki-client