Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_9jRjYwJpVWZ3DaW6Ri82_FJiTM.roa
File: _9jRjYwJpVWZ3DaW6Ri82_FJiTM.roa (raw, json)
Hash identifier: OjNpt+H5QWenbZNf/vq0gNOgH0GHf5t56NsnwPY4wv0=
Subject key identifier: FF:D8:D1:8D:8C:09:A5:55:99:DC:36:96:E9:18:BC:DB:F1:49:89:33
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0198D24E0273B132744BFF101099B9DF55A9
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_9jRjYwJpVWZ3DaW6Ri82_FJiTM.roa
Signing time: Fri 22 Aug 2025 15:03:04 +0000
ROA not before: Fri 22 Aug 2025 15:03:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.4.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:4e:02:73:b1:32:74:4b:ff:10:10:99:b9:df:55:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 22 15:03:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ffd8d18d8c09a55599dc3696e918bcdbf1498933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e7:4f:16:3d:bc:d4:e5:ca:4b:32:dc:e3:7d:
e7:f5:5e:6d:4d:f5:bf:be:f4:96:43:e0:fc:4d:4d:
9a:07:ad:8c:6c:fd:4c:a9:89:18:1d:98:1e:26:57:
33:5c:8c:ae:2b:b7:ad:81:6b:d5:90:45:37:50:c9:
98:56:27:0c:85:40:5e:f9:53:c5:9c:86:52:8c:02:
22:34:aa:2f:e4:9d:7e:65:94:b3:c3:44:5e:24:10:
af:3e:d1:b5:07:26:1a:e5:33:9d:0b:47:ec:e1:3c:
ac:a2:90:09:db:44:e4:df:ba:07:9a:b5:ea:7b:ef:
88:62:32:70:30:df:f0:0d:6c:05:72:4d:7e:83:c6:
06:f0:6c:04:f7:ec:2a:bd:47:cb:58:8d:07:cf:98:
0f:45:8f:b4:d6:dd:92:39:56:61:5f:5d:07:88:85:
37:51:84:29:3e:04:d5:51:06:00:bb:92:2c:9a:6b:
d4:6b:d8:5f:e6:76:76:ba:7d:d3:57:e6:b9:24:40:
d1:50:0a:d7:a6:8f:04:d6:1f:41:24:52:a0:11:36:
c5:3e:eb:45:70:63:9b:40:c9:61:40:8d:51:dd:48:
ab:6d:35:4d:a9:1c:b9:a7:66:3c:ed:56:d6:14:b3:
71:d2:20:b3:77:46:f5:7c:05:ba:ec:ca:da:a9:59:
51:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:D8:D1:8D:8C:09:A5:55:99:DC:36:96:E9:18:BC:DB:F1:49:89:33
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/_9jRjYwJpVWZ3DaW6Ri82_FJiTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.4.0/22
83.147.16.0-83.147.22.255
83.147.26.0-83.147.28.255
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
80:d3:8c:39:10:a1:9f:bf:64:0e:48:dc:8f:be:8f:0e:8f:b7:
c1:68:4c:e3:15:f0:d9:72:01:b3:34:15:34:bf:db:cd:a3:88:
94:16:54:e3:71:03:e3:86:cf:77:19:00:78:ac:c8:34:71:91:
1b:51:25:e2:43:f3:58:62:51:50:24:38:d3:ab:cd:a5:3e:c9:
34:fa:19:4f:db:56:2e:18:c5:92:7a:8d:c8:0e:06:05:3a:f9:
04:c6:37:f8:a7:f3:e3:2a:4f:5e:36:c5:18:df:6d:1a:c0:e5:
67:da:55:7b:0e:98:26:5b:97:d9:9d:df:e0:12:02:05:cd:5b:
08:d3:ae:b5:6d:80:8c:6d:50:c4:c8:a9:d9:86:e0:fe:cf:ea:
1a:b9:dd:69:39:e7:ae:3b:d1:1e:bc:1d:a6:09:0b:bd:3a:83:
45:bb:2b:d5:2e:bb:35:b0:2f:67:05:71:ca:b4:c9:98:65:27:
85:c2:b0:5e:87:9f:dc:60:2d:b3:56:f0:2a:db:e0:f7:9e:b6:
1d:4c:43:b6:a5:b9:40:03:56:52:ee:22:2b:f3:9b:78:8a:4b:
cc:73:f9:a8:a6:b1:d1:95:fd:7a:2f:1e:11:4a:6c:d4:2c:dd:
fd:ec:ff:bd:66:ca:b0:52:f4:a6:f8:a6:08:43:6c:46:c2:e9:
32:ad:20:c6
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZjSTgJzsTJ0S/8QEJm531WpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwODIyMTUwMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmQ4ZDE4ZDhjMDlhNTU1OTlkYzM2OTZlOTE4YmNkYmYxNDk4OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+dPFj281OXKSzLc433n9V5tTfW/
vvSWQ+D8TU2aB62MbP1MqYkYHZgeJlczXIyuK7etgWvVkEU3UMmYVicMhUBe+VPF
nIZSjAIiNKov5J1+ZZSzw0ReJBCvPtG1ByYa5TOdC0fs4TysopAJ20Tk37oHmrXq
e++IYjJwMN/wDWwFck1+g8YG8GwE9+wqvUfLWI0Hz5gPRY+01t2SOVZhX10HiIU3
UYQpPgTVUQYAu5IsmmvUa9hf5nZ2un3TV+a5JEDRUArXpo8E1h9BJFKgETbFPutF
cGObQMlhQI1R3UirbTVNqRy5p2Y87VbWFLNx0iCzd0b1fAW67MraqVlRYwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP/Y0Y2MCaVVmdw2lukYvNvxSYkzMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvXzlqUmpZd0pwVldaM0RhVzZSaTgyX0ZKaVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCU5MEMAwD
BARTkxADBABTkxYwDAMEAVOTGgMEAFOTHAMEAlOTMDANBgkqhkiG9w0BAQsFAAOC
AQEAgNOMORChn79kDkjcj76PDo+3wWhM4xXw2XIBszQVNL/bzaOIlBZU43ED44bP
dxkAeKzINHGRG1El4kPzWGJRUCQ406vNpT7JNPoZT9tWLhjFknqNyA4GBTr5BMY3
+Kfz4ypPXjbFGN9tGsDlZ9pVew6YJluX2Z3f4BICBc1bCNOutW2AjG1QxMip2Ybg
/s/qGrndaTnnrjvRHrwdpgkLvTqDRbsr1S67NbAvZwVxyrTJmGUnhcKwXoef3GAt
s1bwKtvg9562HUxDtqW5QANWUu4iK/ObeIpLzHP5qKax0ZX9ei8eEUps1Czd/ez/
vWbKsFL0pvimCENsRsLpMq0gxg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:12:48 2025 by rpki-client