Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3m4L2UyXWZbTXuEhrV5tttt9Lss.roa
File: 3m4L2UyXWZbTXuEhrV5tttt9Lss.roa (raw, json)
Hash identifier: 1xtPpirt+dNZ7umCNNyHquYz6lM+EEHTIyxht8gOifQ=
Subject key identifier: DE:6E:0B:D9:4C:97:59:96:D3:5E:E1:21:AD:5E:6D:B6:DB:7D:2E:CB
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019F11926B852FE07D8B7B6B73B9BF0493DD
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3m4L2UyXWZbTXuEhrV5tttt9Lss.roa
Signing time: Mon 29 Jun 2026 04:10:36 +0000
ROA not before: Mon 29 Jun 2026 04:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 83.147.0.0/22 maxlen: 24
83.147.4.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.40.0/22 maxlen: 24
83.147.44.0/22 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:11:92:6b:85:2f:e0:7d:8b:7b:6b:73:b9:bf:04:93:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Jun 29 04:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=de6e0bd94c975996d35ee121ad5e6db6db7d2ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bb:18:12:0d:59:bc:79:fd:3d:74:d0:5c:3a:
72:93:7a:53:47:a6:c7:f3:1e:1b:c4:06:d7:f2:56:
53:db:87:b3:4a:ac:cc:71:33:5c:a6:2e:ac:9f:fe:
65:ed:1d:73:76:b8:e2:06:98:e7:c6:37:e8:dd:24:
f1:af:4e:5d:60:b7:31:b6:57:2a:2f:a2:c5:bf:c0:
56:45:3f:50:b7:c8:74:f7:36:15:30:b9:24:e4:06:
69:a3:ce:90:c3:5f:27:81:1f:b0:be:ca:5e:26:90:
0c:4a:03:2a:b7:96:3d:7f:af:72:0a:82:4a:b7:dc:
55:d1:e1:0f:0e:24:0b:1c:4b:d1:49:ae:a8:1c:b0:
4f:59:8c:a2:ea:34:74:f3:11:69:90:d9:75:f5:41:
5f:62:2e:74:af:c2:4e:3a:cd:5c:d5:66:92:61:ff:
2b:53:2b:af:54:7d:30:8a:f5:58:41:cf:37:d4:6b:
73:6c:16:a0:0c:6c:e2:be:41:cb:43:4f:2d:8a:e7:
e3:86:f5:36:15:af:0f:b3:11:16:4a:e3:ca:7d:2a:
ff:93:d6:93:ae:be:21:a6:3f:ee:7a:67:0a:1f:5f:
9e:39:00:4b:ec:d1:68:6f:8d:ad:d1:ba:03:35:47:
eb:6e:2c:0c:8e:4c:99:d9:9f:2b:c9:35:e8:44:f6:
53:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6E:0B:D9:4C:97:59:96:D3:5E:E1:21:AD:5E:6D:B6:DB:7D:2E:CB
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/3m4L2UyXWZbTXuEhrV5tttt9Lss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.0.0/21
83.147.16.0/21
83.147.26.0-83.147.28.255
83.147.40.0-83.147.51.255
Signature Algorithm: sha256WithRSAEncryption
bf:6d:f8:cd:1d:8d:21:07:ff:b1:34:52:d3:e2:16:12:5f:6d:
6d:fa:29:8a:9b:a8:ef:4e:f8:e8:25:64:87:cd:cc:4b:0d:19:
f1:4f:93:73:f6:f2:bd:e9:e0:15:77:ef:ee:6a:02:db:ea:f2:
37:a6:31:90:0f:1c:bd:d8:73:c9:41:9a:81:9c:fd:cf:ad:ae:
1a:31:7f:12:e4:41:31:5f:db:9e:86:fb:22:ea:af:1d:16:6d:
64:84:ab:24:a5:a7:b3:7d:c8:f7:ca:d8:37:00:06:26:5a:68:
38:95:9b:8f:6e:eb:17:6e:9a:da:9d:fb:b1:56:9f:03:40:dc:
74:91:0c:83:78:42:a9:89:2c:0e:0f:29:32:19:b8:3a:3e:e8:
7e:f3:1a:43:a3:57:50:4d:0e:3b:40:c9:d0:51:c4:41:e2:19:
77:b0:06:df:d9:e7:88:f4:76:c7:70:bc:af:87:23:27:82:6c:
29:7b:9e:7c:13:54:7d:24:66:8e:5b:13:a3:08:44:62:64:8a:
2c:d1:81:7e:b1:8d:63:98:f5:4d:48:55:cd:71:fb:2d:4b:57:
00:cd:4a:98:4b:99:9f:b2:28:72:c2:2b:1d:ef:f8:bf:7e:d7:
31:71:7c:fc:70:8d:a1:4d:ae:e7:fe:c2:4f:fa:84:76:47:35:
6b:a4:4f:8c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ8RkmuFL+B9i3trc7m/BJPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjYwNjI5MDQxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTZlMGJkOTRjOTc1OTk2ZDM1ZWUxMjFhZDVlNmRiNmRiN2QyZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLsYEg1ZvHn9PXTQXDpyk3pTR6bH
8x4bxAbX8lZT24ezSqzMcTNcpi6sn/5l7R1zdrjiBpjnxjfo3STxr05dYLcxtlcq
L6LFv8BWRT9Qt8h09zYVMLkk5AZpo86Qw18ngR+wvspeJpAMSgMqt5Y9f69yCoJK
t9xV0eEPDiQLHEvRSa6oHLBPWYyi6jR08xFpkNl19UFfYi50r8JOOs1c1WaSYf8r
UyuvVH0wivVYQc831GtzbBagDGzivkHLQ08tiufjhvU2Fa8PsxEWSuPKfSr/k9aT
rr4hpj/uemcKH1+eOQBL7NFob42t0boDNUfrbiwMjkyZ2Z8ryTXoRPZTawIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN5uC9lMl1mW017hIa1ebbbbfS7LMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvM200TDJVeVhXWmJUWHVFaHJWNXR0dHQ5THNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDU5MAAwQD
U5MQMAwDBAFTkxoDBABTkxwwDAMEA1OTKAMEAlOTMDANBgkqhkiG9w0BAQsFAAOC
AQEAv234zR2NIQf/sTRS0+IWEl9tbfopipuo70746CVkh83MSw0Z8U+Tc/byveng
FXfv7moC2+ryN6YxkA8cvdhzyUGagZz9z62uGjF/EuRBMV/bnob7IuqvHRZtZISr
JKWns33I98rYNwAGJlpoOJWbj27rF26a2p37sVafA0DcdJEMg3hCqYksDg8pMhm4
Oj7ofvMaQ6NXUE0OO0DJ0FHEQeIZd7AG39nniPR2x3C8r4cjJ4JsKXuefBNUfSRm
jlsTowhEYmSKLNGBfrGNY5j1TUhVzXH7LUtXAM1KmEuZn7IocsIrHe/4v37XMXF8
/HCNoU2u5/7CT/qEdkc1a6RPjA==
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:52 2026 by rpki-client