Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/GQfvFcNiUyX8SrjL5ce1EjKCRvg.roa
File: GQfvFcNiUyX8SrjL5ce1EjKCRvg.roa (raw, json)
Hash identifier: UsJbXnyxmkVVSmp6xyDdWfsXDqqSMo0IhArj6HZnwas=
Subject key identifier: 19:07:EF:15:C3:62:53:25:FC:4A:B8:CB:E5:C7:B5:12:32:82:46:F8
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019E7235773CEDC5C84344FE650157409C84
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/GQfvFcNiUyX8SrjL5ce1EjKCRvg.roa
Signing time: Fri 29 May 2026 05:29:27 +0000
ROA not before: Fri 29 May 2026 05:29:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 83.147.4.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:35:77:3c:ed:c5:c8:43:44:fe:65:01:57:40:9c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: May 29 05:29:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1907ef15c3625325fc4ab8cbe5c7b512328246f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b5:f8:39:8e:85:25:95:5f:ff:76:36:a4:05:
0a:26:9e:cc:c9:06:be:8f:49:15:7c:36:7c:c5:2d:
08:9b:3f:28:5b:35:e1:34:c3:85:d4:78:1f:01:00:
73:10:3f:9a:3a:0e:27:39:b3:e5:e1:26:0b:c5:37:
b3:f4:45:29:5c:7c:f6:80:77:8d:59:69:fc:59:90:
cb:77:59:21:0f:fe:fd:45:ef:33:79:5c:f2:cd:7c:
ef:6d:f4:3f:c3:11:43:f7:79:33:29:76:da:0f:b8:
f8:6f:ce:a9:f1:3c:a1:44:03:8a:3e:db:a9:e4:51:
3e:99:95:f9:49:d1:3d:af:88:02:66:5d:ce:d7:0a:
e1:49:c3:5e:67:a7:c0:a6:3c:99:87:d5:90:c3:37:
80:40:65:22:a9:be:1e:83:8a:60:ae:7b:47:03:f5:
24:6e:50:9e:bd:66:82:39:b1:df:8c:d8:ea:80:19:
51:e6:21:bd:8d:7a:bb:ac:35:e1:ba:2f:fd:d9:cd:
fd:8e:81:6e:26:57:33:12:f0:ec:f2:f3:e0:e4:0f:
fa:c6:df:fc:3f:09:49:7d:fc:82:ac:67:5a:d9:4c:
34:7e:0b:e3:ce:08:19:ce:a5:e4:36:5d:51:f7:06:
bd:5b:86:a4:65:70:f0:a8:ae:38:26:4d:e4:a6:c3:
63:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:07:EF:15:C3:62:53:25:FC:4A:B8:CB:E5:C7:B5:12:32:82:46:F8
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/GQfvFcNiUyX8SrjL5ce1EjKCRvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.4.0/22
83.147.16.0/21
83.147.26.0-83.147.28.255
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:e0:4e:08:14:c0:f6:2e:0e:16:80:47:a6:11:3c:7a:63:39:
0f:53:b9:b9:0f:04:c7:c8:72:6e:d6:e6:24:6c:bc:17:e7:70:
65:10:49:f5:54:60:b4:54:8e:4a:02:9a:6b:cd:59:ec:d7:2e:
7c:e6:03:c0:84:57:58:cb:7f:16:b8:e6:1c:6e:6f:d0:7a:24:
ec:a2:e4:86:f5:57:c2:22:dd:e8:4c:d9:b5:0f:86:c5:36:76:
90:32:ba:e9:62:12:65:cf:2c:a9:04:0e:97:39:2c:9a:6f:d3:
f0:97:60:29:d1:54:4f:5a:86:a2:e9:24:12:58:3a:18:ab:5c:
a7:69:68:f4:c1:df:df:e6:f7:5a:18:5d:66:9e:ab:38:99:cc:
0b:84:60:8b:92:dd:f1:f4:1e:22:49:46:15:5c:9c:80:a6:a7:
51:eb:ac:55:42:e7:45:8c:6c:b7:fa:e9:0c:8f:b2:51:ee:65:
af:02:95:86:7c:ef:4f:ff:d9:a1:3c:d8:33:15:18:7a:b4:3a:
16:9c:80:c0:59:9a:6e:89:e1:88:70:4c:84:c7:0e:e3:e4:eb:
4d:84:3b:fd:34:b3:00:45:7c:ea:d2:5b:28:a3:17:8f:f7:e6:
ac:5e:6b:7e:9d:1b:82:43:af:b4:04:77:49:89:d1:28:4f:69:
35:02:e2:14
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ5yNXc87cXIQ0T+ZQFXQJyEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjYwNTI5MDUyOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTA3ZWYxNWMzNjI1MzI1ZmM0YWI4Y2JlNWM3YjUxMjMyODI0NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrX4OY6FJZVf/3Y2pAUKJp7MyQa+
j0kVfDZ8xS0Imz8oWzXhNMOF1HgfAQBzED+aOg4nObPl4SYLxTez9EUpXHz2gHeN
WWn8WZDLd1khD/79Re8zeVzyzXzvbfQ/wxFD93kzKXbaD7j4b86p8TyhRAOKPtup
5FE+mZX5SdE9r4gCZl3O1wrhScNeZ6fApjyZh9WQwzeAQGUiqb4eg4pgrntHA/Uk
blCevWaCObHfjNjqgBlR5iG9jXq7rDXhui/92c39joFuJlczEvDs8vPg5A/6xt/8
PwlJffyCrGda2Uw0fgvjzggZzqXkNl1R9wa9W4akZXDwqK44Jk3kpsNjEwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBkH7xXDYlMl/Eq4y+XHtRIygkb4MB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvR1FmdkZjTmlVeVg4U3JqTDVjZTFFaktDUnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCU5MEAwQD
U5MQMAwDBAFTkxoDBABTkxwDBAJTkzAwDQYJKoZIhvcNAQELBQADggEBACzgTggU
wPYuDhaAR6YRPHpjOQ9TubkPBMfIcm7W5iRsvBfncGUQSfVUYLRUjkoCmmvNWezX
LnzmA8CEV1jLfxa45hxub9B6JOyi5Ib1V8Ii3ehM2bUPhsU2dpAyuuliEmXPLKkE
Dpc5LJpv0/CXYCnRVE9ahqLpJBJYOhirXKdpaPTB39/m91oYXWaeqziZzAuEYIuS
3fH0HiJJRhVcnICmp1HrrFVC50WMbLf66QyPslHuZa8ClYZ870//2aE82DMVGHq0
OhacgMBZmm6J4YhwTITHDuPk602EO/00swBFfOrSWyijF4/35qxea36dG4JDr7QE
d0mJ0ShPaTUC4hQ=
-----END CERTIFICATE-----
Generated at Thu Jun 11 18:55:22 2026 by rpki-client