Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PIQJA00I_spo8CwIC-N2QbIgFEE.roa
File: PIQJA00I_spo8CwIC-N2QbIgFEE.roa (raw, json)
Hash identifier: /8w8IA01b22q0bdY4loWS3DvHgWn+CYvlpAYC9Mj7ZA=
Subject key identifier: 3C:84:09:03:4D:08:FE:CA:68:F0:2C:08:0B:E3:76:41:B2:20:14:41
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019897A401A03D308E381E3C978740BD36E7
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PIQJA00I_spo8CwIC-N2QbIgFEE.roa
Signing time: Mon 11 Aug 2025 05:39:24 +0000
ROA not before: Mon 11 Aug 2025 05:39:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.4.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:97:a4:01:a0:3d:30:8e:38:1e:3c:97:87:40:bd:36:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 11 05:39:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c8409034d08feca68f02c080be37641b2201441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:04:c3:0d:31:2b:bd:1b:a1:94:f2:87:e6:
9c:63:8f:06:63:d0:4f:bc:4d:4d:2f:5e:9b:38:ff:
17:eb:c7:09:fe:5f:69:ba:88:72:96:34:5b:c9:3e:
d1:ae:d1:a6:5a:40:f7:98:46:9f:23:7f:26:be:05:
67:63:f2:08:e1:16:86:28:2c:85:36:36:17:e8:e9:
73:96:d2:4f:6e:21:4b:41:f4:bd:3a:9d:65:81:ca:
46:58:41:41:f7:a9:64:33:9e:fd:5b:82:14:7c:c0:
6c:90:82:af:fc:ff:86:37:1c:9e:82:df:35:1e:f2:
51:29:16:1c:43:a9:58:b3:94:59:66:61:60:04:4f:
65:2f:b6:0b:ad:8c:88:4b:7f:e9:2f:8e:41:c2:7d:
9e:3a:8c:e8:1b:4e:84:80:f9:6c:68:79:91:20:e3:
14:69:13:c8:52:58:b8:4b:dd:da:bf:1e:29:c9:20:
b1:6d:bb:ab:37:4f:96:25:b3:63:f0:04:6c:7f:f9:
da:ed:a3:a4:9c:52:ab:19:ca:80:7c:4b:40:d8:e0:
0b:57:3b:e0:c3:d6:9a:29:3e:ce:c0:e6:b2:07:e9:
f5:3e:0f:7a:51:f5:c0:c6:69:9c:3a:6c:67:81:69:
7c:7f:23:34:dd:27:d9:50:3a:81:4d:37:c1:18:57:
19:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:84:09:03:4D:08:FE:CA:68:F0:2C:08:0B:E3:76:41:B2:20:14:41
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/PIQJA00I_spo8CwIC-N2QbIgFEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.4.0/22
83.147.16.0-83.147.22.255
83.147.26.0-83.147.28.255
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:fb:3b:a9:a4:01:86:c1:97:7a:b6:12:2f:52:be:39:46:3e:
64:cb:b0:c3:c6:d1:e2:19:a1:a5:5d:3a:61:49:45:fc:0a:b1:
1d:21:0c:67:30:d1:ac:34:64:bc:b5:a4:4a:6f:bc:a4:51:42:
29:0b:c1:e0:20:85:c9:75:11:74:e4:1f:ca:98:25:3a:2f:54:
ce:3d:2b:eb:79:a0:be:9c:23:a2:79:fd:0c:7d:a5:27:0c:14:
b5:54:f9:c9:ea:5d:63:43:9e:7e:56:0d:4a:11:3f:8b:a0:8d:
4e:cd:5c:1f:1b:a1:05:96:be:b7:a6:7c:b1:b0:5e:66:17:b5:
c0:e7:9b:b2:ce:a5:f3:00:e0:53:bd:54:d1:1c:ea:92:99:c1:
79:c2:fc:14:16:d4:94:cd:91:96:8f:9a:57:eb:2b:5a:01:e5:
f9:d8:55:e3:89:71:4e:07:9d:ce:87:9a:58:2f:b7:2b:72:e2:
6e:12:94:7b:54:30:36:75:13:25:6a:dd:79:d5:3c:b9:96:d4:
b8:26:bb:72:4c:ac:33:49:30:44:f3:8a:4a:90:c4:5f:68:58:
3c:84:4f:7c:f6:a1:68:ab:4f:08:fd:94:72:75:3f:04:b9:23:
37:6a:75:52:c5:30:1b:a4:91:fe:a9:2f:18:3c:29:03:cb:da:
68:e2:ff:16
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZiXpAGgPTCOOB48l4dAvTbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwODExMDUzOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzg0MDkwMzRkMDhmZWNhNjhmMDJjMDgwYmUzNzY0MWIyMjAxNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaEEww0xK70boZTyh+acY48GY9BP
vE1NL16bOP8X68cJ/l9puohyljRbyT7RrtGmWkD3mEafI38mvgVnY/II4RaGKCyF
NjYX6OlzltJPbiFLQfS9Op1lgcpGWEFB96lkM579W4IUfMBskIKv/P+GNxyegt81
HvJRKRYcQ6lYs5RZZmFgBE9lL7YLrYyIS3/pL45Bwn2eOozoG06EgPlsaHmRIOMU
aRPIUli4S93avx4pySCxbburN0+WJbNj8ARsf/na7aOknFKrGcqAfEtA2OALVzvg
w9aaKT7OwOayB+n1Pg96UfXAxmmcOmxngWl8fyM03SfZUDqBTTfBGFcZ8wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDyECQNNCP7KaPAsCAvjdkGyIBRBMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvUElRSkEwMElfc3BvOEN3SUMtTjJRYklnRkVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCU5MEMAwD
BARTkxADBABTkxYwDAMEAVOTGgMEAFOTHAMEAlOTMDANBgkqhkiG9w0BAQsFAAOC
AQEAm/s7qaQBhsGXerYSL1K+OUY+ZMuww8bR4hmhpV06YUlF/AqxHSEMZzDRrDRk
vLWkSm+8pFFCKQvB4CCFyXURdOQfypglOi9Uzj0r63mgvpwjonn9DH2lJwwUtVT5
yepdY0OeflYNShE/i6CNTs1cHxuhBZa+t6Z8sbBeZhe1wOebss6l8wDgU71U0Rzq
kpnBecL8FBbUlM2Rlo+aV+srWgHl+dhV44lxTgedzoeaWC+3K3LibhKUe1QwNnUT
JWrdedU8uZbUuCa7ckysM0kwRPOKSpDEX2hYPIRPfPahaKtPCP2UcnU/BLkjN2p1
UsUwG6SR/qkvGDwpA8vaaOL/Fg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 21:19:29 2025 by rpki-client