Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/q1_kdn_mHBMsXt_LwiZDCcVemDI.roa
File: q1_kdn_mHBMsXt_LwiZDCcVemDI.roa (raw, json)
Hash identifier: /esq7hLL7yFrxaJDn+vXCMFmGrmrvozyi17wJRNs4Xw=
Subject key identifier: AB:5F:E4:76:7F:E6:1C:13:2C:5E:DF:CB:C2:26:43:09:C5:5E:98:32
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0198E9F378F13A4A52EE51788FF58CF65417
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/q1_kdn_mHBMsXt_LwiZDCcVemDI.roa
Signing time: Wed 27 Aug 2025 05:15:04 +0000
ROA not before: Wed 27 Aug 2025 05:15:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e9:f3:78:f1:3a:4a:52:ee:51:78:8f:f5:8c:f6:54:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Aug 27 05:15:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab5fe4767fe61c132c5edfcbc2264309c55e9832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:53:a7:1d:97:3b:5a:12:1e:29:95:07:79:5f:
7e:f8:40:b8:88:61:98:8c:88:dd:06:f7:3d:c3:b2:
d4:d2:f0:dc:02:8e:bb:02:a7:b8:b6:81:6e:bf:a1:
02:25:cc:0e:e0:35:91:3c:63:34:a4:f7:0d:61:b5:
30:05:ac:ae:fc:90:c2:cd:04:f7:98:6b:3d:bc:76:
dd:58:20:ed:d3:e4:83:3f:fa:6e:58:5a:13:42:07:
29:b5:86:c6:43:57:d1:b2:66:68:8f:6a:e6:8b:58:
24:04:34:95:a5:55:2c:ab:55:72:c5:0b:29:ad:a4:
7f:f0:78:83:bf:33:62:c1:bb:53:fd:a7:a6:a7:8e:
5f:a9:a7:ea:3a:be:7a:1a:23:e6:72:8c:88:29:b3:
95:c1:d2:7f:ba:6e:97:b4:53:07:0f:d0:34:c9:d5:
b9:f3:16:85:0d:f9:5a:58:c8:65:7d:e8:1c:0a:ce:
df:f0:3e:d1:08:d8:26:94:f9:d2:9c:0f:51:82:1f:
13:39:88:dc:31:4d:3b:9f:bd:f8:3b:b2:b9:6c:ff:
e5:bd:4b:28:a2:04:06:45:bf:29:5d:09:02:4c:6b:
a5:3a:e2:62:c8:f8:23:62:bf:88:95:48:b1:85:e7:
32:8f:0e:27:13:57:e0:50:92:04:23:42:0c:1a:db:
c5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:5F:E4:76:7F:E6:1C:13:2C:5E:DF:CB:C2:26:43:09:C5:5E:98:32
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/q1_kdn_mHBMsXt_LwiZDCcVemDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0-83.147.22.255
83.147.26.0-83.147.28.255
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:28:55:67:10:a8:c5:df:0a:ac:9f:ea:50:83:9e:ba:2b:7a:
5b:6d:d6:e4:c1:47:e6:bb:12:14:27:5f:63:aa:c5:39:96:d1:
d8:ba:95:0a:bf:ea:f0:74:11:5c:fb:30:a0:f0:cf:87:1d:66:
03:38:9a:37:bc:40:bd:ab:d2:c5:ef:25:56:aa:53:31:cd:b3:
b3:f9:78:7f:b3:16:42:14:94:8b:d6:72:14:d3:87:8d:e9:d4:
18:7c:67:75:3a:7c:fb:2c:9f:89:b1:a5:df:5d:0f:9d:36:28:
55:fa:72:de:07:e2:d9:0e:dc:17:55:28:b3:13:69:ff:96:7d:
e3:86:ce:5e:a6:a8:ea:43:95:03:9c:f8:36:f3:83:97:a8:aa:
05:eb:2a:7d:66:ed:78:c2:ff:78:ab:fc:8c:93:d3:05:ac:1c:
90:f9:87:2d:5f:76:2c:5b:f3:8c:55:53:1d:1a:ee:9f:14:4f:
d2:03:ea:d9:8e:22:6f:78:50:ac:bf:30:65:cf:2f:3d:d9:e7:
9e:65:68:ad:f0:e2:89:87:94:d6:9d:ec:2b:ab:26:90:ce:c3:
02:7a:82:95:43:53:a3:e2:59:b7:10:2a:5f:22:87:00:a6:38:
a1:b8:82:07:76:0a:f4:44:dc:c0:6b:98:a2:85:33:d2:23:fe:
60:34:ec:5c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZjp83jxOkpS7lF4j/WM9lQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwODI3MDUxNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjVmZTQ3NjdmZTYxYzEzMmM1ZWRmY2JjMjI2NDMwOWM1NWU5ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlOnHZc7WhIeKZUHeV9++EC4iGGY
jIjdBvc9w7LU0vDcAo67Aqe4toFuv6ECJcwO4DWRPGM0pPcNYbUwBayu/JDCzQT3
mGs9vHbdWCDt0+SDP/puWFoTQgcptYbGQ1fRsmZoj2rmi1gkBDSVpVUsq1VyxQsp
raR/8HiDvzNiwbtT/aemp45fqafqOr56GiPmcoyIKbOVwdJ/um6XtFMHD9A0ydW5
8xaFDflaWMhlfegcCs7f8D7RCNgmlPnSnA9Rgh8TOYjcMU07n734O7K5bP/lvUso
ogQGRb8pXQkCTGulOuJiyPgjYr+IlUixhecyjw4nE1fgUJIEI0IMGtvFMQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKtf5HZ/5hwTLF7fy8ImQwnFXpgyMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvcTFfa2RuX21IQk1zWHRfTHdpWkRDY1ZlbURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBARTkxAD
BABTkxYwDAMEAVOTGgMEAFOTHAMEAlOTMDANBgkqhkiG9w0BAQsFAAOCAQEArihV
ZxCoxd8KrJ/qUIOeuit6W23W5MFH5rsSFCdfY6rFOZbR2LqVCr/q8HQRXPswoPDP
hx1mAziaN7xAvavSxe8lVqpTMc2zs/l4f7MWQhSUi9ZyFNOHjenUGHxndTp8+yyf
ibGl310PnTYoVfpy3gfi2Q7cF1UosxNp/5Z944bOXqao6kOVA5z4NvODl6iqBesq
fWbteML/eKv8jJPTBawckPmHLV92LFvzjFVTHRrunxRP0gPq2Y4ib3hQrL8wZc8v
PdnnnmVorfDiiYeU1p3sK6smkM7DAnqClUNTo+JZtxAqXyKHAKY4obiCB3YK9ETc
wGuYooUz0iP+YDTsXA==
-----END CERTIFICATE-----
Generated at Tue Sep 9 05:43:23 2025 by rpki-client