Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gv_E722IzIqSita86M2sqw5WGAQ.roa
File: gv_E722IzIqSita86M2sqw5WGAQ.roa (raw, json)
Hash identifier: I+hQ3i33WCk6pDqKW+C+w/1dQmScY5o1a86MSdbHcv4=
Subject key identifier: 82:FF:C4:EF:6D:88:CC:8A:92:8A:D6:BC:E8:CD:AC:AB:0E:56:18:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019D71CBE4FFD61C520EEF2999A28F6F4003
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gv_E722IzIqSita86M2sqw5WGAQ.roa
Signing time: Thu 09 Apr 2026 10:31:20 +0000
ROA not before: Thu 09 Apr 2026 10:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198087
IP address blocks: 82.152.251.0/24 maxlen: 24
82.153.97.0/24 maxlen: 24
82.153.98.0/24 maxlen: 24
89.213.66.0/24 maxlen: 24
109.176.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:cb:e4:ff:d6:1c:52:0e:ef:29:99:a2:8f:6f:40:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 9 10:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=82ffc4ef6d88cc8a928ad6bce8cdacab0e561804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f9:8e:d9:44:5b:8e:59:12:b6:2c:de:d8:f3:
7d:50:21:54:68:72:69:c3:aa:e4:43:bd:90:26:a4:
e7:c2:40:2d:66:ec:12:88:00:59:4d:ef:4a:b9:83:
c6:07:13:1c:79:ad:9c:3d:d3:5b:96:da:2d:51:c2:
95:22:c8:87:25:c4:1e:7f:78:0c:06:59:86:bb:b9:
5c:3a:fc:b7:b6:fb:23:9b:80:7e:78:46:82:a9:3f:
d9:60:40:46:61:61:45:bf:ad:a9:c6:66:5f:10:7b:
7f:c2:5e:a5:90:1e:4e:c4:12:d2:af:17:3a:95:c1:
cf:8c:bc:68:09:4e:ef:8a:32:d9:d5:ab:d3:47:d2:
37:77:08:78:23:79:87:36:e3:72:0f:ca:4b:93:dc:
ce:12:0c:9d:a1:7b:14:bc:4f:d0:9a:70:8c:ee:ae:
3e:9f:22:5b:1a:eb:e1:8c:40:ed:c8:3f:5b:24:4f:
34:36:8c:8b:60:23:8e:e4:86:bb:0b:9f:3a:5d:b1:
1b:c5:af:ce:32:b4:7d:bc:9e:3d:e2:fc:a1:0f:76:
0d:d3:88:cd:ed:53:01:2b:c0:0b:ee:f3:ea:b2:2e:
4f:91:a7:2f:75:ed:31:15:af:ee:2e:0b:ca:a5:44:
85:26:c6:38:f8:c3:97:c0:2f:64:94:69:e5:d5:1f:
86:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FF:C4:EF:6D:88:CC:8A:92:8A:D6:BC:E8:CD:AC:AB:0E:56:18:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gv_E722IzIqSita86M2sqw5WGAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.251.0/24
82.153.97.0-82.153.98.255
89.213.66.0/24
109.176.18.0/24
Signature Algorithm: sha256WithRSAEncryption
70:34:f6:57:26:56:be:dd:5f:0a:a0:98:ff:ac:5a:f8:66:80:
76:83:40:ad:29:0d:1e:e1:86:36:5e:65:aa:cb:ce:d5:a3:cb:
f9:0f:56:3c:16:cc:d2:83:37:b9:1b:43:4a:95:75:c9:bb:02:
2c:8f:c1:be:f1:71:5d:82:0e:ea:f0:b6:ef:6f:1f:02:6e:ae:
aa:37:08:4a:b1:5a:f4:18:73:a5:77:ea:62:c6:55:1e:59:92:
d1:3f:dd:b1:9a:f7:4a:12:56:f9:4d:63:2d:87:1a:eb:0e:3d:
93:b6:c1:90:e4:6f:97:51:b3:8f:28:57:10:f9:c1:25:09:b8:
f9:cd:b0:1b:a5:64:e4:eb:f8:ca:7f:d7:ca:e4:eb:36:60:a6:
05:8a:ed:f1:71:9e:22:d4:f8:f0:96:bf:cf:84:1d:3d:55:d6:
3a:a5:65:99:b2:e8:25:ed:f6:85:4d:c1:3c:ff:01:f8:82:29:
ee:82:46:1a:a5:0d:b8:e4:8d:47:c6:80:1d:11:d5:a7:70:59:
bf:b7:64:62:48:45:fa:8b:fa:de:d3:b0:f3:65:82:f2:54:43:
b3:1d:94:e7:29:03:c0:c8:10:4f:12:ce:78:62:c0:a1:f7:1c:
00:80:42:2e:61:a1:a9:1a:3a:ea:90:6f:d4:e4:16:4a:00:d8:
1e:46:78:c1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ1xy+T/1hxSDu8pmaKPb0ADMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDA5MTAzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZmYzRlZjZkODhjYzhhOTI4YWQ2YmNlOGNkYWNhYjBlNTYxODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfmO2URbjlkStize2PN9UCFUaHJp
w6rkQ72QJqTnwkAtZuwSiABZTe9KuYPGBxMcea2cPdNbltotUcKVIsiHJcQef3gM
BlmGu7lcOvy3tvsjm4B+eEaCqT/ZYEBGYWFFv62pxmZfEHt/wl6lkB5OxBLSrxc6
lcHPjLxoCU7vijLZ1avTR9I3dwh4I3mHNuNyD8pLk9zOEgydoXsUvE/QmnCM7q4+
nyJbGuvhjEDtyD9bJE80NoyLYCOO5Ia7C586XbEbxa/OMrR9vJ494vyhD3YN04jN
7VMBK8AL7vPqsi5Pkacvde0xFa/uLgvKpUSFJsY4+MOXwC9klGnl1R+GvwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIL/xO9tiMyKkorWvOjNrKsOVhgEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ3ZfRTcyMkl6SXFTaXRhODZNMnNxdzVXR0FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUpj7MAwD
BABSmWEDBABSmWIDBABZ1UIDBABtsBIwDQYJKoZIhvcNAQELBQADggEBAHA09lcm
Vr7dXwqgmP+sWvhmgHaDQK0pDR7hhjZeZarLztWjy/kPVjwWzNKDN7kbQ0qVdcm7
AiyPwb7xcV2CDurwtu9vHwJurqo3CEqxWvQYc6V36mLGVR5ZktE/3bGa90oSVvlN
Yy2HGusOPZO2wZDkb5dRs48oVxD5wSUJuPnNsBulZOTr+Mp/18rk6zZgpgWK7fFx
niLU+PCWv8+EHT1V1jqlZZmy6CXt9oVNwTz/AfiCKe6CRhqlDbjkjUfGgB0R1adw
Wb+3ZGJIRfqL+t7TsPNlgvJUQ7MdlOcpA8DIEE8SznhiwKH3HACAQi5hoakaOuqQ
b9TkFkoA2B5GeME=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:16 2026 by rpki-client