Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OX3hgxwmrzDr0ugwF2_wxk4KaEI.roa
File: OX3hgxwmrzDr0ugwF2_wxk4KaEI.roa (raw, json)
Hash identifier: USy9HaatJH9Ws4/6yqXo33z+gYPHAPqJ9GKMT9lNh6M=
Subject key identifier: 39:7D:E1:83:1C:26:AF:30:EB:D2:E8:30:17:6F:F0:C6:4E:0A:68:42
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 019C7584A4C8FC2E0C24687306BEDFFD9C12
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OX3hgxwmrzDr0ugwF2_wxk4KaEI.roa
Signing time: Thu 19 Feb 2026 10:49:13 +0000
ROA not before: Thu 19 Feb 2026 10:49:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 83.147.4.0/22 maxlen: 24
83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.23.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
83.147.48.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:75:84:a4:c8:fc:2e:0c:24:68:73:06:be:df:fd:9c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Feb 19 10:49:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=397de1831c26af30ebd2e830176ff0c64e0a6842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:5f:63:da:47:fd:f1:d3:5b:ba:f1:8e:3f:
35:0f:4b:11:47:0b:d8:b0:89:d0:6c:d5:7d:b4:89:
27:2c:65:71:4a:9f:95:26:b0:97:9c:ae:42:42:33:
f0:e8:55:c5:2d:41:1c:28:6f:cc:87:38:3b:6a:a2:
74:a5:f3:c4:5a:c7:07:7c:ab:15:de:2f:71:5a:63:
ba:76:9d:bb:86:f9:93:29:c4:36:ee:de:10:41:be:
e4:ce:1f:04:85:a6:bb:32:c2:fa:10:89:c3:0c:6d:
c5:03:54:c2:c4:d7:50:23:02:ce:cc:ac:a9:14:3c:
a0:33:bc:78:01:c4:5c:27:10:70:bb:e5:c5:f9:0b:
70:8b:7c:26:9b:04:a9:79:ca:d5:c4:b2:49:5a:cb:
c8:b7:fc:c7:29:dc:60:d9:22:f2:9a:a3:4a:78:08:
2e:29:f6:20:3c:d6:75:ad:d2:e6:87:fb:98:c7:25:
64:9b:5f:02:dc:1b:a6:e8:ba:7c:a4:8e:8e:7d:dd:
f3:c3:67:c4:44:0d:dd:bb:aa:2a:d3:14:6a:55:82:
57:78:6f:05:2b:7b:af:66:9a:ec:f4:2e:a7:95:5a:
87:32:41:7a:21:5d:cb:1a:dc:8e:3c:20:59:a2:fa:
21:b9:9f:6e:27:05:80:df:f7:b7:df:34:c1:38:f2:
1b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:7D:E1:83:1C:26:AF:30:EB:D2:E8:30:17:6F:F0:C6:4E:0A:68:42
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/OX3hgxwmrzDr0ugwF2_wxk4KaEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.4.0/22
83.147.16.0/21
83.147.26.0-83.147.28.255
83.147.48.0/22
Signature Algorithm: sha256WithRSAEncryption
74:15:86:32:9b:0f:37:eb:3e:80:b0:53:35:91:dc:bd:53:14:
b2:dc:18:6c:aa:09:2a:f7:58:83:2f:aa:5f:5b:e3:0f:8b:ee:
a3:02:94:b8:a0:90:cd:15:7c:aa:25:e6:f9:70:21:3e:83:b1:
31:f6:28:43:46:e1:2e:97:a3:a1:bb:d7:bc:74:01:d0:c9:36:
06:bf:f5:18:46:15:13:b9:24:96:83:23:62:c5:ae:8c:da:90:
26:fb:56:c2:43:25:b5:03:23:fc:7c:bd:38:3a:6a:9d:a1:b0:
04:1f:67:0e:d4:51:34:19:73:82:27:05:6d:28:4c:e0:c2:74:
f9:a3:37:97:39:e1:82:da:e0:98:94:8e:3c:51:cc:53:52:f8:
5d:04:4c:57:96:c0:69:54:14:27:f6:f5:26:d5:97:76:40:f4:
4f:66:ac:8f:ec:0b:6f:9f:68:32:8d:bb:67:52:e2:3f:37:0f:
d0:6c:79:43:59:af:2c:de:16:75:46:69:1c:87:e0:9c:4b:4a:
d8:2a:8d:bb:13:6a:c2:5c:2e:98:0a:db:ca:d0:e5:88:02:b6:
39:9e:2e:5e:b7:bb:b6:26:22:03:e4:e2:11:69:cc:3e:79:8d:
0b:62:51:7e:00:d7:d2:be:fd:b9:d3:10:5c:01:8c:f4:8e:85:
d0:b9:68:c0
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZx1hKTI/C4MJGhzBr7f/ZwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjYwMjE5MTA0OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTdkZTE4MzFjMjZhZjMwZWJkMmU4MzAxNzZmZjBjNjRlMGE2ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJBfY9pH/fHTW7rxjj81D0sRRwvY
sInQbNV9tIknLGVxSp+VJrCXnK5CQjPw6FXFLUEcKG/Mhzg7aqJ0pfPEWscHfKsV
3i9xWmO6dp27hvmTKcQ27t4QQb7kzh8Ehaa7MsL6EInDDG3FA1TCxNdQIwLOzKyp
FDygM7x4AcRcJxBwu+XF+Qtwi3wmmwSpecrVxLJJWsvIt/zHKdxg2SLymqNKeAgu
KfYgPNZ1rdLmh/uYxyVkm18C3Bum6Lp8pI6Ofd3zw2fERA3du6oq0xRqVYJXeG8F
K3uvZprs9C6nlVqHMkF6IV3LGtyOPCBZovohuZ9uJwWA3/e33zTBOPIbvwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDl94YMcJq8w69LoMBdv8MZOCmhCMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvT1gzaGd4d21yekRyMHVnd0YyX3d4azRLYUVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCU5MEAwQD
U5MQMAwDBAFTkxoDBABTkxwDBAJTkzAwDQYJKoZIhvcNAQELBQADggEBAHQVhjKb
DzfrPoCwUzWR3L1TFLLcGGyqCSr3WIMvql9b4w+L7qMClLigkM0VfKol5vlwIT6D
sTH2KENG4S6Xo6G717x0AdDJNga/9RhGFRO5JJaDI2LFrozakCb7VsJDJbUDI/x8
vTg6ap2hsAQfZw7UUTQZc4InBW0oTODCdPmjN5c54YLa4JiUjjxRzFNS+F0ETFeW
wGlUFCf29SbVl3ZA9E9mrI/sC2+faDKNu2dS4j83D9BseUNZryzeFnVGaRyH4JxL
StgqjbsTasJcLpgK28rQ5YgCtjmeLl63u7YmIgPk4hFpzD55jQtiUX4A19K+/bnT
EFwBjPSOhdC5aMA=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:42:14 2026 by rpki-client