Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/l9Ip7JI4fAFd10Cj77KHHSrnVWw.roa
File: l9Ip7JI4fAFd10Cj77KHHSrnVWw.roa (raw, json)
Hash identifier: SkELgqgLspURpsKcvlJgINn6NNXlC7+9EjVyn8WnT2A=
Subject key identifier: 97:D2:29:EC:92:38:7C:01:5D:D7:40:A3:EF:B2:87:1D:2A:E7:55:6C
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 0196A4625705FAB622278714057FAA7430F1
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/l9Ip7JI4fAFd10Cj77KHHSrnVWw.roa
Signing time: Tue 06 May 2025 06:57:10 +0000
ROA not before: Tue 06 May 2025 06:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.64.0/24 maxlen: 24
83.166.65.0/24 maxlen: 24
83.166.66.0/24 maxlen: 24
83.166.67.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:62:57:05:fa:b6:22:27:87:14:05:7f:aa:74:30:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: May 6 06:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97d229ec92387c015dd740a3efb2871d2ae7556c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ad:83:11:15:4d:a0:2a:9b:c8:dc:a6:0b:ec:
3a:ed:ae:e2:0f:cb:d3:52:f1:76:75:52:14:51:2d:
b6:f0:df:ff:6a:db:54:fa:54:ab:52:86:2f:5c:bd:
cc:f3:f9:5b:99:bc:e7:0e:0b:43:67:dc:16:01:fb:
4a:9c:79:3f:6f:fe:c4:c9:8e:b0:2d:98:b5:8b:7d:
b3:75:52:93:43:93:b6:60:52:80:21:1e:93:d0:f5:
8f:69:17:0e:34:71:df:ec:3f:a5:fe:eb:66:bb:39:
c2:ce:ec:3c:62:33:d2:26:40:83:1e:03:02:31:aa:
86:21:e6:ea:15:5e:63:a0:5b:2f:2a:6e:bd:20:5b:
4d:05:61:52:47:0f:ba:b6:31:b0:2b:25:8d:bf:e5:
f1:93:a3:a2:5f:dd:8b:01:b3:96:a9:db:7f:49:bd:
f0:d0:cb:21:b6:8d:57:c7:6e:c5:02:23:f5:f8:a6:
9b:6a:b2:0d:f7:eb:bb:35:3a:92:41:cc:c3:99:49:
d6:98:4e:e6:6f:25:c1:e3:2d:80:cf:72:36:35:36:
db:db:ec:90:58:2b:8b:de:be:84:1e:7b:06:21:08:
c4:5c:37:fd:f1:35:c9:10:28:8b:da:f8:47:86:f5:
85:24:f6:75:e7:be:6e:67:41:0a:d2:b3:ca:41:6e:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D2:29:EC:92:38:7C:01:5D:D7:40:A3:EF:B2:87:1D:2A:E7:55:6C
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/l9Ip7JI4fAFd10Cj77KHHSrnVWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:11:8a:91:e2:f0:67:da:6e:7c:1e:3a:fe:5a:86:99:84:fd:
d8:35:82:13:09:97:7c:90:6d:dc:77:04:aa:96:d5:a1:30:9a:
43:01:75:2d:eb:c6:ae:43:56:d3:26:eb:3d:89:3d:24:cb:25:
3f:1a:26:04:08:3b:31:e4:3f:10:9f:be:15:b3:33:1d:4c:a9:
32:b9:b6:84:9c:d2:63:78:7a:8e:53:8b:5d:41:ee:87:1b:09:
39:7f:92:c8:ac:20:b6:96:8f:dc:b3:2b:b7:50:8b:65:58:2e:
1d:07:a9:3b:38:67:ae:4d:af:25:27:60:d3:98:b8:57:ca:86:
bd:82:60:7d:fa:9a:2d:70:39:d7:73:3c:9e:d4:b4:57:b1:e6:
0b:48:9c:d5:38:d1:be:3b:8f:6a:8e:48:19:a9:b0:3a:61:fd:
c8:ff:70:88:27:1c:ce:8f:06:e0:0e:7f:a2:cb:b6:be:cc:89:
60:ab:33:45:6e:5e:d8:11:36:c0:67:a1:75:89:a9:4f:4c:89:
81:6a:84:5d:e4:b2:d8:41:f6:46:33:c3:e5:96:f1:89:0d:97:
f4:45:c7:58:60:22:a0:e3:52:0e:3a:63:49:0d:6d:34:a6:90:
ce:58:0e:3c:31:aa:4c:ff:8a:a8:22:e3:db:fc:e8:66:85:bf:
ee:3d:c6:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZakYlcF+rYiJ4cUBX+qdDDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjUwNTA2MDY1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QyMjllYzkyMzg3YzAxNWRkNzQwYTNlZmIyODcxZDJhZTc1NTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4a2DERVNoCqbyNymC+w67a7iD8vT
UvF2dVIUUS228N//attU+lSrUoYvXL3M8/lbmbznDgtDZ9wWAftKnHk/b/7EyY6w
LZi1i32zdVKTQ5O2YFKAIR6T0PWPaRcONHHf7D+l/utmuznCzuw8YjPSJkCDHgMC
MaqGIebqFV5joFsvKm69IFtNBWFSRw+6tjGwKyWNv+Xxk6OiX92LAbOWqdt/Sb3w
0Mshto1Xx27FAiP1+KabarIN9+u7NTqSQczDmUnWmE7mbyXB4y2Az3I2NTbb2+yQ
WCuL3r6EHnsGIQjEXDf98TXJECiL2vhHhvWFJPZ1575uZ0EK0rPKQW5NQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfSKeySOHwBXddAo++yhx0q51VsMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvbDlJcDdKSTRmQUZkMTBDajc3S0hIU3JuVld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBuEYqR4vBn2m58Hjr+WoaZhP3YNYITCZd8kG3cdwSq
ltWhMJpDAXUt68auQ1bTJus9iT0kyyU/GiYECDsx5D8Qn74VszMdTKkyubaEnNJj
eHqOU4tdQe6HGwk5f5LIrCC2lo/csyu3UItlWC4dB6k7OGeuTa8lJ2DTmLhXyoa9
gmB9+potcDnXczye1LRXseYLSJzVONG+O49qjkgZqbA6Yf3I/3CIJxzOjwbgDn+i
y7a+zIlgqzNFbl7YETbAZ6F1ialPTImBaoRd5LLYQfZGM8PllvGJDZf0RcdYYCKg
41IOOmNJDW00ppDOWA48MapM/4qoIuPb/Ohmhb/uPca5
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:35:53 2025 by rpki-client