
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/0iDUFJnxa3p3pYn9wOd7dy5ufak.roa
File: 0iDUFJnxa3p3pYn9wOd7dy5ufak.roa (raw, json)
Hash identifier: 3azQw0QyMVpE4/ttRjyWB6+sGCTH0gc4+eCuZ8gfhjY=
Subject key identifier: D2:20:D4:14:99:F1:6B:7A:77:A5:89:FD:C0:E7:7B:77:2E:6E:7D:A9
Certificate issuer: /CN=88e9fa23da4fe97aa9e0f39115620559a29f6b70
Certificate serial: 0196ED077237119DFB401D1BBCF3BFF584B3
Authority key identifier: 88:E9:FA:23:DA:4F:E9:7A:A9:E0:F3:91:15:62:05:59:A2:9F:6B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iOn6I9pP6Xqp4PORFWIFWaKfa3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/0iDUFJnxa3p3pYn9wOd7dy5ufak.roa
Signing time: Tue 20 May 2025 09:30:10 +0000
ROA not before: Tue 20 May 2025 09:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212288
IP address blocks: 83.242.108.0/23 maxlen: 24
83.242.108.0/24 maxlen: 24
83.242.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/iOn6I9pP6Xqp4PORFWIFWaKfa3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/iOn6I9pP6Xqp4PORFWIFWaKfa3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/iOn6I9pP6Xqp4PORFWIFWaKfa3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ed:07:72:37:11:9d:fb:40:1d:1b:bc:f3:bf:f5:84:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88e9fa23da4fe97aa9e0f39115620559a29f6b70
Validity
Not Before: May 20 09:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d220d41499f16b7a77a589fdc0e77b772e6e7da9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:05:9e:f1:cb:44:30:1d:83:f9:7f:f4:b9:2b:
7b:2a:d0:e3:37:1c:71:50:77:54:fa:35:31:f1:88:
43:93:cc:3f:69:24:32:32:95:9e:4d:0a:5b:b1:b4:
9e:d7:83:87:94:37:1f:29:98:f2:a9:8b:45:97:d6:
19:f4:d5:37:77:26:67:ba:34:f0:56:fb:cd:40:69:
0f:9f:9b:b4:92:5d:e1:00:a1:d0:0d:18:20:ae:e9:
3f:20:a0:8e:ef:2a:83:38:1c:17:7f:1e:db:83:63:
e7:d6:d7:ef:82:6b:a6:ec:0f:5f:bd:c7:bc:67:a5:
b6:69:61:9b:b1:8d:82:1c:76:db:87:5b:c8:9b:04:
e8:95:42:8c:a1:98:d2:42:8f:45:63:94:e0:2e:4d:
7f:d3:ad:41:18:67:d7:68:29:29:4e:75:2b:2f:7a:
e6:8a:18:bc:6e:f0:4e:6b:f8:03:63:9c:27:7c:da:
df:33:83:53:fd:c3:e5:9a:16:ff:27:2d:99:61:d7:
91:7e:dc:a9:8d:54:90:d4:3f:68:a9:d9:da:7b:ef:
82:d9:29:37:3d:fc:64:c9:a8:a0:ac:af:ae:c9:9b:
e2:3d:65:4c:a9:42:81:4f:7b:ac:52:ed:a2:69:33:
4f:22:7b:f4:c9:bd:46:18:7c:b2:48:15:bb:ba:c1:
d7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:20:D4:14:99:F1:6B:7A:77:A5:89:FD:C0:E7:7B:77:2E:6E:7D:A9
X509v3 Authority Key Identifier:
keyid:88:E9:FA:23:DA:4F:E9:7A:A9:E0:F3:91:15:62:05:59:A2:9F:6B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iOn6I9pP6Xqp4PORFWIFWaKfa3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/0iDUFJnxa3p3pYn9wOd7dy5ufak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/6d15c0-80cc-4edf-8f14-3e2478947e6e/1/iOn6I9pP6Xqp4PORFWIFWaKfa3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.242.108.0/23
Signature Algorithm: sha256WithRSAEncryption
87:c9:6c:aa:f6:1c:4d:f3:dc:d0:c9:68:c9:8b:1c:33:10:69:
37:17:79:48:cb:6a:5e:98:af:43:aa:61:51:3a:a3:58:f4:34:
91:b4:c5:59:a4:56:60:11:60:99:49:9f:75:8c:92:c7:1a:45:
7c:c8:97:a7:e4:69:69:1b:ca:9f:c4:6d:c4:b6:93:b9:eb:c2:
f2:9f:d1:6e:bb:9a:b6:eb:36:63:6d:b2:4c:63:28:97:a1:77:
42:b2:dd:6e:b6:68:d7:85:28:2b:33:f2:bb:2c:98:62:f3:84:
70:38:a6:d7:33:12:67:86:0a:7e:27:cd:e6:57:21:1c:95:8c:
3a:6a:fc:7b:c2:7b:49:07:4f:85:8b:91:ef:f5:7a:88:f5:e2:
2d:1d:d1:4e:86:44:d9:d7:f9:6f:e5:c9:f5:e8:2f:24:90:40:
59:ea:db:3e:54:76:eb:f6:ff:22:32:c1:92:f3:e8:c9:12:ad:
4d:ad:f7:42:d3:87:45:ee:63:31:ee:4b:34:4a:84:86:4b:47:
55:1b:f9:2a:5b:f5:c3:b8:69:03:dd:cd:31:3f:55:34:03:12:
37:af:c4:96:60:93:ba:d7:48:5a:64:a3:44:0c:de:f3:ed:93:
b9:b0:b2:fa:e5:18:c7:58:59:d5:d4:52:90:fb:7e:63:1c:ac:
75:55:7b:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbtB3I3EZ37QB0bvPO/9YSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZTlmYTIzZGE0ZmU5N2FhOWUwZjM5MTE1NjIwNTU5YTI5
ZjZiNzAwHhcNMjUwNTIwMDkzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIwZDQxNDk5ZjE2YjdhNzdhNTg5ZmRjMGU3N2I3NzJlNmU3ZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAWe8ctEMB2D+X/0uSt7KtDjNxxx
UHdU+jUx8YhDk8w/aSQyMpWeTQpbsbSe14OHlDcfKZjyqYtFl9YZ9NU3dyZnujTw
VvvNQGkPn5u0kl3hAKHQDRggruk/IKCO7yqDOBwXfx7bg2Pn1tfvgmum7A9fvce8
Z6W2aWGbsY2CHHbbh1vImwTolUKMoZjSQo9FY5TgLk1/061BGGfXaCkpTnUrL3rm
ihi8bvBOa/gDY5wnfNrfM4NT/cPlmhb/Jy2ZYdeRftypjVSQ1D9oqdnae++C2Sk3
PfxkyaigrK+uyZviPWVMqUKBT3usUu2iaTNPInv0yb1GGHyySBW7usHXnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNIg1BSZ8Wt6d6WJ/cDne3cubn2pMB8GA1UdIwQY
MBaAFIjp+iPaT+l6qeDzkRViBVmin2twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU9uNkk5cFA2WHFwNFBPUkZXSUZXYUtmYTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS82ZDE1YzAtODBjYy00ZWRmLThmMTQt
M2UyNDc4OTQ3ZTZlLzEvMGlEVUZKbnhhM3AzcFluOXdPZDdkeTV1ZmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS82ZDE1YzAtODBjYy00ZWRmLThmMTQtM2UyNDc4OTQ3ZTZl
LzEvaU9uNkk5cFA2WHFwNFBPUkZXSUZXYUtmYTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU/JsMA0G
CSqGSIb3DQEBCwUAA4IBAQCHyWyq9hxN89zQyWjJixwzEGk3F3lIy2pemK9DqmFR
OqNY9DSRtMVZpFZgEWCZSZ91jJLHGkV8yJen5GlpG8qfxG3EtpO568Lyn9Fuu5q2
6zZjbbJMYyiXoXdCst1utmjXhSgrM/K7LJhi84RwOKbXMxJnhgp+J83mVyEclYw6
avx7wntJB0+Fi5Hv9XqI9eItHdFOhkTZ1/lv5cn16C8kkEBZ6ts+VHbr9v8iMsGS
8+jJEq1NrfdC04dF7mMx7ks0SoSGS0dVG/kqW/XDuGkD3c0xP1U0AxI3r8SWYJO6
10haZKNEDN7z7ZO5sLL65RjHWFnV1FKQ+35jHKx1VXs2
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:38:01 2025 by rpki-client