Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/lY5lInv89iRxJVvC3a6rnPaLUZE.roa
File: lY5lInv89iRxJVvC3a6rnPaLUZE.roa (raw, json)
Hash identifier: NXKmyIXzqyj9f0ZTzfiv0j+d+aicHdwiSS0J0/+KFtg=
Subject key identifier: 95:8E:65:22:7B:FC:F6:24:71:25:5B:C2:DD:AE:AB:9C:F6:8B:51:91
Certificate issuer: /CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Certificate serial: 0196BEF68A4EAC421BE6B9A419E1DD71EE3F
Authority key identifier: 0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/lY5lInv89iRxJVvC3a6rnPaLUZE.roa
Signing time: Sun 11 May 2025 10:49:10 +0000
ROA not before: Sun 11 May 2025 10:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33852
IP address blocks: 83.139.0.0/24 maxlen: 24
83.139.1.0/24 maxlen: 24
83.139.2.0/24 maxlen: 24
83.139.4.0/24 maxlen: 24
83.139.5.0/24 maxlen: 24
83.139.6.0/23 maxlen: 23
83.139.8.0/21 maxlen: 21
83.139.8.0/24 maxlen: 24
83.139.9.0/24 maxlen: 24
83.139.10.0/24 maxlen: 24
83.139.11.0/24 maxlen: 24
83.139.12.0/24 maxlen: 24
83.139.13.0/24 maxlen: 24
83.139.14.0/24 maxlen: 24
83.139.15.0/24 maxlen: 24
83.139.16.0/24 maxlen: 24
83.139.17.0/24 maxlen: 24
83.139.18.0/24 maxlen: 24
83.139.36.0/22 maxlen: 22
83.139.39.0/24 maxlen: 24
2a01:4000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:f6:8a:4e:ac:42:1b:e6:b9:a4:19:e1:dd:71:ee:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e75fb4f52a829d136e29a9a025c636d19ae328e
Validity
Not Before: May 11 10:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=958e65227bfcf62471255bc2ddaeab9cf68b5191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b3:9a:09:e8:f6:4f:a2:e4:1b:c4:dd:19:dc:
08:6d:51:5a:26:9f:39:2c:fc:5a:86:54:83:00:91:
c4:ec:7d:7b:10:35:dd:3c:21:43:c0:40:2f:74:48:
6f:46:44:41:d0:6b:23:b6:7e:41:c4:f2:9f:c9:a9:
46:0d:dc:14:44:14:9b:cb:c5:c1:59:c4:05:4f:6b:
73:1f:99:c3:48:cf:e1:d2:c5:ca:d2:9c:1b:17:4b:
b4:19:7f:f5:a7:5d:66:5e:3c:0a:2b:fc:a2:bd:91:
b3:6f:83:0d:c1:5b:80:8e:c0:d8:1c:7e:69:a9:c2:
53:53:db:b3:b7:8f:03:d5:0b:41:8e:59:64:f9:e8:
c0:a8:36:3e:a8:fd:ff:23:c2:53:c4:34:26:11:78:
97:de:ac:b4:39:41:58:b1:cc:94:df:3c:43:69:e5:
59:43:b1:54:e0:67:ad:4a:08:5d:00:81:b4:d9:dd:
15:5c:8b:b7:91:7c:d1:35:11:f1:6e:cc:38:7b:ec:
42:18:7d:57:80:6f:6d:ce:75:37:2a:93:17:0e:9d:
6f:26:63:66:68:eb:c3:04:2a:67:4e:56:22:ae:a6:
ba:76:77:06:0e:ca:d7:22:43:bd:fe:24:16:31:f4:
69:5b:7d:fc:7e:ae:96:34:c0:3f:b1:93:e9:4e:f1:
e9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8E:65:22:7B:FC:F6:24:71:25:5B:C2:DD:AE:AB:9C:F6:8B:51:91
X509v3 Authority Key Identifier:
keyid:0E:75:FB:4F:52:A8:29:D1:36:E2:9A:9A:02:5C:63:6D:19:AE:32:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DnX7T1KoKdE24pqaAlxjbRmuMo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/lY5lInv89iRxJVvC3a6rnPaLUZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/5759f6-93e2-4029-a49f-35ba267ded3b/1/DnX7T1KoKdE24pqaAlxjbRmuMo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.139.0.0-83.139.2.255
83.139.4.0-83.139.18.255
83.139.36.0/22
IPv6:
2a01:4000::/32
Signature Algorithm: sha256WithRSAEncryption
1e:d8:cf:b3:20:8e:cb:87:52:01:1f:af:30:41:54:71:5f:fa:
72:fd:72:b6:21:86:e0:39:1d:1a:73:17:6c:dd:36:52:c4:a8:
7c:ca:03:d4:6e:9c:ea:e4:9d:3d:0b:cb:d9:81:87:49:41:bc:
03:43:3d:de:c0:1b:b8:39:d5:25:59:d3:b2:5a:07:5e:70:54:
8b:30:35:1c:aa:23:e7:c8:2b:59:1f:7c:5f:cc:f9:de:2e:91:
8b:57:14:40:f4:af:ad:60:c4:02:84:47:b3:cc:cf:60:74:a0:
e2:92:fe:36:14:27:32:ee:e1:7e:07:34:ac:47:98:6e:d5:25:
ba:a2:45:4d:9d:28:d4:32:eb:e9:7c:bf:6d:dc:26:51:22:ff:
8a:00:49:07:eb:78:70:a4:be:0c:cf:f5:26:e2:1f:27:65:9a:
39:ff:d5:4f:ed:f8:98:ad:a6:1d:b7:10:f1:8c:85:fb:7a:76:
64:ba:12:70:f6:06:1d:c4:56:6b:04:20:ad:ff:65:5a:97:95:
3e:da:fd:e5:24:fe:59:3c:61:c5:39:f8:61:76:fb:2c:41:d0:
8b:cd:d3:98:60:a9:81:04:d9:94:8b:50:4f:a2:83:7e:45:d8:
e6:39:23:b3:ad:d2:56:01:5a:68:cc:df:fd:ae:c4:25:ec:b3:
fd:82:d3:78
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZa+9opOrEIb5rmkGeHdce4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNzVmYjRmNTJhODI5ZDEzNmUyOWE5YTAyNWM2MzZkMTlh
ZTMyOGUwHhcNMjUwNTExMTA0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThlNjUyMjdiZmNmNjI0NzEyNTViYzJkZGFlYWI5Y2Y2OGI1MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLOaCej2T6LkG8TdGdwIbVFaJp85
LPxahlSDAJHE7H17EDXdPCFDwEAvdEhvRkRB0Gsjtn5BxPKfyalGDdwURBSby8XB
WcQFT2tzH5nDSM/h0sXK0pwbF0u0GX/1p11mXjwKK/yivZGzb4MNwVuAjsDYHH5p
qcJTU9uzt48D1QtBjllk+ejAqDY+qP3/I8JTxDQmEXiX3qy0OUFYscyU3zxDaeVZ
Q7FU4GetSghdAIG02d0VXIu3kXzRNRHxbsw4e+xCGH1XgG9tznU3KpMXDp1vJmNm
aOvDBCpnTlYirqa6dncGDsrXIkO9/iQWMfRpW338fq6WNMA/sZPpTvHp9QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJWOZSJ7/PYkcSVbwt2uq5z2i1GRMB8GA1UdIwQY
MBaAFA51+09SqCnRNuKamgJcY20ZrjKOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYt
MzViYTI2N2RlZDNiLzEvbFk1bEludjg5aVJ4SlZ2QzNhNnJuUGFMVVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC81NzU5ZjYtOTNlMi00MDI5LWE0OWYtMzViYTI2N2RlZDNi
LzEvRG5YN1QxS29LZEUyNHBxYUFseGpiUm11TW80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhMAsDAwBTiwME
AFOLAjAMAwQCU4sEAwQAU4sSAwQCU4skMA0EAgACMAcDBQAqAUAAMA0GCSqGSIb3
DQEBCwUAA4IBAQAe2M+zII7Lh1IBH68wQVRxX/py/XK2IYbgOR0acxds3TZSxKh8
ygPUbpzq5J09C8vZgYdJQbwDQz3ewBu4OdUlWdOyWgdecFSLMDUcqiPnyCtZH3xf
zPneLpGLVxRA9K+tYMQChEezzM9gdKDikv42FCcy7uF+BzSsR5hu1SW6okVNnSjU
MuvpfL9t3CZRIv+KAEkH63hwpL4Mz/Um4h8nZZo5/9VP7fiYraYdtxDxjIX7enZk
uhJw9gYdxFZrBCCt/2Val5U+2v3lJP5ZPGHFOfhhdvssQdCLzdOYYKmBBNmUi1BP
ooN+RdjmOSOzrdJWAVpozN/9rsQl7LP9gtN4
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:20:40 2025 by rpki-client