Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/iVs53h_YZF7aBqVA1FOf0up1OVA.roa
File: iVs53h_YZF7aBqVA1FOf0up1OVA.roa (raw, json)
Hash identifier: UW0lfLNzDTQsdkpmCT+L1fh8JEZx2jiYpIhhq1q1Nsg=
Subject key identifier: 89:5B:39:DE:1F:D8:64:5E:DA:06:A5:40:D4:53:9F:D2:EA:75:39:50
Certificate issuer: /CN=dcfa86863c55865700634e1135e617e4079af8b9
Certificate serial: 0196B55F18F5DB1F65EA6A9091757917D49F
Authority key identifier: DC:FA:86:86:3C:55:86:57:00:63:4E:11:35:E6:17:E4:07:9A:F8:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3PqGhjxVhlcAY04RNeYX5Aea-Lk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/iVs53h_YZF7aBqVA1FOf0up1OVA.roa
Signing time: Fri 09 May 2025 14:07:10 +0000
ROA not before: Fri 09 May 2025 14:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207280
IP address blocks: 83.136.223.0/24 maxlen: 32
2a10:f00::/48 maxlen: 128
2a10:f00:1::/48 maxlen: 128
2a10:f00:3::/48 maxlen: 48
2a10:f00:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/3PqGhjxVhlcAY04RNeYX5Aea-Lk.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/3PqGhjxVhlcAY04RNeYX5Aea-Lk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3PqGhjxVhlcAY04RNeYX5Aea-Lk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b5:5f:18:f5:db:1f:65:ea:6a:90:91:75:79:17:d4:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcfa86863c55865700634e1135e617e4079af8b9
Validity
Not Before: May 9 14:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=895b39de1fd8645eda06a540d4539fd2ea753950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b8:c9:65:8c:9c:aa:c3:b7:d2:4e:6f:0b:a7:
3f:ff:20:40:cc:da:c2:c4:a7:ca:f9:88:ae:32:28:
b8:50:db:dd:12:ed:47:3d:26:23:77:4a:ba:22:44:
56:84:0b:66:97:7e:22:7f:1e:de:5c:08:7b:6b:aa:
4e:8a:13:c7:d8:f6:5a:13:ad:96:4e:e5:c2:98:eb:
32:a4:01:8a:fa:a0:ed:b7:3c:4c:b5:4f:fc:2f:a5:
b2:12:ae:7b:71:8d:61:0c:30:95:ce:e6:d2:db:8f:
69:4c:56:16:69:47:6d:ec:4c:21:50:1c:e8:11:db:
f3:5b:d0:b3:96:d6:66:32:9b:ab:f5:53:bc:f9:8f:
a1:4b:45:e7:3d:05:a5:b3:64:c1:33:86:03:c2:50:
9f:19:24:3c:06:89:d2:e2:af:80:bf:39:fb:d1:e3:
cb:11:c8:54:2c:61:9e:b7:a2:3e:c7:74:fb:48:69:
79:e3:0b:30:16:92:92:b6:0d:f1:fa:21:96:8f:fc:
2a:3e:3e:42:09:0f:73:59:3e:d2:a2:2e:aa:06:38:
87:f5:7b:23:90:ce:87:01:41:e0:32:8f:0e:c8:a2:
5c:4e:24:4d:e5:e6:88:e7:08:5a:d5:0b:75:99:3f:
e4:96:f7:54:f0:44:e7:67:23:50:25:44:3e:d6:91:
62:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:5B:39:DE:1F:D8:64:5E:DA:06:A5:40:D4:53:9F:D2:EA:75:39:50
X509v3 Authority Key Identifier:
keyid:DC:FA:86:86:3C:55:86:57:00:63:4E:11:35:E6:17:E4:07:9A:F8:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3PqGhjxVhlcAY04RNeYX5Aea-Lk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/iVs53h_YZF7aBqVA1FOf0up1OVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/7076a2-295f-45ec-b7c8-c5c9c689b745/1/3PqGhjxVhlcAY04RNeYX5Aea-Lk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.223.0/24
IPv6:
2a10:f00::/47
2a10:f00:3::-2a10:f00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:43:56:3a:4e:6d:82:ac:a4:f4:01:94:c5:23:a3:72:c3:2e:
76:85:4e:32:04:16:fa:f8:66:50:67:a9:33:ad:8b:20:9c:7d:
7f:0c:ba:00:31:b5:fe:fa:ed:cb:45:9a:e4:56:52:b9:bc:20:
99:4b:89:9c:a0:1a:60:49:1a:df:62:ba:f4:27:cb:7b:78:ef:
d1:dc:30:e4:8a:3d:1d:07:4d:ab:0b:68:b0:4a:9a:6e:10:1e:
11:7a:f1:5e:10:62:86:36:a6:a1:46:e8:97:30:4c:bb:a1:c7:
b5:b9:92:cc:1f:d3:22:c3:78:b5:fd:9a:f6:62:78:74:13:19:
48:9b:53:55:ba:0f:f4:a7:0c:ef:0e:c4:5a:93:58:46:13:8d:
60:cf:c0:1e:aa:8a:06:00:02:c7:cb:56:75:e3:61:19:11:c1:
9a:76:80:b2:66:74:12:86:15:4e:5e:c2:7d:ab:99:32:42:57:
25:66:37:8f:82:ee:95:65:43:37:99:88:03:30:9f:61:fc:a7:
f3:4f:91:6a:5a:8c:1f:f0:4f:ec:86:c9:9f:e2:f5:5a:46:0c:
a7:a1:38:49:10:a4:0e:e4:b0:99:c6:9c:c1:de:92:99:93:50:
08:4c:b8:05:b4:5a:cf:4b:96:39:a7:95:a6:37:09:62:11:83:
1b:1a:e3:c6
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZa1Xxj12x9l6mqQkXV5F9SfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZmE4Njg2M2M1NTg2NTcwMDYzNGUxMTM1ZTYxN2U0MDc5
YWY4YjkwHhcNMjUwNTA5MTQwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTViMzlkZTFmZDg2NDVlZGEwNmE1NDBkNDUzOWZkMmVhNzUzOTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7jJZYycqsO30k5vC6c//yBAzNrC
xKfK+YiuMii4UNvdEu1HPSYjd0q6IkRWhAtml34ifx7eXAh7a6pOihPH2PZaE62W
TuXCmOsypAGK+qDttzxMtU/8L6WyEq57cY1hDDCVzubS249pTFYWaUdt7EwhUBzo
EdvzW9CzltZmMpur9VO8+Y+hS0XnPQWls2TBM4YDwlCfGSQ8BonS4q+Avzn70ePL
EchULGGet6I+x3T7SGl54wswFpKStg3x+iGWj/wqPj5CCQ9zWT7Soi6qBjiH9Xsj
kM6HAUHgMo8OyKJcTiRN5eaI5wha1Qt1mT/klvdU8ETnZyNQJUQ+1pFi7QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFIlbOd4f2GRe2galQNRTn9LqdTlQMB8GA1UdIwQY
MBaAFNz6hoY8VYZXAGNOETXmF+QHmvi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1BxR2hqeFZobGNBWTA0Uk5lWVg1QWVhLUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni83MDc2YTItMjk1Zi00NWVjLWI3Yzgt
YzVjOWM2ODliNzQ1LzEvaVZzNTNoX1laRjdhQnFWQTFGT2YwdXAxT1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni83MDc2YTItMjk1Zi00NWVjLWI3YzgtYzVjOWM2ODliNzQ1
LzEvM1BxR2hqeFZobGNBWTA0Uk5lWVg1QWVhLUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAU4jfMCME
AgACMB0DBwEqEA8AAAAwEgMHACoQDwAAAwMHACoQDwAABDANBgkqhkiG9w0BAQsF
AAOCAQEAGkNWOk5tgqyk9AGUxSOjcsMudoVOMgQW+vhmUGepM62LIJx9fwy6ADG1
/vrty0Wa5FZSubwgmUuJnKAaYEka32K69CfLe3jv0dww5Io9HQdNqwtosEqabhAe
EXrxXhBihjamoUbolzBMu6HHtbmSzB/TIsN4tf2a9mJ4dBMZSJtTVboP9KcM7w7E
WpNYRhONYM/AHqqKBgACx8tWdeNhGRHBmnaAsmZ0EoYVTl7CfauZMkJXJWY3j4Lu
lWVDN5mIAzCfYfyn80+RalqMH/BP7IbJn+L1WkYMp6E4SRCkDuSwmcacwd6SmZNQ
CEy4BbRaz0uWOaeVpjcJYhGDGxrjxg==
-----END CERTIFICATE-----
Generated at Mon May 12 14:43:25 2025 by rpki-client