Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/yNNopewn85t08Znw5j3oTWUISEc.roa
File: yNNopewn85t08Znw5j3oTWUISEc.roa (raw, json)
Hash identifier: ZkUCX6gB41bOpnUPfzdbRC3CiwRZ4yyWFwXTC/D9/dc=
Subject key identifier: C8:D3:68:A5:EC:27:F3:9B:74:F1:99:F0:E6:3D:E8:4D:65:08:48:47
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 01956786C3BF92401CCA1A9ABA26B6011692
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/yNNopewn85t08Znw5j3oTWUISEc.roa
Signing time: Wed 05 Mar 2025 18:17:19 +0000
ROA not before: Wed 05 Mar 2025 18:17:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48287
IP address blocks: 31.177.64.0/22 maxlen: 24
31.177.68.0/22 maxlen: 22
31.177.72.0/21 maxlen: 24
31.177.80.0/21 maxlen: 24
31.177.88.0/21 maxlen: 22
31.177.91.0/24 maxlen: 24
31.177.92.0/24 maxlen: 24
89.104.80.0/21 maxlen: 24
89.111.128.0/24 maxlen: 24
89.111.130.0/24 maxlen: 24
89.111.132.0/23 maxlen: 23
89.111.144.0/22 maxlen: 24
89.111.148.0/22 maxlen: 22
89.111.156.0/22 maxlen: 22
89.111.164.0/24 maxlen: 24
91.189.112.0/21 maxlen: 21
91.189.114.0/23 maxlen: 23
91.189.116.0/22 maxlen: 22
91.217.20.0/24 maxlen: 24
91.217.21.0/24 maxlen: 24
109.70.24.0/21 maxlen: 24
178.210.64.0/19 maxlen: 24
185.26.112.0/22 maxlen: 22
185.76.144.0/22 maxlen: 22
195.24.64.0/22 maxlen: 22
195.24.68.0/22 maxlen: 22
195.24.68.0/23 maxlen: 23
195.24.70.0/24 maxlen: 24
195.24.71.0/24 maxlen: 24
2a02:2090::/48 maxlen: 48
2a02:2090:1::/48 maxlen: 48
2a02:2090:e400::/48 maxlen: 48
2a02:2090:e800::/48 maxlen: 48
2a02:2090:ec00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:67:86:c3:bf:92:40:1c:ca:1a:9a:ba:26:b6:01:16:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 5 18:17:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8d368a5ec27f39b74f199f0e63de84d65084847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:ee:6f:fc:57:f7:03:4f:51:1d:aa:86:29:
17:38:a7:8e:33:d2:19:5e:4e:ae:28:84:6d:66:9c:
94:52:b9:ed:54:3b:9e:fb:67:38:91:9f:27:b4:a8:
bf:43:64:96:77:4d:6c:eb:96:9b:6e:d4:c3:02:c0:
16:35:1f:ef:bd:1d:f0:99:b4:2f:c5:42:38:19:4b:
41:c2:c9:9d:d7:0f:48:21:86:c3:30:4f:7e:b8:ef:
e9:35:b2:21:50:1a:2b:67:55:e1:18:02:30:c0:ee:
3b:11:25:3c:b6:ab:77:51:00:89:b6:11:ef:57:ed:
2c:b0:59:07:92:1c:6c:67:31:9f:fb:28:ba:84:bf:
b7:c9:cb:41:e0:21:fd:66:6e:ce:dc:56:c7:02:73:
57:99:20:84:9d:86:78:13:f2:f3:01:05:91:a2:e9:
28:18:3f:60:26:45:6c:da:b5:34:f8:6d:26:c6:cd:
97:66:c9:18:b7:c7:38:8a:68:7f:1b:99:ce:cf:1e:
01:fb:d4:b1:d5:a4:97:69:13:94:14:fc:c8:9e:41:
a2:9a:a0:1f:24:84:55:44:00:e7:d8:14:c6:f7:ac:
1f:a8:17:f6:20:b3:7c:57:37:c9:51:bd:5a:7c:ae:
92:b8:7b:51:d0:50:80:18:61:38:d2:bc:dd:67:20:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D3:68:A5:EC:27:F3:9B:74:F1:99:F0:E6:3D:E8:4D:65:08:48:47
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/yNNopewn85t08Znw5j3oTWUISEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.64.0/19
89.104.80.0/21
89.111.128.0/24
89.111.130.0/24
89.111.132.0/23
89.111.144.0/21
89.111.156.0/22
89.111.164.0/24
91.189.112.0/21
91.217.20.0/23
109.70.24.0/21
178.210.64.0/19
185.26.112.0/22
185.76.144.0/22
195.24.64.0/21
IPv6:
2a02:2090::/47
2a02:2090:e400::/48
2a02:2090:e800::/48
2a02:2090:ec00::/48
Signature Algorithm: sha256WithRSAEncryption
4f:c8:a7:d3:62:8d:d3:98:b3:ae:5f:7a:ed:6a:3b:07:e3:1e:
5b:a2:d5:6c:70:02:52:c3:06:48:95:2a:a1:61:3c:71:eb:f8:
6b:aa:fa:4f:67:e3:50:e1:06:b1:87:31:a7:26:67:97:1f:86:
c3:8e:c4:4c:eb:18:3a:c8:21:e2:85:6a:52:3e:b5:de:af:10:
5d:47:79:1e:02:f0:a5:ed:fb:26:ee:96:3c:c1:50:e8:43:56:
f0:44:ff:59:7e:f9:85:0e:0c:04:5b:f7:e3:d7:fd:13:0a:47:
b6:51:41:f2:3b:1e:bc:65:5c:1f:8d:c2:9b:3e:bd:39:c3:58:
da:eb:51:57:bc:66:81:42:63:04:4a:43:13:6e:35:cb:80:c3:
91:99:f7:01:4a:5b:e3:2a:7e:a8:2e:73:98:b1:ab:31:59:b7:
46:aa:c8:8c:a8:82:95:1d:8b:27:63:53:7a:49:09:0f:82:dd:
f3:53:66:ee:97:78:43:dc:0e:66:3a:f0:21:7b:96:11:f1:d4:
2a:f9:68:fd:06:d5:24:0e:96:2a:a1:ef:d7:88:bc:ec:c9:ec:
23:fd:33:e2:57:37:48:e9:78:ff:9f:b1:6e:4b:18:35:60:0c:
06:3f:e9:a6:5b:7f:01:7c:b1:9c:66:cd:c3:ac:6e:bb:13:21:
5b:b5:d6:65
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZVnhsO/kkAcyhqauia2ARaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMzA1MTgxNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGQzNjhhNWVjMjdmMzliNzRmMTk5ZjBlNjNkZTg0ZDY1MDg0ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvvub/xX9wNPUR2qhikXOKeOM9IZ
Xk6uKIRtZpyUUrntVDue+2c4kZ8ntKi/Q2SWd01s65abbtTDAsAWNR/vvR3wmbQv
xUI4GUtBwsmd1w9IIYbDME9+uO/pNbIhUBorZ1XhGAIwwO47ESU8tqt3UQCJthHv
V+0ssFkHkhxsZzGf+yi6hL+3yctB4CH9Zm7O3FbHAnNXmSCEnYZ4E/LzAQWRouko
GD9gJkVs2rU0+G0mxs2XZskYt8c4imh/G5nOzx4B+9Sx1aSXaROUFPzInkGimqAf
JIRVRADn2BTG96wfqBf2ILN8VzfJUb1afK6SuHtR0FCAGGE40rzdZyAhCQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFMjTaKXsJ/ObdPGZ8OY96E1lCEhHMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEveU5Ob3Bld244NXQwOFpudzVqM29UV1VJU0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjBgBAIAATBaAwQFH7FA
AwQDWWhQAwQAWW+AAwQAWW+CAwQBWW+EAwQDWW+QAwQCWW+cAwQAWW+kAwQDW71w
AwQBW9kUAwQDbUYYAwQFstJAAwQCuRpwAwQCuUyQAwQDwxhAMCoEAgACMCQDBwEq
AiCQAAADBwAqAiCQ5AADBwAqAiCQ6AADBwAqAiCQ7AAwDQYJKoZIhvcNAQELBQAD
ggEBAE/Ip9NijdOYs65feu1qOwfjHlui1WxwAlLDBkiVKqFhPHHr+Guq+k9n41Dh
BrGHMacmZ5cfhsOOxEzrGDrIIeKFalI+td6vEF1HeR4C8KXt+ybuljzBUOhDVvBE
/1l++YUODARb9+PX/RMKR7ZRQfI7HrxlXB+Nwps+vTnDWNrrUVe8ZoFCYwRKQxNu
NcuAw5GZ9wFKW+Mqfqguc5ixqzFZt0aqyIyogpUdiydjU3pJCQ+C3fNTZu6XeEPc
DmY68CF7lhHx1Cr5aP0G1SQOliqh79eIvOzJ7CP9M+JXN0jpeP+fsW5LGDVgDAY/
6aZbfwF8sZxmzcOsbrsTIVu11mU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:07:53 2025 by rpki-client