Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ydWaptTCZ1SNEwil1BbHypZ9Ba8.roa
File: ydWaptTCZ1SNEwil1BbHypZ9Ba8.roa (raw, json)
Hash identifier: BhTcs+/2LQYOi7mDvF/DM/pd2EK+d2j9shnP8PN24oU=
Subject key identifier: C9:D5:9A:A6:D4:C2:67:54:8D:13:08:A5:D4:16:C7:CA:96:7D:05:AF
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F95F94F803FB9B97F6674687C4886
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ydWaptTCZ1SNEwil1BbHypZ9Ba8.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.133.24.0/22 maxlen: 22
46.151.32.0/24 maxlen: 24
46.151.33.0/24 maxlen: 24
46.151.34.0/24 maxlen: 24
46.151.35.0/24 maxlen: 24
77.36.2.0/23 maxlen: 24
77.36.4.0/22 maxlen: 22
77.36.54.0/24 maxlen: 24
77.36.55.0/24 maxlen: 24
77.36.57.0/24 maxlen: 24
77.36.60.0/24 maxlen: 24
77.36.65.0/24 maxlen: 24
77.36.68.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
91.218.254.0/23 maxlen: 23
91.223.158.0/24 maxlen: 24
91.228.119.0/24 maxlen: 24
91.229.6.0/24 maxlen: 24
91.232.20.0/24 maxlen: 24
91.232.254.0/24 maxlen: 24
91.236.77.0/24 maxlen: 24
91.236.237.0/24 maxlen: 24
91.237.48.0/24 maxlen: 24
91.239.222.0/23 maxlen: 23
91.246.184.0/22 maxlen: 22
93.120.12.0/22 maxlen: 22
93.120.36.0/24 maxlen: 24
93.120.37.0/24 maxlen: 24
93.120.38.0/24 maxlen: 24
93.120.46.0/24 maxlen: 24
93.120.74.0/24 maxlen: 24
93.120.120.0/22 maxlen: 22
176.96.48.0/22 maxlen: 22
176.96.93.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
176.110.107.0/24 maxlen: 24
176.110.112.0/24 maxlen: 24
176.110.113.0/24 maxlen: 24
178.159.147.0/24 maxlen: 24
188.191.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:95:f9:4f:80:3f:b9:b9:7f:66:74:68:7c:48:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c9d59aa6d4c267548d1308a5d416c7ca967d05af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a3:6b:55:39:9a:ae:08:af:0c:bd:5a:a1:07:
b3:69:5d:b9:76:fb:6f:fb:1d:a7:63:9c:3c:0a:c1:
27:d8:82:ab:6a:8f:39:be:a3:fe:b8:fe:7e:ae:6c:
74:bd:07:c7:5e:a4:2e:e3:6b:c9:c7:20:8f:43:c3:
59:54:ed:14:0c:f0:7a:11:d3:da:21:d8:f9:4f:4a:
47:bf:5e:f3:0b:fa:a1:27:94:3c:90:ee:f2:98:d9:
fd:26:3f:33:65:f0:f0:6b:ed:63:11:63:0f:a6:c8:
a0:5a:31:1c:87:ce:07:05:9d:c4:a6:6a:e9:ee:5d:
c6:92:cd:6d:fe:d8:ed:d4:65:7b:b3:12:98:8d:6c:
d4:86:07:ed:2b:0d:72:4e:80:f1:b8:8b:ee:0a:27:
f1:c5:6e:b6:0e:22:f1:dd:5e:70:6a:1f:a1:56:d0:
0e:75:fc:a2:4f:9e:76:90:2f:84:36:60:ab:d9:22:
2b:42:24:e1:3d:46:92:6e:2b:db:eb:ff:b1:44:d9:
2d:19:b0:17:af:22:00:60:cf:39:25:5e:91:5b:ef:
f5:75:2a:0f:ef:b6:18:57:71:97:3f:8b:26:6e:5a:
a5:a3:8a:ea:b2:07:7f:7c:51:32:63:77:ac:a9:3c:
f8:08:75:17:31:08:dd:e7:55:e6:bc:b7:2e:54:7f:
ea:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D5:9A:A6:D4:C2:67:54:8D:13:08:A5:D4:16:C7:CA:96:7D:05:AF
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ydWaptTCZ1SNEwil1BbHypZ9Ba8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
46.151.32.0/22
77.36.2.0-77.36.7.255
77.36.54.0/23
77.36.57.0/24
77.36.60.0/24
77.36.65.0/24
77.36.68.0/22
91.218.252.0/22
91.223.158.0/24
91.228.119.0/24
91.229.6.0/24
91.232.20.0/24
91.232.254.0/24
91.236.77.0/24
91.236.237.0/24
91.237.48.0/24
91.239.222.0/23
91.246.184.0/22
93.120.12.0/22
93.120.36.0-93.120.38.255
93.120.46.0/24
93.120.74.0/24
93.120.120.0/22
176.96.48.0/22
176.96.93.0/24
176.107.72.0/21
176.110.107.0/24
176.110.112.0/23
178.159.147.0/24
188.191.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:42:60:bd:ee:b4:19:17:ed:86:73:a2:b1:3d:b8:b3:a4:3a:
03:f7:99:06:a6:87:a0:40:f0:d3:9c:d9:ea:b3:02:c5:f3:3a:
7a:45:79:02:81:3c:d0:8f:d1:bc:7c:a7:54:8b:bb:8e:c2:c9:
f3:b1:c0:ac:7d:55:1a:88:2c:f9:91:ec:17:61:a7:c1:0a:90:
c0:91:ff:70:4b:df:2f:f4:fb:53:50:03:8d:70:c6:3d:1b:31:
5a:65:a1:56:c9:45:4d:bf:59:b2:c6:c1:4d:b7:3a:ba:d7:ff:
5c:28:94:6b:c9:c3:25:89:00:e9:25:cb:ca:0d:fc:2a:d8:b9:
90:b2:84:f5:dc:fc:7a:8e:37:ec:ff:15:ea:c7:c1:ff:55:91:
71:ae:3a:a9:5d:c1:7f:e9:53:03:d0:95:d2:ae:63:8b:91:11:
26:e2:1f:fd:dd:de:de:d8:2b:8b:61:00:a8:8c:ba:62:a0:bf:
d3:b1:ca:0a:32:88:95:57:5b:2f:7d:ca:b4:41:40:ad:b0:00:
bf:95:a5:06:6e:e1:e4:6e:e3:0e:79:da:1b:24:d0:74:46:f9:
7c:f6:f0:7c:1a:72:cd:02:f8:50:24:a3:70:e8:76:e1:68:3f:
f4:c2:08:24:db:a9:8a:a1:9a:11:35:78:2f:3c:01:4b:44:f9:
71:8d:be:91
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZQlj5X5T4A/ubl/ZnRofEiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQ1OWFhNmQ0YzI2NzU0OGQxMzA4YTVkNDE2YzdjYTk2N2QwNWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6NrVTmargivDL1aoQezaV25dvtv
+x2nY5w8CsEn2IKrao85vqP+uP5+rmx0vQfHXqQu42vJxyCPQ8NZVO0UDPB6EdPa
Idj5T0pHv17zC/qhJ5Q8kO7ymNn9Jj8zZfDwa+1jEWMPpsigWjEch84HBZ3Epmrp
7l3Gks1t/tjt1GV7sxKYjWzUhgftKw1yToDxuIvuCifxxW62DiLx3V5wah+hVtAO
dfyiT552kC+ENmCr2SIrQiThPUaSbivb6/+xRNktGbAXryIAYM85JV6RW+/1dSoP
77YYV3GXP4smblqlo4rqsgd/fFEyY3esqTz4CHUXMQjd51XmvLcuVH/qbwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFMnVmqbUwmdUjRMIpdQWx8qWfQWvMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEveWRXYXB0VENaMVNORXdpbDFCYkh5cFo5QmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAIf
hRgDBAIulyAwDAMEAU0kAgMEA00kAAMEAU0kNgMEAE0kOQMEAE0kPAMEAE0kQQME
Ak0kRAMEAlva/AMEAFvfngMEAFvkdwMEAFvlBgMEAFvoFAMEAFvo/gMEAFvsTQME
AFvs7QMEAFvtMAMEAVvv3gMEAlv2uAMEAl14DDAMAwQCXXgkAwQAXXgmAwQAXXgu
AwQAXXhKAwQCXXh4AwQCsGAwAwQAsGBdAwQDsGtIAwQAsG5rAwQBsG5wAwQAsp+T
AwQCvL/8MA0GCSqGSIb3DQEBCwUAA4IBAQCLQmC97rQZF+2Gc6KxPbizpDoD95kG
poegQPDTnNnqswLF8zp6RXkCgTzQj9G8fKdUi7uOwsnzscCsfVUaiCz5kewXYafB
CpDAkf9wS98v9PtTUAONcMY9GzFaZaFWyUVNv1myxsFNtzq61/9cKJRrycMliQDp
JcvKDfwq2LmQsoT13Px6jjfs/xXqx8H/VZFxrjqpXcF/6VMD0JXSrmOLkREm4h/9
3d7e2CuLYQCojLpioL/TscoKMoiVV1svfcq0QUCtsAC/laUGbuHkbuMOedobJNB0
Rvl89vB8GnLNAvhQJKNw6HbhaD/0wggk26mKoZoRNXgvPAFLRPlxjb6R
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:33 2025 by rpki-client