Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/r-yHM3bmIVvSYrYlLiG4Jp2F8LQ.roa
File: r-yHM3bmIVvSYrYlLiG4Jp2F8LQ.roa (raw, json)
Hash identifier: aV2KmTPhhQ/UXPNGMX/R+ClkHo8p8Z5+ju+RcYJM+3A=
Subject key identifier: AF:EC:87:33:76:E6:21:5B:D2:62:B6:25:2E:21:B8:26:9D:85:F0:B4
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01941FFA42DF4B98595D4AF4BE618E692486
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/r-yHM3bmIVvSYrYlLiG4Jp2F8LQ.roa
Signing time: Wed 01 Jan 2025 03:48:02 +0000
ROA not before: Wed 01 Jan 2025 03:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214530
IP address blocks: 31.14.100.0/23 maxlen: 23
86.105.170.0/24 maxlen: 24
86.106.156.0/24 maxlen: 24
89.33.45.0/24 maxlen: 24
89.33.238.0/23 maxlen: 23
89.35.117.0/24 maxlen: 24
89.36.148.0/23 maxlen: 23
89.36.196.0/24 maxlen: 24
89.37.159.0/24 maxlen: 24
89.38.138.0/23 maxlen: 23
89.40.136.0/23 maxlen: 23
188.241.104.0/24 maxlen: 24
188.241.105.0/24 maxlen: 24
188.241.184.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:42:df:4b:98:59:5d:4a:f4:be:61:8e:69:24:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 03:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=afec873376e6215bd262b6252e21b8269d85f0b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:47:e4:3f:b9:82:9a:f8:d4:17:f1:86:5f:
24:68:33:fd:10:0c:f9:57:01:e2:3a:54:4f:9b:09:
28:5b:73:08:77:54:12:15:25:b5:83:ff:1b:a9:64:
29:93:5e:bc:0b:0f:9f:f7:38:c1:cb:16:34:3e:8b:
14:73:2b:7d:b7:77:d3:ce:ee:21:ee:a2:cb:4d:cf:
33:c6:df:95:26:74:16:67:38:8c:5d:1b:72:be:fd:
78:49:83:b2:94:a2:7a:69:43:41:79:d1:f8:db:cb:
11:25:6d:a2:00:49:cf:a6:fc:cb:71:c1:d8:46:8f:
77:8d:2c:47:6b:ea:09:04:37:1c:e4:3c:15:4a:a8:
2c:86:d6:8c:7f:dc:e0:fc:ba:50:79:4d:7c:86:49:
43:4d:e8:3b:a5:af:2c:1d:12:b1:c3:c4:e4:d9:2c:
50:d0:14:33:ed:9a:fd:04:ee:f4:7f:6a:80:38:f1:
50:b6:f4:a8:fc:80:ae:ed:75:3b:71:c9:1a:c5:fd:
b4:fa:9d:fa:86:59:50:fa:66:df:a8:fd:a8:38:f3:
a2:65:61:d0:97:00:9f:34:02:d4:30:74:4c:70:11:
5f:42:23:27:c2:5d:d2:07:06:b6:38:6f:07:be:83:
41:32:d8:e6:60:0c:b8:16:23:98:42:65:fe:4e:92:
6e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:EC:87:33:76:E6:21:5B:D2:62:B6:25:2E:21:B8:26:9D:85:F0:B4
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/r-yHM3bmIVvSYrYlLiG4Jp2F8LQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.100.0/23
86.105.170.0/24
86.106.156.0/24
89.33.45.0/24
89.33.238.0/23
89.35.117.0/24
89.36.148.0/23
89.36.196.0/24
89.37.159.0/24
89.38.138.0/23
89.40.136.0/23
188.241.104.0/23
188.241.184.0/23
Signature Algorithm: sha256WithRSAEncryption
66:01:93:28:26:83:9d:b5:74:b5:b4:80:7c:d2:c3:84:61:2b:
94:fe:4a:16:0c:b9:d0:f9:e9:9e:b9:36:c9:8e:24:90:65:8a:
13:3e:4e:d1:c3:2b:cf:48:36:8b:18:22:48:66:95:eb:c0:59:
98:95:3c:28:92:6f:02:aa:91:aa:44:72:8d:24:4d:47:96:14:
aa:ed:02:aa:50:3b:8b:44:a1:17:2c:e2:34:ff:09:4a:92:7b:
e5:02:e0:22:aa:50:99:c3:2b:eb:bc:b8:d5:a5:91:1a:e9:51:
ad:30:7e:8d:9f:94:e5:8e:d1:df:6a:58:fe:11:0c:33:f3:71:
a3:7c:4a:9e:b8:20:af:26:49:53:f4:76:7f:6b:ca:22:51:3b:
c3:39:ef:c9:17:cb:08:cb:12:8a:53:2e:fa:50:80:27:9d:1d:
43:a0:d9:83:fc:10:ed:2f:cd:f5:9e:1f:10:e0:44:ec:6d:19:
d6:0e:92:df:d4:4f:a9:63:c2:d6:94:7b:b4:98:9c:e8:92:be:
b0:02:e7:0a:27:65:9f:9b:07:9b:a0:28:8a:dc:5c:97:8c:4b:
67:0c:7e:35:e6:77:52:18:03:eb:e5:49:b4:17:ff:73:15:14:
8b:ef:42:63:5c:e0:8a:18:03:75:b0:00:a5:8f:9c:07:3b:d0:
ca:83:dc:ea
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZQf+kLfS5hZXUr0vmGOaSSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjUwMTAxMDM0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmVjODczMzc2ZTYyMTViZDI2MmI2MjUyZTIxYjgyNjlkODVmMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfpH5D+5gpr41Bfxhl8kaDP9EAz5
VwHiOlRPmwkoW3MId1QSFSW1g/8bqWQpk168Cw+f9zjByxY0PosUcyt9t3fTzu4h
7qLLTc8zxt+VJnQWZziMXRtyvv14SYOylKJ6aUNBedH428sRJW2iAEnPpvzLccHY
Ro93jSxHa+oJBDcc5DwVSqgshtaMf9zg/LpQeU18hklDTeg7pa8sHRKxw8Tk2SxQ
0BQz7Zr9BO70f2qAOPFQtvSo/ICu7XU7cckaxf20+p36hllQ+mbfqP2oOPOiZWHQ
lwCfNALUMHRMcBFfQiMnwl3SBwa2OG8HvoNBMtjmYAy4FiOYQmX+TpJuhQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFK/shzN25iFb0mK2JS4huCadhfC0MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvci15SE0zYm1JVnZTWXJZbExpRzRKcDJGOExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBHw5kAwQA
VmmqAwQAVmqcAwQAWSEtAwQBWSHuAwQAWSN1AwQBWSSUAwQAWSTEAwQAWSWfAwQB
WSaKAwQBWSiIAwQBvPFoAwQBvPG4MA0GCSqGSIb3DQEBCwUAA4IBAQBmAZMoJoOd
tXS1tIB80sOEYSuU/koWDLnQ+emeuTbJjiSQZYoTPk7RwyvPSDaLGCJIZpXrwFmY
lTwokm8CqpGqRHKNJE1HlhSq7QKqUDuLRKEXLOI0/wlKknvlAuAiqlCZwyvrvLjV
pZEa6VGtMH6Nn5TljtHfalj+EQwz83GjfEqeuCCvJklT9HZ/a8oiUTvDOe/JF8sI
yxKKUy76UIAnnR1DoNmD/BDtL831nh8Q4ETsbRnWDpLf1E+pY8LWlHu0mJzokr6w
AucKJ2WfmweboCiK3FyXjEtnDH415ndSGAPr5Um0F/9zFRSL70JjXOCKGAN1sACl
j5wHO9DKg9zq
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:15:17 2025 by rpki-client