Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/VnfmYpagOMSnMW3c4wpTKyGNbjI.roa
File: VnfmYpagOMSnMW3c4wpTKyGNbjI.roa (raw, json)
Hash identifier: wuiRGECVyacIwo3VPKJG3JG7UFPjwzGsCg5LU4aE8Rg=
Subject key identifier: 56:77:E6:62:96:A0:38:C4:A7:31:6D:DC:E3:0A:53:2B:21:8D:6E:32
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 019777C57121FC6A7396716ACA48F3B044CB
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/VnfmYpagOMSnMW3c4wpTKyGNbjI.roa
Signing time: Mon 16 Jun 2025 08:05:17 +0000
ROA not before: Mon 16 Jun 2025 08:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.22.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
159.117.226.0/24 maxlen: 24
159.117.227.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.181.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.184.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
216.252.186.0/24 maxlen: 24
216.252.187.0/24 maxlen: 24
216.252.189.0/24 maxlen: 24
216.252.190.0/24 maxlen: 24
216.252.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:77:c5:71:21:fc:6a:73:96:71:6a:ca:48:f3:b0:44:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jun 16 08:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5677e66296a038c4a7316ddce30a532b218d6e32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fe:35:15:b6:52:25:5c:8e:fb:a1:be:78:da:
74:d3:2c:34:bf:7a:ed:ec:83:5e:8b:84:68:38:96:
18:5b:72:2c:0e:51:42:f1:76:27:68:a1:db:e1:20:
51:00:e5:46:35:88:47:0c:99:2e:11:4c:23:7c:f3:
fb:a9:46:eb:0b:75:7b:56:83:08:4f:9f:04:3a:31:
7a:2b:7a:50:fb:22:63:f3:5e:23:c1:94:bc:a2:ce:
3f:55:78:6e:31:fb:c6:c6:0a:1f:86:25:1c:40:2e:
f6:d7:db:28:1d:53:8a:86:11:d5:7c:75:d9:60:40:
73:ed:84:88:55:92:b8:bb:e8:83:f0:b1:30:e1:0f:
bc:f1:8d:f2:08:6c:5d:93:61:e5:bb:ae:13:66:39:
b5:f3:33:5d:74:8f:45:bb:66:06:88:bc:e8:19:a7:
ec:d7:52:05:90:a9:df:a8:d6:56:c1:20:13:57:4a:
0c:86:83:a4:ba:c9:da:0a:71:50:23:81:2f:53:f2:
86:08:27:eb:63:11:31:1a:68:a1:33:24:a3:0b:42:
fd:eb:0a:0b:7f:e1:c1:66:a6:fa:c6:bf:73:2a:a5:
97:96:19:5d:bf:87:3c:73:6c:a6:07:f9:24:62:a4:
53:7b:19:4a:37:80:6e:f7:3b:30:94:9a:3d:db:73:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:77:E6:62:96:A0:38:C4:A7:31:6D:DC:E3:0A:53:2B:21:8D:6E:32
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/VnfmYpagOMSnMW3c4wpTKyGNbjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.31.255
159.117.226.0/23
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.187.255
216.252.189.0-216.252.191.255
Signature Algorithm: sha256WithRSAEncryption
39:0f:ba:bb:64:7c:57:9e:7c:62:2c:08:ec:21:c3:61:ed:62:
0d:31:7c:11:16:c7:96:5b:06:32:b1:7a:54:50:c7:9b:6f:cf:
f5:ec:ce:24:ec:46:5f:e5:f8:77:d3:ff:77:da:e4:fc:14:cf:
e2:de:21:e8:08:5b:d2:a4:24:4a:d6:94:1e:30:45:86:f9:ae:
7c:a7:97:4c:06:66:71:76:e1:41:18:8f:88:e9:79:1f:8f:fa:
0e:0d:bf:2f:95:cf:bf:1e:b6:3c:44:9b:19:11:43:cd:83:02:
62:26:9b:c8:ad:56:aa:ef:ab:07:0f:7e:40:da:be:8f:ee:21:
7b:2f:de:c8:49:fa:c1:56:26:2d:74:10:5e:35:a7:b8:2d:8c:
3f:e0:30:a9:89:03:f9:89:67:ae:98:99:04:2e:a3:1c:cf:16:
33:cd:da:de:a9:fd:a2:88:12:1c:c7:e0:ba:d1:0b:1e:5d:e0:
46:b2:88:8f:6c:d2:35:36:2d:d2:07:6c:66:6c:81:ae:ce:c3:
c6:2a:2a:6e:10:25:af:a7:b8:04:66:1a:ea:b6:0b:a9:f4:e6:
8e:a0:55:89:a7:76:4a:c3:f2:76:5b:16:12:26:0d:c2:27:35:
ef:0a:90:23:8f:76:19:7b:68:7d:f0:93:26:f8:12:ae:c8:87:
d5:e2:02:79
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZd3xXEh/GpzlnFqykjzsETLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwNjE2MDgwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Njc3ZTY2Mjk2YTAzOGM0YTczMTZkZGNlMzBhNTMyYjIxOGQ2ZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P41FbZSJVyO+6G+eNp00yw0v3rt
7INei4RoOJYYW3IsDlFC8XYnaKHb4SBRAOVGNYhHDJkuEUwjfPP7qUbrC3V7VoMI
T58EOjF6K3pQ+yJj814jwZS8os4/VXhuMfvGxgofhiUcQC7219soHVOKhhHVfHXZ
YEBz7YSIVZK4u+iD8LEw4Q+88Y3yCGxdk2Hlu64TZjm18zNddI9Fu2YGiLzoGafs
11IFkKnfqNZWwSATV0oMhoOkusnaCnFQI4EvU/KGCCfrYxExGmihMySjC0L96woL
f+HBZqb6xr9zKqWXlhldv4c8c2ymB/kkYqRTexlKN4Bu9zswlJo923NC1QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFFZ35mKWoDjEpzFt3OMKUyshjW4yMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEvVm5mbVlwYWdPTVNuTVczYzR3cFRLeUdOYmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBVf8QMAwD
BABV/xMDBAVV/wADBAGfdeIDBAK5cngDBAXRzgAwDAMEANj8sQMEAtj8uDAMAwQA
2Py9AwQG2PyAMA0GCSqGSIb3DQEBCwUAA4IBAQA5D7q7ZHxXnnxiLAjsIcNh7WIN
MXwRFseWWwYysXpUUMebb8/17M4k7EZf5fh30/932uT8FM/i3iHoCFvSpCRK1pQe
MEWG+a58p5dMBmZxduFBGI+I6Xkfj/oODb8vlc+/HrY8RJsZEUPNgwJiJpvIrVaq
76sHD35A2r6P7iF7L97ISfrBViYtdBBeNae4LYw/4DCpiQP5iWeumJkELqMczxYz
zdreqf2iiBIcx+C60QseXeBGsoiPbNI1Ni3SB2xmbIGuzsPGKipuECWvp7gEZhrq
tgup9OaOoFWJp3ZKw/J2WxYSJg3CJzXvCpAjj3YZe2h98JMm+BKuyIfV4gJ5
-----END CERTIFICATE-----
Generated at Sun Jun 29 15:45:27 2025 by rpki-client