Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/YbiVbFuXcTmnqDJPuqbutg5azlI.roa
File: YbiVbFuXcTmnqDJPuqbutg5azlI.roa (raw, json)
Hash identifier: suv2Xv3nrxD/FlkPKIbbU1EFp7k8UcHgjFF/BnohR4s=
Subject key identifier: 61:B8:95:6C:5B:97:71:39:A7:A8:32:4F:BA:A6:EE:B6:0E:5A:CE:52
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019D24CEB1271800F3294A07ECA676DFC896
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/YbiVbFuXcTmnqDJPuqbutg5azlI.roa
Signing time: Wed 25 Mar 2026 11:43:38 +0000
ROA not before: Wed 25 Mar 2026 11:43:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44112
IP address blocks: 31.177.82.0/23 maxlen: 24
77.222.32.0/24 maxlen: 24
77.222.35.0/24 maxlen: 24
77.222.36.0/22 maxlen: 24
77.222.40.0/21 maxlen: 24
77.222.48.0/20 maxlen: 24
77.222.48.0/23 maxlen: 24
80.93.52.0/24 maxlen: 24
80.93.60.0/22 maxlen: 24
168.222.140.0/23 maxlen: 23
2a02:408:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 20:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:ce:b1:27:18:00:f3:29:4a:07:ec:a6:76:df:c8:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 25 11:43:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=61b8956c5b977139a7a8324fbaa6eeb60e5ace52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8d:2e:f9:45:0a:a1:85:0e:96:09:2b:c0:4d:
c9:33:b8:bb:bc:c2:11:cf:90:3e:b6:81:06:03:03:
8e:67:ca:0f:c2:41:53:88:b5:39:99:9c:32:a7:97:
7a:3c:f0:5e:64:74:1e:96:18:9e:b8:fc:4c:88:aa:
b4:33:f9:69:bf:da:3f:43:08:74:5e:77:fe:07:36:
09:fc:83:e2:86:a5:70:a5:a2:cc:fc:94:c8:22:94:
97:c0:cd:43:6a:c4:12:2e:02:e2:df:84:e2:21:12:
3b:20:0b:02:17:72:2d:8e:0f:b6:c9:21:22:a3:78:
23:1b:78:13:f0:05:16:7a:c2:e4:43:68:fe:0a:0f:
7a:a3:c0:d1:93:0f:0b:0c:7c:e1:ea:ae:d0:40:3e:
94:1d:83:df:12:ef:8f:9b:50:a9:3b:d3:60:8d:67:
3a:11:b0:02:62:fd:60:1e:30:c6:2d:92:3e:24:3d:
4f:69:1a:17:93:fc:82:b3:86:de:c2:db:56:cd:5a:
92:de:06:f1:a8:65:d5:67:48:8b:9d:9a:18:3e:5c:
62:fc:a9:54:b3:5e:60:b2:91:27:79:6f:a7:c3:89:
dd:58:ec:1b:09:9b:46:72:43:35:a6:a2:26:aa:ff:
3a:63:62:ec:72:47:89:d5:b3:94:b5:ba:fe:00:1a:
5f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:B8:95:6C:5B:97:71:39:A7:A8:32:4F:BA:A6:EE:B6:0E:5A:CE:52
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/YbiVbFuXcTmnqDJPuqbutg5azlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.82.0/23
77.222.32.0/24
77.222.35.0-77.222.63.255
80.93.52.0/24
80.93.60.0/22
168.222.140.0/23
IPv6:
2a02:408:7722::/48
Signature Algorithm: sha256WithRSAEncryption
22:35:52:2b:76:f3:09:8a:00:2e:0f:91:8b:ef:bd:83:be:83:
cd:d9:99:1e:7a:15:f3:f9:8b:f5:63:eb:11:9a:30:70:fa:f7:
c1:97:8e:5e:0f:49:85:5a:3c:ff:1a:b6:12:10:c1:13:e2:47:
43:29:0e:d4:fd:fe:0d:4e:fa:1f:d9:d8:66:3b:40:ab:01:e1:
c6:56:ed:f2:f7:4a:b1:88:6d:8b:c3:f9:8a:3e:23:a1:f1:9a:
48:d5:ee:57:a4:53:45:70:e1:8b:06:c5:69:cd:1e:bf:c0:42:
61:6d:ef:77:3b:3b:a5:d4:fc:83:66:5d:c1:d7:c1:06:6d:41:
ee:e2:73:d4:70:5a:a2:e1:74:04:6e:84:f8:49:16:d8:ee:ac:
cd:9b:01:e0:38:87:22:d4:3a:6d:20:18:80:e6:2d:0c:24:08:
cc:24:be:62:82:53:e1:21:69:b6:92:6e:4e:30:89:64:fd:80:
53:60:3c:50:9e:c2:85:ca:b4:a1:05:df:3f:9d:82:04:b8:8c:
5c:eb:1f:78:a1:74:c7:73:41:ee:c2:07:97:09:a7:f5:80:ef:
a4:aa:e4:8b:e2:e8:e6:9f:e4:3b:a9:e7:a6:58:90:31:c1:e8:
36:02:4c:9f:87:ea:04:9a:b8:42:fc:1c:d8:cc:af:56:d0:c5:
27:10:91:79
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAZ0kzrEnGADzKUoH7KZ238iWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwMzI1MTE0MzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWI4OTU2YzViOTc3MTM5YTdhODMyNGZiYWE2ZWViNjBlNWFjZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp40u+UUKoYUOlgkrwE3JM7i7vMIR
z5A+toEGAwOOZ8oPwkFTiLU5mZwyp5d6PPBeZHQelhieuPxMiKq0M/lpv9o/Qwh0
Xnf+BzYJ/IPihqVwpaLM/JTIIpSXwM1DasQSLgLi34TiIRI7IAsCF3Itjg+2ySEi
o3gjG3gT8AUWesLkQ2j+Cg96o8DRkw8LDHzh6q7QQD6UHYPfEu+Pm1CpO9NgjWc6
EbACYv1gHjDGLZI+JD1PaRoXk/yCs4bewttWzVqS3gbxqGXVZ0iLnZoYPlxi/KlU
s15gspEneW+nw4ndWOwbCZtGckM1pqImqv86Y2LsckeJ1bOUtbr+ABpfuQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFGG4lWxbl3E5p6gyT7qm7rYOWs5SMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvWWJpVmJGdVhjVG1ucURKUHVxYnV0ZzVhemxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsAwQBH7FSAwQA
Td4gMAwDBABN3iMDBAZN3gADBABQXTQDBAJQXTwDBAGo3owwDwQCAAIwCQMHACoC
BAh3IjANBgkqhkiG9w0BAQsFAAOCAQEAIjVSK3bzCYoALg+Ri++9g76DzdmZHnoV
8/mL9WPrEZowcPr3wZeOXg9JhVo8/xq2EhDBE+JHQykO1P3+DU76H9nYZjtAqwHh
xlbt8vdKsYhti8P5ij4jofGaSNXuV6RTRXDhiwbFac0ev8BCYW3vdzs7pdT8g2Zd
wdfBBm1B7uJz1HBaouF0BG6E+EkW2O6szZsB4DiHItQ6bSAYgOYtDCQIzCS+YoJT
4SFptpJuTjCJZP2AU2A8UJ7Chcq0oQXfP52CBLiMXOsfeKF0x3NB7sIHlwmn9YDv
pKrki+Lo5p/kO6nnpliQMcHoNgJMn4fqBJq4Qvwc2MyvVtDFJxCReQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:48:24 2026 by rpki-client