Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/_hMBChRNkf58hpBhY7tv3hze2PY.roa
File: _hMBChRNkf58hpBhY7tv3hze2PY.roa (raw, json)
Hash identifier: yasJknKp5lFegxLDOt4vURuuinaYS7fHqYEy4jDR1Qk=
Subject key identifier: FE:13:01:0A:14:4D:91:FE:7C:86:90:61:63:BB:6F:DE:1C:DE:D8:F6
Certificate issuer: /CN=1056bcd426fd87cd6f4147e133216d03112b181b
Certificate serial: 019422FC3514F9F58F7AD8E0FF7E8CA4221C
Authority key identifier: 10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/_hMBChRNkf58hpBhY7tv3hze2PY.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57235
IP address blocks: 81.31.224.0/22 maxlen: 24
81.31.228.0/23 maxlen: 24
81.31.230.0/24 maxlen: 24
81.31.233.0/24 maxlen: 24
81.31.236.0/22 maxlen: 24
81.31.236.0/24 maxlen: 24
81.31.238.0/24 maxlen: 24
81.31.240.0/23 maxlen: 24
81.31.248.0/22 maxlen: 24
81.31.250.0/24 maxlen: 24
81.31.251.0/24 maxlen: 24
2a05:a6c0::/56 maxlen: 64
2a05:a6c7:ffff:ff00::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.mft
rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:14:f9:f5:8f:7a:d8:e0:ff:7e:8c:a4:22:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1056bcd426fd87cd6f4147e133216d03112b181b
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe13010a144d91fe7c86906163bb6fde1cded8f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5f:a0:41:6e:42:28:8f:bc:12:b3:b2:a1:7d:
54:0d:2b:cc:9f:08:06:81:fb:51:84:52:66:ac:81:
bd:4c:72:04:76:18:9a:af:10:63:fa:c2:04:b3:c6:
d0:e5:2c:9e:78:43:a2:ae:38:af:e2:b1:14:48:0a:
a6:3f:34:6b:89:6b:32:31:42:b9:67:40:ad:10:33:
f2:b0:51:d6:2a:46:d9:f4:26:6f:99:80:6c:6e:b2:
d5:82:7e:1a:61:3d:85:07:2a:72:f8:54:05:76:7e:
30:e0:f9:e0:f9:41:61:80:77:98:02:ea:f3:c8:04:
fb:70:6a:79:0a:62:01:75:63:65:88:5e:af:ca:80:
06:32:cb:3b:a5:e0:e3:23:b5:a4:aa:59:2a:a9:37:
de:ad:41:46:75:ba:15:9d:62:64:0c:96:2e:5e:b9:
2f:67:9c:bb:ad:fa:b0:1e:32:70:19:3f:08:58:7a:
09:4d:df:a9:c5:0c:19:51:00:6f:92:42:d8:3e:e9:
f8:41:5a:b1:f0:64:68:4a:e1:44:5f:ce:63:7d:a4:
9f:16:5e:03:e8:9f:a8:5f:39:a5:da:70:f2:b5:09:
57:ca:0e:5b:66:0f:3e:21:1f:33:c6:44:3d:23:f0:
1c:82:e4:12:07:1d:c2:a9:5c:34:8e:e7:3a:d5:50:
05:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:13:01:0A:14:4D:91:FE:7C:86:90:61:63:BB:6F:DE:1C:DE:D8:F6
X509v3 Authority Key Identifier:
keyid:10:56:BC:D4:26:FD:87:CD:6F:41:47:E1:33:21:6D:03:11:2B:18:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EFa81Cb9h81vQUfhMyFtAxErGBs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/_hMBChRNkf58hpBhY7tv3hze2PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e6f4e4-68bb-4496-90c7-aa859e192b16/1/EFa81Cb9h81vQUfhMyFtAxErGBs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.224.0-81.31.230.255
81.31.233.0/24
81.31.236.0-81.31.241.255
81.31.248.0/22
IPv6:
2a05:a6c0::/56
2a05:a6c7:ffff:ff00::/56
Signature Algorithm: sha256WithRSAEncryption
1a:7c:81:4a:36:4b:6a:c0:e4:35:8a:5d:06:74:5f:d5:4f:f5:
55:55:89:18:f2:5e:df:57:ed:28:4d:90:d4:a2:65:fd:cf:b1:
9b:b5:9b:db:d3:9a:5c:c7:ca:cf:3c:dc:9d:1f:19:ed:5d:ac:
27:d0:72:c5:e3:bc:48:36:52:53:af:66:e1:74:81:3a:27:91:
74:7d:9d:b9:cc:0b:8f:d7:40:80:ed:a0:00:0d:f5:52:87:e9:
e8:68:10:74:33:5f:29:5e:e6:b0:28:9b:d3:8b:87:e4:52:80:
8a:33:90:e8:08:37:72:2f:f1:2a:87:09:b1:96:6f:68:3c:05:
40:7a:5d:f7:d9:24:18:f4:ff:de:ec:1a:b7:d9:e1:83:4a:57:
48:6c:87:ae:51:7b:46:00:8b:a8:9a:cb:85:57:fe:f1:d3:92:
02:49:24:6a:39:57:02:01:9c:1b:f6:95:87:84:d4:62:6b:5d:
db:88:69:b3:32:50:a1:d5:07:16:97:20:2b:ec:16:16:60:7e:
9c:29:ba:bd:83:d9:be:66:39:78:44:41:01:f6:49:92:40:ad:
4a:49:6c:bb:a4:10:eb:3f:02:20:44:f8:b6:73:a4:56:19:af:
b8:98:30:2d:00:ba:84:6d:eb:94:37:7a:ad:ca:42:64:59:e1:
82:af:83:10
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQi/DUU+fWPetjg/36MpCIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNTZiY2Q0MjZmZDg3Y2Q2ZjQxNDdlMTMzMjE2ZDAzMTEy
YjE4MWIwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTEzMDEwYTE0NGQ5MWZlN2M4NjkwNjE2M2JiNmZkZTFjZGVkOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvV+gQW5CKI+8ErOyoX1UDSvMnwgG
gftRhFJmrIG9THIEdhiarxBj+sIEs8bQ5SyeeEOirjiv4rEUSAqmPzRriWsyMUK5
Z0CtEDPysFHWKkbZ9CZvmYBsbrLVgn4aYT2FBypy+FQFdn4w4Png+UFhgHeYAurz
yAT7cGp5CmIBdWNliF6vyoAGMss7peDjI7WkqlkqqTferUFGdboVnWJkDJYuXrkv
Z5y7rfqwHjJwGT8IWHoJTd+pxQwZUQBvkkLYPun4QVqx8GRoSuFEX85jfaSfFl4D
6J+oXzml2nDytQlXyg5bZg8+IR8zxkQ9I/AcguQSBx3CqVw0juc61VAF3QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFP4TAQoUTZH+fIaQYWO7b94c3tj2MB8GA1UdIwQY
MBaAFBBWvNQm/YfNb0FH4TMhbQMRKxgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzct
YWE4NTllMTkyYjE2LzEvX2hNQkNoUk5rZjU4aHBCaFk3dHYzaHplMlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNmY0ZTQtNjhiYi00NDk2LTkwYzctYWE4NTllMTkyYjE2
LzEvRUZhODFDYjloODF2UVVmaE15RnRBeEVyR0JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAuBAIAATAoMAwDBAVRH+AD
BABRH+YDBABRH+kwDAMEAlEf7AMEAVEf8AMEAlEf+DAaBAIAAjAUAwgAKgWmwAAA
AAMIACoFpsf///8wDQYJKoZIhvcNAQELBQADggEBABp8gUo2S2rA5DWKXQZ0X9VP
9VVViRjyXt9X7ShNkNSiZf3PsZu1m9vTmlzHys883J0fGe1drCfQcsXjvEg2UlOv
ZuF0gTonkXR9nbnMC4/XQIDtoAAN9VKH6ehoEHQzXyle5rAom9OLh+RSgIozkOgI
N3Iv8SqHCbGWb2g8BUB6XffZJBj0/97sGrfZ4YNKV0hsh65Re0YAi6iay4VX/vHT
kgJJJGo5VwIBnBv2lYeE1GJrXduIabMyUKHVBxaXICvsFhZgfpwpur2D2b5mOXhE
QQH2SZJArUpJbLukEOs/AiBE+LZzpFYZr7iYMC0AuoRt65Q3eq3KQmRZ4YKvgxA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:02:48 2025 by rpki-client