Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/ruSnsHIoRf__VNQdOlftIpOTYMo.roa
File: ruSnsHIoRf__VNQdOlftIpOTYMo.roa (raw, json)
Hash identifier: a5VzTK9QuTb35mXak0y1htCjIoHxsPCRhBpuXgEnDy0=
Subject key identifier: AE:E4:A7:B0:72:28:45:FF:FF:54:D4:1D:3A:57:ED:22:93:93:60:CA
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 019425FC67BE0D819051164E7D26807EC225
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/ruSnsHIoRf__VNQdOlftIpOTYMo.roa
Signing time: Thu 02 Jan 2025 07:48:06 +0000
ROA not before: Thu 02 Jan 2025 07:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50130
IP address blocks: 31.129.224.0/22 maxlen: 22
31.129.224.0/23 maxlen: 23
31.129.224.0/24 maxlen: 24
31.129.225.0/24 maxlen: 24
31.129.226.0/23 maxlen: 23
31.129.226.0/24 maxlen: 24
31.129.227.0/24 maxlen: 24
31.129.228.0/23 maxlen: 23
31.129.228.0/24 maxlen: 24
31.129.229.0/24 maxlen: 24
31.129.234.0/24 maxlen: 24
31.129.240.0/23 maxlen: 23
31.129.242.0/23 maxlen: 23
31.129.252.0/22 maxlen: 22
31.129.252.0/23 maxlen: 23
31.129.252.0/24 maxlen: 24
31.129.253.0/24 maxlen: 24
31.129.254.0/23 maxlen: 23
31.129.254.0/24 maxlen: 24
31.129.255.0/24 maxlen: 24
213.5.192.0/24 maxlen: 24
213.5.193.0/24 maxlen: 24
213.5.194.0/24 maxlen: 24
213.5.195.0/24 maxlen: 24
213.5.196.0/22 maxlen: 22
213.5.198.0/23 maxlen: 23
213.5.198.0/24 maxlen: 24
213.5.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:67:be:0d:81:90:51:16:4e:7d:26:80:7e:c2:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 2 07:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aee4a7b0722845ffff54d41d3a57ed22939360ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ca:62:16:6a:0b:8f:fb:01:cf:cf:53:65:b1:
d9:7a:02:3f:7a:e5:35:aa:da:7d:35:de:17:88:02:
7b:1a:0a:fb:a6:b0:bd:58:0d:9f:4d:60:e2:1e:c6:
64:c5:3e:2e:ad:40:29:f4:66:83:d4:25:3c:85:7e:
b3:ff:4f:88:8b:65:fc:6b:53:73:bd:8f:b3:bc:01:
5b:fa:cc:5f:5c:7d:28:96:b0:3e:25:63:09:91:98:
09:85:c3:c2:77:f2:73:3e:1c:66:fc:ca:ee:b2:74:
5b:ed:27:5d:17:1a:3c:59:f9:47:ef:00:ed:91:0e:
6d:6b:3f:2b:52:60:ec:0f:bf:71:bf:16:ea:94:30:
e0:0d:ab:be:9a:2d:52:bd:c9:fb:58:71:70:7d:38:
c5:20:e7:a1:5f:93:c6:9b:74:89:56:5d:39:8b:98:
5c:38:43:39:f5:e6:6d:23:06:60:c2:7a:c5:32:05:
2d:5b:f5:88:79:af:bc:0b:a6:cc:03:65:f9:7e:2c:
85:14:67:fe:7e:0d:8a:ac:a8:3e:d7:7b:0b:b7:18:
8c:c2:9f:54:0d:f5:2f:d8:06:39:0c:58:97:22:86:
4c:e4:78:46:a7:e5:16:a7:ad:47:34:30:ce:19:0e:
05:04:7d:91:18:e8:7a:ac:a3:71:1b:82:37:3f:d1:
a6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:E4:A7:B0:72:28:45:FF:FF:54:D4:1D:3A:57:ED:22:93:93:60:CA
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/ruSnsHIoRf__VNQdOlftIpOTYMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.224.0-31.129.229.255
31.129.234.0/24
31.129.240.0/22
31.129.252.0/22
213.5.192.0/21
Signature Algorithm: sha256WithRSAEncryption
5b:5d:f7:41:43:a4:94:fd:85:03:d8:f2:a2:8d:bb:dc:d0:43:
54:fc:19:ac:46:09:f6:d7:64:e5:42:23:b8:dc:94:43:73:b8:
0e:06:e2:33:16:75:1b:6a:7c:ef:a4:00:1a:44:68:3f:0d:e2:
1a:62:19:bc:02:4a:f0:cf:fd:46:a7:9c:d2:a3:b7:f6:c5:43:
18:64:ee:78:c6:27:bd:59:98:83:8d:e8:e1:4e:49:38:21:ff:
f4:a0:44:3d:a5:90:b6:b8:b1:23:76:d4:86:e4:99:25:d9:c1:
e6:c0:ef:23:d9:77:58:e9:78:d5:e3:a3:74:9b:a2:81:34:e2:
0e:36:2f:17:10:45:6f:4a:8f:8b:99:a3:39:c3:58:e5:71:a0:
35:96:32:5d:55:3e:f3:d6:e4:fd:3f:a6:81:53:3e:b7:f8:3a:
2c:33:b2:09:74:42:42:3e:09:77:71:f7:25:ff:6c:be:11:da:
90:5c:ab:bd:b9:c7:ef:26:c6:40:f0:e1:f4:b3:81:49:5b:da:
10:32:c7:42:14:6e:03:86:2f:81:2f:b3:74:a3:4d:05:03:7e:
0f:36:58:0f:14:b9:17:31:9d:19:4b:24:39:13:b0:a5:89:25:
c6:28:e1:54:37:93:f8:c2:03:ce:f1:9b:ba:64:f1:f5:fd:36:
a0:f0:d3:bc
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQl/Ge+DYGQURZOfSaAfsIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjUwMTAyMDc0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWU0YTdiMDcyMjg0NWZmZmY1NGQ0MWQzYTU3ZWQyMjkzOTM2MGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cpiFmoLj/sBz89TZbHZegI/euU1
qtp9Nd4XiAJ7Ggr7prC9WA2fTWDiHsZkxT4urUAp9GaD1CU8hX6z/0+Ii2X8a1Nz
vY+zvAFb+sxfXH0olrA+JWMJkZgJhcPCd/JzPhxm/MrusnRb7SddFxo8WflH7wDt
kQ5taz8rUmDsD79xvxbqlDDgDau+mi1Svcn7WHFwfTjFIOehX5PGm3SJVl05i5hc
OEM59eZtIwZgwnrFMgUtW/WIea+8C6bMA2X5fiyFFGf+fg2KrKg+13sLtxiMwp9U
DfUv2AY5DFiXIoZM5HhGp+UWp61HNDDOGQ4FBH2RGOh6rKNxG4I3P9GmxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFK7kp7ByKEX//1TUHTpX7SKTk2DKMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvcnVTbnNISW9SZl9fVk5RZE9sZnRJcE9UWU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAUfgeAD
BAEfgeQDBAAfgeoDBAIfgfADBAIfgfwDBAPVBcAwDQYJKoZIhvcNAQELBQADggEB
AFtd90FDpJT9hQPY8qKNu9zQQ1T8GaxGCfbXZOVCI7jclENzuA4G4jMWdRtqfO+k
ABpEaD8N4hpiGbwCSvDP/UannNKjt/bFQxhk7njGJ71ZmION6OFOSTgh//SgRD2l
kLa4sSN21IbkmSXZwebA7yPZd1jpeNXjo3SbooE04g42LxcQRW9Kj4uZoznDWOVx
oDWWMl1VPvPW5P0/poFTPrf4Oiwzsgl0QkI+CXdx9yX/bL4R2pBcq725x+8mxkDw
4fSzgUlb2hAyx0IUbgOGL4Evs3SjTQUDfg82WA8UuRcxnRlLJDkTsKWJJcYo4VQ3
k/jCA87xm7pk8fX9NqDw07w=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:28 2025 by rpki-client