Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/AFVAjCiROQ32Z_efvRaORNpa2fQ.roa
File: AFVAjCiROQ32Z_efvRaORNpa2fQ.roa (raw, json)
Hash identifier: STiLszZIpw1MlrUzOI5Ii3ZfZdoAbfQenvPasDTHJCA=
Subject key identifier: 00:55:40:8C:28:91:39:0D:F6:67:F7:9F:BD:16:8E:44:DA:5A:D9:F4
Certificate issuer: /CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9
Certificate serial: 01941FFA02C19D17CF8C575E0001CA6BEAB1
Authority key identifier: BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/AFVAjCiROQ32Z_efvRaORNpa2fQ.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57718
IP address blocks: 31.135.160.0/23 maxlen: 23
31.135.162.0/24 maxlen: 24
31.135.163.0/24 maxlen: 24
31.135.164.0/23 maxlen: 23
31.135.166.0/24 maxlen: 24
31.135.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 03:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:02:c1:9d:17:cf:8c:57:5e:00:01:ca:6b:ea:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0055408c2891390df667f79fbd168e44da5ad9f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:df:2b:73:fe:d6:9f:36:20:09:01:a3:09:bd:
1b:87:93:50:49:ee:fc:b4:40:15:b6:bd:51:d6:7b:
d6:cd:b9:2b:42:fc:43:e2:71:b0:32:56:53:97:35:
e3:3c:b1:ea:9c:52:0f:68:84:e6:1b:2a:8c:52:2d:
43:d1:9a:39:fa:6e:d5:41:31:df:ab:b8:f6:74:72:
00:fc:8b:11:85:62:d9:22:32:cf:9e:15:d7:9b:17:
52:ec:a9:b5:1f:37:b4:3f:9a:b4:21:3e:8f:98:c1:
6b:8e:c3:d8:98:df:49:50:6a:9b:24:23:17:f6:8c:
9b:54:25:df:65:33:72:6a:61:4e:10:51:ce:fd:39:
b1:c4:d2:bc:28:46:66:b0:d8:61:3f:c2:01:b4:a1:
98:1f:75:0d:ae:a2:31:3f:7e:e9:1f:c2:e1:14:a2:
a1:de:89:c7:d9:af:75:33:21:9b:36:33:37:af:07:
b0:21:5c:50:fa:90:78:3b:68:31:b1:27:0b:e3:86:
a8:8d:e2:e1:c0:9b:09:d0:21:32:5d:3e:3f:3f:90:
d2:30:d6:61:10:b3:61:f6:1b:3b:db:73:a0:a2:90:
d8:d9:8b:18:d1:d0:d0:16:04:4e:fb:1f:d1:89:d4:
4a:2c:80:81:8b:58:23:55:c8:c9:32:c5:07:a7:9d:
00:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:55:40:8C:28:91:39:0D:F6:67:F7:9F:BD:16:8E:44:DA:5A:D9:F4
X509v3 Authority Key Identifier:
keyid:BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/AFVAjCiROQ32Z_efvRaORNpa2fQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.160.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:d7:df:92:b4:dc:4f:b4:37:13:b6:e4:2f:46:61:9d:08:1d:
1e:ae:ee:66:36:ce:ee:3f:28:24:7b:42:1d:91:45:7a:a5:c7:
e0:d9:ca:3a:f9:81:dd:f4:25:cf:2d:a4:be:b2:f0:39:ad:cf:
4f:1c:ef:30:6c:cb:27:55:47:3e:2a:c8:6d:51:f5:9d:01:00:
36:60:b8:f8:a3:d1:99:ad:13:c8:52:a6:04:39:d1:df:53:5f:
92:a5:89:7d:1a:65:48:22:bc:12:39:21:c4:fd:72:49:55:fc:
2a:56:be:68:89:92:46:a6:67:10:4a:98:bc:c3:37:26:a3:7e:
50:83:7d:14:07:dc:1e:2c:d9:e1:b0:57:70:a7:b6:53:7c:c4:
d9:72:0e:63:72:b2:b5:4b:60:9e:ec:be:67:17:67:8d:f1:07:
06:39:a3:ad:f4:42:6c:dc:c5:13:26:c2:9f:2d:7c:f6:a5:c8:
6e:b5:eb:d8:09:f5:18:d1:9b:9b:00:54:44:be:ae:ee:72:cd:
48:f0:82:00:7a:fd:ae:d0:d8:5d:c2:93:44:c6:62:be:31:80:
2d:79:6f:d0:ac:64:5e:71:86:75:3b:89:d6:a7:2e:9d:85:39:
74:57:ea:09:e7:c2:63:ae:e1:4f:93:34:b1:f5:18:0e:ed:bc:
39:c4:8b:c8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+gLBnRfPjFdeAAHKa+qxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjI0ZGY0YTdjOWFhMjEzMWQ4NTc1MDNiOTNkNjBmN2Zi
NTFiZDkwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU1NDA4YzI4OTEzOTBkZjY2N2Y3OWZiZDE2OGU0NGRhNWFkOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN8rc/7WnzYgCQGjCb0bh5NQSe78
tEAVtr1R1nvWzbkrQvxD4nGwMlZTlzXjPLHqnFIPaITmGyqMUi1D0Zo5+m7VQTHf
q7j2dHIA/IsRhWLZIjLPnhXXmxdS7Km1Hze0P5q0IT6PmMFrjsPYmN9JUGqbJCMX
9oybVCXfZTNyamFOEFHO/TmxxNK8KEZmsNhhP8IBtKGYH3UNrqIxP37pH8LhFKKh
3onH2a91MyGbNjM3rwewIVxQ+pB4O2gxsScL44aojeLhwJsJ0CEyXT4/P5DSMNZh
ELNh9hs723OgopDY2YsY0dDQFgRO+x/RidRKLICBi1gjVcjJMsUHp50AVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABVQIwokTkN9mf3n70WjkTaWtn0MB8GA1UdIwQY
MBaAFL2yTfSnyaohMdhXUDuT1g9/tRvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAt
ZDMwYWViMWMyMGNhLzEvQUZWQWpDaVJPUTMyWl9lZnZSYU9STnBhMmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAtZDMwYWViMWMyMGNh
LzEvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4egMA0G
CSqGSIb3DQEBCwUAA4IBAQBt19+StNxPtDcTtuQvRmGdCB0eru5mNs7uPygke0Id
kUV6pcfg2co6+YHd9CXPLaS+svA5rc9PHO8wbMsnVUc+KshtUfWdAQA2YLj4o9GZ
rRPIUqYEOdHfU1+SpYl9GmVIIrwSOSHE/XJJVfwqVr5oiZJGpmcQSpi8wzcmo35Q
g30UB9weLNnhsFdwp7ZTfMTZcg5jcrK1S2Ce7L5nF2eN8QcGOaOt9EJs3MUTJsKf
LXz2pchutevYCfUY0ZubAFREvq7ucs1I8IIAev2u0NhdwpNExmK+MYAteW/QrGRe
cYZ1O4nWpy6dhTl0V+oJ58JjruFPkzSx9RgO7bw5xIvI
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:36:31 2025 by rpki-client