Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/FnA6f4DOd265nGzqUSApRurvL20.roa
File: FnA6f4DOd265nGzqUSApRurvL20.roa (raw, json)
Hash identifier: CKai/Ita+qQk4qWCNkCUXx6BxPFuVd8UKoy7z8Mf368=
Subject key identifier: 16:70:3A:7F:80:CE:77:6E:B9:9C:6C:EA:51:20:29:46:EA:EF:2F:6D
Certificate issuer: /CN=cf184140cd1a223f638b7996f5489f485d8ee627
Certificate serial: 0195F1B29E2241E19FEB884AEE5247A295ED
Authority key identifier: CF:18:41:40:CD:1A:22:3F:63:8B:79:96:F5:48:9F:48:5D:8E:E6:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxhBQM0aIj9ji3mW9UifSF2O5ic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/FnA6f4DOd265nGzqUSApRurvL20.roa
Signing time: Tue 01 Apr 2025 14:12:49 +0000
ROA not before: Tue 01 Apr 2025 14:12:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215457
IP address blocks: 31.128.56.0/22 maxlen: 22
31.128.56.0/24 maxlen: 24
31.128.57.0/24 maxlen: 24
31.128.58.0/24 maxlen: 24
31.128.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/zxhBQM0aIj9ji3mW9UifSF2O5ic.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/zxhBQM0aIj9ji3mW9UifSF2O5ic.mft
rsync://rpki.ripe.net/repository/DEFAULT/zxhBQM0aIj9ji3mW9UifSF2O5ic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f1:b2:9e:22:41:e1:9f:eb:88:4a:ee:52:47:a2:95:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf184140cd1a223f638b7996f5489f485d8ee627
Validity
Not Before: Apr 1 14:12:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16703a7f80ce776eb99c6cea51202946eaef2f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ef:fd:95:ea:27:f2:bd:0f:5a:3e:b2:1b:19:
44:76:e8:ec:96:98:02:0e:c4:c4:c2:3a:b0:48:5e:
85:38:0a:7f:6b:5b:07:06:29:ea:9f:37:26:b3:a8:
7e:56:c5:c2:e8:46:df:27:fc:f3:79:6b:97:80:e8:
81:ef:e2:e6:6d:0f:bb:c3:9c:e7:da:25:b2:4c:43:
0c:19:46:d1:aa:03:cc:a5:e2:b5:58:6e:62:a4:d9:
b1:88:cd:b4:0e:c7:ef:33:d6:74:ed:cb:e8:b1:e4:
c4:36:61:27:85:e5:af:ce:95:cc:35:4f:5f:2d:1b:
8f:d5:48:2e:58:ba:e3:70:6d:b7:cf:e3:86:3d:0e:
00:9a:4c:52:40:e9:ed:6d:01:a5:1e:ec:5f:92:fc:
d3:33:c9:0f:a1:8d:21:3c:90:c1:82:9f:01:43:d0:
f3:eb:7e:7c:0a:42:d5:38:7a:0c:7a:31:87:25:3c:
56:34:82:f1:4d:f8:04:59:00:2a:9f:06:dd:c2:70:
bd:60:85:df:78:73:6d:57:da:a3:24:1f:a9:a2:a4:
27:b1:f7:f7:18:4e:0e:c1:05:2d:27:35:07:a6:8b:
78:b1:aa:e6:41:7d:eb:c4:60:df:6c:f4:ae:54:b6:
0e:bd:99:09:40:e8:77:c2:41:f5:85:b6:29:e6:0d:
fa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:70:3A:7F:80:CE:77:6E:B9:9C:6C:EA:51:20:29:46:EA:EF:2F:6D
X509v3 Authority Key Identifier:
keyid:CF:18:41:40:CD:1A:22:3F:63:8B:79:96:F5:48:9F:48:5D:8E:E6:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxhBQM0aIj9ji3mW9UifSF2O5ic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/FnA6f4DOd265nGzqUSApRurvL20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/07bf29-07d1-4daf-b3bb-cbfb2c7fbadd/1/zxhBQM0aIj9ji3mW9UifSF2O5ic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.56.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:36:fd:fb:8d:88:41:41:56:2c:06:7a:ed:50:91:8f:5e:d3:
2a:46:a9:6f:bb:23:37:33:57:17:87:d0:e2:63:50:e5:6c:0d:
27:ba:52:8e:f7:89:bb:c3:91:e3:b6:b2:76:91:5e:3f:59:37:
37:d2:d8:4b:bc:b2:2f:63:c1:6f:96:87:dc:7b:62:3e:90:78:
d4:ce:56:f3:2a:22:3a:81:76:19:aa:93:4a:08:2b:56:b9:78:
37:4d:ea:1d:d1:7a:f3:33:ff:d1:f0:26:ae:3f:71:05:34:a0:
82:90:e0:63:04:73:80:02:6d:b0:7b:19:a6:f4:e3:51:d9:26:
10:76:e3:b4:8c:9e:5b:fa:a9:2e:ab:bd:e0:fd:e4:0c:b7:32:
87:8a:80:6d:c2:42:29:61:b1:9e:74:93:a1:2f:50:a9:7e:4e:
6e:5e:72:b4:86:84:82:1a:7e:26:b5:15:e1:fd:52:04:80:75:
4d:e8:71:ef:8a:e9:a2:78:d5:32:d3:ed:7f:cb:11:8e:06:c0:
bf:89:ce:e1:db:97:65:9f:98:c8:ac:31:1b:6c:db:ed:28:82:
de:dd:46:18:3b:14:9d:a2:35:38:ff:4f:8d:78:03:fc:a7:e5:
9d:ac:7b:42:1c:73:32:a5:0b:38:ef:83:c0:8c:32:88:2b:f1:
64:9f:a8:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXxsp4iQeGf64hK7lJHopXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMTg0MTQwY2QxYTIyM2Y2MzhiNzk5NmY1NDg5ZjQ4NWQ4
ZWU2MjcwHhcNMjUwNDAxMTQxMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjcwM2E3ZjgwY2U3NzZlYjk5YzZjZWE1MTIwMjk0NmVhZWYyZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO/9leon8r0PWj6yGxlEdujslpgC
DsTEwjqwSF6FOAp/a1sHBinqnzcms6h+VsXC6EbfJ/zzeWuXgOiB7+LmbQ+7w5zn
2iWyTEMMGUbRqgPMpeK1WG5ipNmxiM20DsfvM9Z07cvoseTENmEnheWvzpXMNU9f
LRuP1UguWLrjcG23z+OGPQ4AmkxSQOntbQGlHuxfkvzTM8kPoY0hPJDBgp8BQ9Dz
6358CkLVOHoMejGHJTxWNILxTfgEWQAqnwbdwnC9YIXfeHNtV9qjJB+poqQnsff3
GE4OwQUtJzUHpot4sarmQX3rxGDfbPSuVLYOvZkJQOh3wkH1hbYp5g367wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBZwOn+AznduuZxs6lEgKUbq7y9tMB8GA1UdIwQY
MBaAFM8YQUDNGiI/Y4t5lvVIn0hdjuYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenhoQlFNMGFJajlqaTNtVzlVaWZTRjJPNWljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wN2JmMjktMDdkMS00ZGFmLWIzYmIt
Y2JmYjJjN2ZiYWRkLzEvRm5BNmY0RE9kMjY1bkd6cVVTQXBSdXJ2TDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wN2JmMjktMDdkMS00ZGFmLWIzYmItY2JmYjJjN2ZiYWRk
LzEvenhoQlFNMGFJajlqaTNtVzlVaWZTRjJPNWljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH4A4MA0G
CSqGSIb3DQEBCwUAA4IBAQANNv37jYhBQVYsBnrtUJGPXtMqRqlvuyM3M1cXh9Di
Y1DlbA0nulKO94m7w5HjtrJ2kV4/WTc30thLvLIvY8Fvlofce2I+kHjUzlbzKiI6
gXYZqpNKCCtWuXg3Teod0XrzM//R8CauP3EFNKCCkOBjBHOAAm2wexmm9ONR2SYQ
duO0jJ5b+qkuq73g/eQMtzKHioBtwkIpYbGedJOhL1Cpfk5uXnK0hoSCGn4mtRXh
/VIEgHVN6HHviumieNUy0+1/yxGOBsC/ic7h25dln5jIrDEbbNvtKILe3UYYOxSd
ojU4/0+NeAP8p+WdrHtCHHMypQs474PAjDKIK/Fkn6gE
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:51:13 2025 by rpki-client