Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/d15xqRAnKAAHzf4cOWP5GpMA26U.roa
File: d15xqRAnKAAHzf4cOWP5GpMA26U.roa (raw, json)
Hash identifier: BSGf+nc0kXxGqfwctZauJAHJAYXY4Sl7m0vyGO3LlUY=
Subject key identifier: 77:5E:71:A9:10:27:28:00:07:CD:FE:1C:39:63:F9:1A:93:00:DB:A5
Certificate issuer: /CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Certificate serial: 019424454B8712E214E59073B546C69D6304
Authority key identifier: 5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/d15xqRAnKAAHzf4cOWP5GpMA26U.roa
Signing time: Wed 01 Jan 2025 23:48:28 +0000
ROA not before: Wed 01 Jan 2025 23:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 31.214.141.0/24 maxlen: 24
31.214.245.0/24 maxlen: 24
31.214.246.0/24 maxlen: 24
31.214.247.0/24 maxlen: 24
95.156.227.0/24 maxlen: 24
109.230.238.0/24 maxlen: 24
134.255.220.0/24 maxlen: 32
134.255.225.0/24 maxlen: 24
134.255.227.0/24 maxlen: 24
134.255.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:4b:87:12:e2:14:e5:90:73:b5:46:c6:9d:63:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a376c8008d6abd962341563dd2a4dccaf153cba
Validity
Not Before: Jan 1 23:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=775e71a91027280007cdfe1c3963f91a9300dba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:5e:2c:68:1b:2b:5b:34:19:6a:41:fd:5f:
e1:81:7d:13:a9:70:71:68:82:8d:44:7c:f6:74:18:
af:5c:f4:75:80:67:38:da:fb:e2:79:33:17:f2:d7:
09:d7:37:53:70:6f:70:a5:89:b8:47:5c:5b:61:d3:
fa:06:13:c5:70:72:4d:f0:94:22:1e:0c:f4:e4:ad:
3e:7f:7c:5d:da:cc:51:8a:79:7e:3d:2d:1c:c4:83:
6f:54:55:9e:03:5c:ca:25:d2:b0:91:1c:6c:e6:82:
35:41:bf:c0:5d:d3:5a:91:66:35:15:9e:09:8e:31:
b2:d6:8b:75:95:c3:26:ea:b4:1f:6c:5b:48:bd:16:
6c:2a:a8:47:f9:14:3b:61:be:23:19:14:8b:c3:c2:
27:aa:b6:de:2e:a1:24:04:27:a1:69:fe:7c:c5:c1:
61:f3:bd:94:85:ab:9c:26:a7:ee:c1:11:4e:2b:a0:
78:dd:ce:7a:d4:24:21:59:37:77:a6:f2:92:eb:ae:
46:89:f9:86:ea:8a:0f:04:39:68:3b:c4:9c:1f:f2:
1b:d7:e7:99:b9:77:64:3a:db:fa:45:1d:ed:88:9f:
0e:aa:7a:2a:80:02:c4:48:1a:ed:de:70:d4:7b:61:
9e:84:a4:b7:a6:8b:5b:4b:8d:54:3e:5e:ba:1a:77:
40:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5E:71:A9:10:27:28:00:07:CD:FE:1C:39:63:F9:1A:93:00:DB:A5
X509v3 Authority Key Identifier:
keyid:5A:37:6C:80:08:D6:AB:D9:62:34:15:63:DD:2A:4D:CC:AF:15:3C:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WjdsgAjWq9liNBVj3SpNzK8VPLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/d15xqRAnKAAHzf4cOWP5GpMA26U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/caa743-1c13-4a25-9f6a-65be5503165d/1/WjdsgAjWq9liNBVj3SpNzK8VPLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.141.0/24
31.214.245.0-31.214.247.255
95.156.227.0/24
109.230.238.0/24
134.255.220.0/24
134.255.225.0/24
134.255.227.0/24
134.255.252.0/24
Signature Algorithm: sha256WithRSAEncryption
e2:2c:02:ee:73:62:5f:3a:d8:2c:07:4a:d6:73:ce:97:ac:73:
2a:0f:23:eb:34:30:6b:65:46:10:a5:9e:9f:58:bb:60:8d:10:
75:8f:ae:95:5e:9b:d4:5d:ef:14:7a:1f:ea:87:fb:d4:cc:c7:
e1:ae:9b:b0:1c:7f:ff:a1:f1:d4:f7:40:f2:88:f0:d9:5d:e6:
4f:33:cf:ce:2e:e9:86:a3:d6:c2:03:6d:80:d5:fd:73:41:18:
56:60:57:ca:da:e8:7c:99:27:28:42:ac:63:d4:f2:41:36:cc:
13:79:ab:33:93:d3:4f:09:d0:59:df:78:f3:84:92:21:c2:a8:
6e:5f:49:59:6f:a6:e2:82:a2:8f:d3:97:05:0a:fe:e2:1b:b2:
f8:ce:dd:c1:0c:80:8f:3c:ec:84:c9:fa:bb:e0:fd:84:76:96:
bc:d4:10:1f:fe:3d:8b:8d:e0:bd:07:6f:56:b2:5b:7c:a1:43:
83:bb:c1:96:bf:b1:1e:d4:81:3f:39:6f:9a:ff:7e:75:ca:ad:
bf:35:b7:b2:00:4f:b3:80:9c:2c:b4:06:ed:9b:c9:37:9f:fa:
16:d0:72:34:33:72:e4:76:fb:16:59:53:49:89:e5:c3:95:d5:
25:c7:64:52:2c:29:51:3b:8e:d8:9c:79:80:8a:5f:f1:43:6c:
52:69:b9:79
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQkRUuHEuIU5ZBztUbGnWMEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMzc2YzgwMDhkNmFiZDk2MjM0MTU2M2RkMmE0ZGNjYWYx
NTNjYmEwHhcNMjUwMTAxMjM0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVlNzFhOTEwMjcyODAwMDdjZGZlMWMzOTYzZjkxYTkzMDBkYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoepeLGgbK1s0GWpB/V/hgX0TqXBx
aIKNRHz2dBivXPR1gGc42vvieTMX8tcJ1zdTcG9wpYm4R1xbYdP6BhPFcHJN8JQi
Hgz05K0+f3xd2sxRinl+PS0cxINvVFWeA1zKJdKwkRxs5oI1Qb/AXdNakWY1FZ4J
jjGy1ot1lcMm6rQfbFtIvRZsKqhH+RQ7Yb4jGRSLw8InqrbeLqEkBCehaf58xcFh
872UhaucJqfuwRFOK6B43c561CQhWTd3pvKS665GifmG6ooPBDloO8ScH/Ib1+eZ
uXdkOtv6RR3tiJ8OqnoqgALESBrt3nDUe2GehKS3potbS41UPl66GndADwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHdecakQJygAB83+HDlj+RqTANulMB8GA1UdIwQY
MBaAFFo3bIAI1qvZYjQVY90qTcyvFTy6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEt
NjViZTU1MDMxNjVkLzEvZDE1eHFSQW5LQUFIemY0Y09XUDVHcE1BMjZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9jYWE3NDMtMWMxMy00YTI1LTlmNmEtNjViZTU1MDMxNjVk
LzEvV2pkc2dBaldxOWxpTkJWajNTcE56SzhWUExvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAH9aNMAwD
BAAf1vUDBAMf1vADBABfnOMDBABt5u4DBACG/9wDBACG/+EDBACG/+MDBACG//ww
DQYJKoZIhvcNAQELBQADggEBAOIsAu5zYl862CwHStZzzpescyoPI+s0MGtlRhCl
np9Yu2CNEHWPrpVem9Rd7xR6H+qH+9TMx+Gum7Acf/+h8dT3QPKI8Nld5k8zz84u
6Yaj1sIDbYDV/XNBGFZgV8ra6HyZJyhCrGPU8kE2zBN5qzOT008J0FnfePOEkiHC
qG5fSVlvpuKCoo/TlwUK/uIbsvjO3cEMgI887ITJ+rvg/YR2lrzUEB/+PYuN4L0H
b1ayW3yhQ4O7wZa/sR7UgT85b5r/fnXKrb81t7IAT7OAnCy0Bu2byTef+hbQcjQz
cuR2+xZZU0mJ5cOV1SXHZFIsKVE7jticeYCKX/FDbFJpuXk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:47:03 2025 by rpki-client