Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/1-8bpJP4ldVymn01b0Lydy-jjhME.roa
File: 1-8bpJP4ldVymn01b0Lydy-jjhME.roa (raw, json)
Hash identifier: 0hHPnyQchhVyljrO2jyFNJVSYpCf6WjQrLOAi1ffRPU=
Subject key identifier: FB:C6:E9:24:FE:25:75:5C:A6:9F:4D:5B:D0:BC:9D:CB:E8:E3:84:C1
Certificate issuer: /CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Certificate serial: 01942143C85872C563B910AEEB789238ED5A
Authority key identifier: EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/1-8bpJP4ldVymn01b0Lydy-jjhME.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42512
IP address blocks: 31.43.168.0/22 maxlen: 22
31.43.168.0/24 maxlen: 24
31.43.169.0/24 maxlen: 24
31.43.170.0/24 maxlen: 24
31.43.171.0/24 maxlen: 24
31.43.180.0/22 maxlen: 22
31.43.180.0/24 maxlen: 24
31.43.181.0/24 maxlen: 24
31.43.182.0/24 maxlen: 24
31.43.183.0/24 maxlen: 24
91.208.65.0/24 maxlen: 24
91.225.120.0/22 maxlen: 22
91.225.120.0/24 maxlen: 24
91.225.121.0/24 maxlen: 24
91.225.122.0/24 maxlen: 24
91.225.123.0/24 maxlen: 24
193.110.76.0/22 maxlen: 22
193.110.76.0/24 maxlen: 24
193.110.77.0/24 maxlen: 24
193.110.78.0/24 maxlen: 24
193.110.79.0/24 maxlen: 24
194.110.126.0/24 maxlen: 24
2001:67c:a28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.mft
rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c8:58:72:c5:63:b9:10:ae:eb:78:92:38:ed:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea0f76282df53209a58c0302e74f8a97ca3aff05
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbc6e924fe25755ca69f4d5bd0bc9dcbe8e384c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:72:42:fa:d9:f1:15:85:6f:db:d7:32:aa:9f:
72:9b:d2:37:b1:b6:b3:c0:58:b6:93:62:89:9f:47:
d5:b6:0b:69:48:64:2b:14:20:bf:83:0d:7d:eb:1f:
f3:29:94:52:4f:a8:c6:d4:b6:68:86:9e:3f:9c:8a:
78:52:19:1d:6a:46:41:e3:86:ca:bf:18:04:6f:cd:
7d:47:72:2c:6f:ae:6f:ad:ed:67:93:e1:ee:9b:b3:
49:72:cb:80:d0:e6:e2:b5:3f:34:35:b6:b2:45:cc:
84:c0:04:31:36:cd:94:3a:28:74:af:64:74:22:8e:
f0:46:68:7e:60:72:5c:0d:95:32:91:07:75:31:d3:
82:bb:fd:60:9a:82:21:55:ad:e5:9a:22:9c:ec:49:
48:85:ff:c3:e9:02:ea:6b:16:0d:6a:d8:f9:79:9a:
a7:53:60:18:c0:63:c0:1c:7a:3f:1b:4c:d7:92:73:
6e:b7:5d:ef:c9:f9:40:56:c5:1a:fd:2e:5b:6c:0e:
aa:9a:d2:50:c0:08:5e:8e:11:44:c4:43:b2:25:9e:
6c:e3:0a:ae:29:8a:9c:f4:8e:b6:fd:63:97:9e:a0:
04:24:3b:56:c7:b1:f8:8d:9a:5b:b1:2a:08:9a:5c:
e2:94:f7:28:9b:d8:cc:ba:15:7a:c7:d7:e1:fb:98:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C6:E9:24:FE:25:75:5C:A6:9F:4D:5B:D0:BC:9D:CB:E8:E3:84:C1
X509v3 Authority Key Identifier:
keyid:EA:0F:76:28:2D:F5:32:09:A5:8C:03:02:E7:4F:8A:97:CA:3A:FF:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6g92KC31MgmljAMC50-Kl8o6_wU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/1-8bpJP4ldVymn01b0Lydy-jjhME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/e7fa55-5925-4ba9-ad38-be7c81948324/1/6g92KC31MgmljAMC50-Kl8o6_wU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.43.168.0/22
31.43.180.0/22
91.208.65.0/24
91.225.120.0/22
193.110.76.0/22
194.110.126.0/24
IPv6:
2001:67c:a28::/48
Signature Algorithm: sha256WithRSAEncryption
57:08:32:aa:9f:7c:74:81:d4:19:01:3a:75:ff:b9:9f:fa:d2:
bb:50:31:33:bf:73:1b:33:c6:39:3f:cd:88:93:a3:e1:f6:ac:
e4:2b:df:55:84:14:fa:f2:12:48:a3:31:38:e1:05:1c:77:1f:
2e:88:7d:e8:20:85:31:20:cf:8b:11:89:1d:ec:4f:35:e3:bf:
50:cf:d5:86:0a:3c:e9:b7:34:4d:4a:a9:ea:c9:c4:0c:65:3b:
4b:26:6a:2a:df:6b:1f:6d:cb:ca:de:b0:5f:9c:72:59:fb:76:
42:1f:89:ca:aa:4f:bf:a1:16:cd:d1:e6:b8:5c:18:c7:bf:68:
c3:4b:5b:60:c2:3d:70:15:49:1c:be:7d:cf:d8:ff:24:55:33:
7e:b0:50:15:a4:2f:35:33:02:67:92:39:bf:92:6e:55:2a:59:
08:e7:ef:5e:27:3e:6c:c3:8a:91:f2:2b:f8:66:cf:2e:d5:af:
da:cc:12:c6:77:e4:d0:d2:c1:22:4d:aa:04:16:7b:7a:42:6e:
7e:f2:33:41:d9:fa:01:ee:e2:80:b7:64:b7:f5:8e:7f:1b:76:
03:02:a5:16:52:24:90:54:96:83:2b:3b:39:6b:9f:15:fe:4c:
93:ae:84:d7:c2:46:66:d0:02:68:4f:63:e6:c0:0d:94:32:9c:
e9:d1:55:9e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQhQ8hYcsVjuRCu63iSOO1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMGY3NjI4MmRmNTMyMDlhNThjMDMwMmU3NGY4YTk3Y2Ez
YWZmMDUwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM2ZTkyNGZlMjU3NTVjYTY5ZjRkNWJkMGJjOWRjYmU4ZTM4NGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynJC+tnxFYVv29cyqp9ym9I3sbaz
wFi2k2KJn0fVtgtpSGQrFCC/gw196x/zKZRST6jG1LZohp4/nIp4UhkdakZB44bK
vxgEb819R3Isb65vre1nk+Hum7NJcsuA0ObitT80NbayRcyEwAQxNs2UOih0r2R0
Io7wRmh+YHJcDZUykQd1MdOCu/1gmoIhVa3lmiKc7ElIhf/D6QLqaxYNatj5eZqn
U2AYwGPAHHo/G0zXknNut13vyflAVsUa/S5bbA6qmtJQwAhejhFExEOyJZ5s4wqu
KYqc9I62/WOXnqAEJDtWx7H4jZpbsSoImlzilPcom9jMuhV6x9fh+5jqUQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPvG6ST+JXVcpp9NW9C8ncvo44TBMB8GA1UdIwQY
MBaAFOoPdigt9TIJpYwDAudPipfKOv8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmc5MktDMzFNZ21sakFNQzUwLUtsOG82X3dVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lN2ZhNTUtNTkyNS00YmE5LWFkMzgt
YmU3YzgxOTQ4MzI0LzEvMS04YnBKUDRsZFZ5bW4wMWIwTHlkeS1qamhNRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTYvZTdmYTU1LTU5MjUtNGJhOS1hZDM4LWJlN2M4MTk0ODMy
NC8xLzZnOTJLQzMxTWdtbGpBTUM1MC1LbDhvNl93VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBOBggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAh8rqAME
Ah8rtAMEAFvQQQMEAlvheAMEAsFuTAMEAMJufjAPBAIAAjAJAwcAIAEGfAooMA0G
CSqGSIb3DQEBCwUAA4IBAQBXCDKqn3x0gdQZATp1/7mf+tK7UDEzv3MbM8Y5P82I
k6Ph9qzkK99VhBT68hJIozE44QUcdx8uiH3oIIUxIM+LEYkd7E81479Qz9WGCjzp
tzRNSqnqycQMZTtLJmoq32sfbcvK3rBfnHJZ+3ZCH4nKqk+/oRbN0ea4XBjHv2jD
S1tgwj1wFUkcvn3P2P8kVTN+sFAVpC81MwJnkjm/km5VKlkI5+9eJz5sw4qR8iv4
Zs8u1a/azBLGd+TQ0sEiTaoEFnt6Qm5+8jNB2foB7uKAt2S39Y5/G3YDAqUWUiSQ
VJaDKzs5a58V/kyTroTXwkZm0AJoT2PmwA2UMpzp0VWe
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:34:28 2025 by rpki-client