Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Dsz5uvaCfsaiJBGzDzecMewv-Ug.roa
File: Dsz5uvaCfsaiJBGzDzecMewv-Ug.roa (raw, json)
Hash identifier: MeEoWIXoG3LOHfXQOIQXyy5qgG/yZoQCFPvU7WaAQZk=
Subject key identifier: 0E:CC:F9:BA:F6:82:7E:C6:A2:24:11:B3:0F:37:9C:31:EC:2F:F9:48
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 01941F8C7CF8D2206D95B89A011B0BF2B185
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Dsz5uvaCfsaiJBGzDzecMewv-Ug.roa
Signing time: Wed 01 Jan 2025 01:48:08 +0000
ROA not before: Wed 01 Jan 2025 01:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 31.133.80.0/22 maxlen: 24
31.133.80.0/24 maxlen: 24
31.133.81.0/24 maxlen: 24
31.133.82.0/24 maxlen: 24
31.133.83.0/24 maxlen: 24
31.133.84.0/22 maxlen: 22
31.133.88.0/24 maxlen: 24
31.133.89.0/24 maxlen: 24
31.133.90.0/24 maxlen: 24
31.133.91.0/24 maxlen: 24
176.103.224.0/22 maxlen: 22
176.103.232.0/22 maxlen: 22
176.103.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 09:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:7c:f8:d2:20:6d:95:b8:9a:01:1b:0b:f2:b1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 01:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eccf9baf6827ec6a22411b30f379c31ec2ff948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a4:f1:a7:f9:89:78:70:2c:02:e1:91:83:b7:
0e:83:07:5d:f0:ae:51:d6:0c:2b:9a:a8:68:41:76:
fc:ca:56:f1:28:21:21:10:c0:41:fe:46:72:cd:50:
cc:76:79:b7:08:77:d8:e2:72:5a:bf:9b:f4:db:70:
12:7a:18:40:75:27:33:5c:3b:56:c9:ec:9f:bd:27:
9c:7d:64:ed:9c:ed:01:48:1a:92:b2:c7:48:15:19:
81:19:2d:bb:85:cf:07:7b:a3:3c:e9:aa:5f:5b:c9:
a4:d5:63:9a:2b:df:5e:17:6a:74:ab:43:5c:c0:36:
68:c8:75:84:4e:df:12:d7:37:b6:2e:ab:6b:8c:7a:
41:bc:b4:a0:3a:1d:a0:48:fb:ac:54:ac:25:5a:3f:
53:98:f2:75:fb:15:fa:7c:36:08:a3:9c:3d:01:63:
6e:b5:33:ed:17:e8:c9:98:fd:6c:44:5d:e6:80:80:
bd:c1:32:87:0b:7a:5d:ba:0b:9f:ca:eb:b4:cb:c0:
ab:bf:4a:ff:5e:2d:41:91:4f:fc:29:3a:b5:19:02:
bf:89:30:08:f2:50:16:a8:98:21:85:70:a2:38:e3:
32:7c:c3:4a:fa:09:b5:eb:65:8b:b3:04:40:5c:0b:
29:06:15:a4:fc:c5:e0:47:b4:05:c5:a2:e3:fd:e2:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CC:F9:BA:F6:82:7E:C6:A2:24:11:B3:0F:37:9C:31:EC:2F:F9:48
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Dsz5uvaCfsaiJBGzDzecMewv-Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0-31.133.91.255
176.103.224.0/22
176.103.232.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:1a:71:85:ae:8c:58:8c:ba:6f:d7:55:45:09:a0:61:a6:24:
fa:37:a2:9d:dc:06:22:42:5d:a9:1b:e8:65:35:af:eb:d5:4a:
51:c5:1a:83:74:0d:c4:f9:c5:64:46:eb:35:96:ca:09:42:b6:
3c:c3:49:2d:b1:55:dc:de:ef:59:4d:85:94:c1:8b:08:36:2d:
61:48:43:f7:f1:03:df:33:05:e0:ba:db:8e:24:a7:d5:46:f4:
54:6d:db:d6:25:37:11:6f:9c:c0:e5:44:8d:95:aa:11:b3:3b:
82:1e:4d:08:e6:01:e2:b5:51:af:93:44:39:64:a7:ef:89:53:
e4:7d:8b:b4:e3:bd:a2:dc:f3:fa:49:d5:36:2a:98:bc:e2:e8:
22:9b:76:64:9e:be:97:b8:8c:2f:e3:8f:29:6d:4f:c1:b8:5f:
9a:10:f6:b4:a3:6a:0a:8b:de:ec:5b:3b:df:cf:38:44:53:c9:
29:f4:82:db:a1:6d:a6:3f:cd:5e:14:a2:93:88:76:70:41:64:
70:7d:9a:6f:7d:48:eb:2a:a6:f6:57:97:16:36:d3:a7:8e:ef:
54:21:8d:19:08:c5:b0:6d:f0:a9:20:d4:be:16:a1:f7:35:ba:
d0:5a:6d:0f:70:52:d6:1a:f2:8e:74:ec:19:20:59:f2:0c:57:
a6:6b:b2:3f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQfjHz40iBtlbiaARsL8rGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjUwMTAxMDE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNjZjliYWY2ODI3ZWM2YTIyNDExYjMwZjM3OWMzMWVjMmZmOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaTxp/mJeHAsAuGRg7cOgwdd8K5R
1gwrmqhoQXb8ylbxKCEhEMBB/kZyzVDMdnm3CHfY4nJav5v023ASehhAdSczXDtW
yeyfvSecfWTtnO0BSBqSssdIFRmBGS27hc8He6M86apfW8mk1WOaK99eF2p0q0Nc
wDZoyHWETt8S1ze2LqtrjHpBvLSgOh2gSPusVKwlWj9TmPJ1+xX6fDYIo5w9AWNu
tTPtF+jJmP1sRF3mgIC9wTKHC3pdugufyuu0y8Crv0r/Xi1BkU/8KTq1GQK/iTAI
8lAWqJghhXCiOOMyfMNK+gm162WLswRAXAspBhWk/MXgR7QFxaLj/eKlaQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFA7M+br2gn7GoiQRsw83nDHsL/lIMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvRHN6NXV2YUNmc2FpSkJHekR6ZWNNZXd2LVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQfhVAD
BAIfhVgDBAKwZ+ADBAOwZ+gwDQYJKoZIhvcNAQELBQADggEBAEoacYWujFiMum/X
VUUJoGGmJPo3op3cBiJCXakb6GU1r+vVSlHFGoN0DcT5xWRG6zWWyglCtjzDSS2x
Vdze71lNhZTBiwg2LWFIQ/fxA98zBeC6244kp9VG9FRt29YlNxFvnMDlRI2VqhGz
O4IeTQjmAeK1Ua+TRDlkp++JU+R9i7TjvaLc8/pJ1TYqmLzi6CKbdmSevpe4jC/j
jyltT8G4X5oQ9rSjagqL3uxbO9/POERTySn0gtuhbaY/zV4UopOIdnBBZHB9mm99
SOsqpvZXlxY206eO71QhjRkIxbBt8Kkg1L4Wofc1utBabQ9wUtYa8o507BkgWfIM
V6Zrsj8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 11:53:03 2025 by rpki-client