Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fRzBlknRWk3t4b91mxQk8dqb_2Y.roa
File: fRzBlknRWk3t4b91mxQk8dqb_2Y.roa (raw, json)
Hash identifier: cPMuJbsksIwU/j2kV2oDubx0GXlx2nf0bAxSupdFKUs=
Subject key identifier: 7D:1C:C1:96:49:D1:5A:4D:ED:E1:BF:75:9B:14:24:F1:DA:9B:FF:66
Certificate issuer: /CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Certificate serial: 01942521AAC36C158AA825810E8E5433DBFC
Authority key identifier: 5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fRzBlknRWk3t4b91mxQk8dqb_2Y.roa
Signing time: Thu 02 Jan 2025 03:49:10 +0000
ROA not before: Thu 02 Jan 2025 03:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39089
IP address blocks: 31.133.56.0/21 maxlen: 24
31.133.56.0/24 maxlen: 24
31.133.57.0/24 maxlen: 24
31.133.58.0/24 maxlen: 24
31.133.59.0/24 maxlen: 24
31.133.60.0/24 maxlen: 24
31.133.61.0/24 maxlen: 24
31.133.62.0/24 maxlen: 24
31.133.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:aa:c3:6c:15:8a:a8:25:81:0e:8e:54:33:db:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c64f9d04efd5a9fc2e23b42d5b51aefd9a50250
Validity
Not Before: Jan 2 03:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d1cc19649d15a4dede1bf759b1424f1da9bff66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:eb:a2:13:21:5c:a7:d5:9c:af:b0:5d:61:
18:f6:34:ec:b1:b2:b5:fc:90:d9:5e:c1:3b:1f:57:
08:6c:6f:1e:4c:b6:04:61:ca:ad:69:b8:a5:85:1b:
92:3d:77:28:d2:89:5f:bf:6f:eb:03:62:ff:d0:3b:
92:49:13:fc:77:a4:81:e4:d8:3b:2b:c4:48:29:43:
97:f8:c7:bd:d0:4f:1a:6d:e0:df:7d:32:d3:e5:31:
f5:07:25:1d:9c:56:32:88:10:34:d2:25:dd:50:30:
e9:1f:76:60:bc:f5:61:30:26:d7:1b:f4:3a:e8:03:
92:3a:62:2b:6b:8c:ec:17:f5:fa:29:7e:ff:fe:92:
02:d9:f5:0e:a8:e1:34:fe:0f:49:9d:93:bf:00:a4:
fe:7d:a8:3e:d8:df:23:27:d8:02:90:bc:ae:67:ed:
98:3f:1d:bc:a4:af:a3:d4:e5:56:37:d8:81:07:cb:
32:3d:e9:48:c0:f8:88:93:06:8f:3c:11:3c:fb:b8:
c3:bb:21:6d:e5:eb:c5:39:d6:0e:12:bb:90:26:a9:
af:8f:e9:43:72:54:ec:36:0b:61:d3:a2:ce:bf:3c:
c7:a7:92:8f:4e:10:69:95:12:cb:5b:8d:13:ef:2c:
b7:4b:32:41:c8:28:95:17:28:68:d9:28:16:ca:d7:
a3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:1C:C1:96:49:D1:5A:4D:ED:E1:BF:75:9B:14:24:F1:DA:9B:FF:66
X509v3 Authority Key Identifier:
keyid:5C:64:F9:D0:4E:FD:5A:9F:C2:E2:3B:42:D5:B5:1A:EF:D9:A5:02:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGT50E79Wp_C4jtC1bUa79mlAlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/fRzBlknRWk3t4b91mxQk8dqb_2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/1849a6-f921-4b50-915e-b66fa4f4763a/1/XGT50E79Wp_C4jtC1bUa79mlAlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.56.0/21
Signature Algorithm: sha256WithRSAEncryption
86:a2:1a:a1:3c:68:a8:3d:b9:4b:bc:79:20:6d:f1:4e:4f:b4:
02:f2:f7:ad:a6:e9:d6:de:4f:53:5a:77:6a:80:db:ba:76:47:
84:96:e4:4c:0e:4b:dd:5d:c0:fd:0a:e9:f6:df:18:b8:47:9b:
8d:57:0c:88:92:ec:27:50:9c:ad:6f:48:46:a8:a1:6a:de:ff:
42:45:12:7f:46:b6:fa:6a:bc:f0:18:43:a6:b1:1e:21:92:0f:
ec:00:e5:c3:03:7b:8e:9b:7d:f3:d7:f8:db:2b:9b:cf:2b:48:
2b:84:ea:24:1c:ba:ab:5b:a4:2b:b6:00:f2:0a:bf:99:2b:b9:
7b:40:d0:f8:c9:66:ba:66:36:7f:86:d8:ec:df:f7:1f:e3:01:
40:30:7d:79:26:6b:bf:a4:2b:88:9d:ce:2e:8f:44:78:b4:44:
27:88:9c:c2:6c:f7:2c:22:55:c8:33:a5:7b:96:08:96:d2:44:
c3:6b:e7:09:ca:32:36:73:56:1c:b5:cb:58:da:c0:02:c5:d3:
a5:5b:b7:2d:7a:91:c0:95:66:fb:b2:91:10:71:fa:0c:d6:af:
10:a5:e5:a7:3d:f2:03:78:4d:ae:d8:e4:e2:54:ee:b1:87:ab:
86:1d:d0:c5:25:00:94:18:69:75:98:d4:a6:44:43:03:9a:5c:
87:74:a9:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIarDbBWKqCWBDo5UM9v8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNjRmOWQwNGVmZDVhOWZjMmUyM2I0MmQ1YjUxYWVmZDlh
NTAyNTAwHhcNMjUwMTAyMDM0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDFjYzE5NjQ5ZDE1YTRkZWRlMWJmNzU5YjE0MjRmMWRhOWJmZjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+rrohMhXKfVnK+wXWEY9jTssbK1
/JDZXsE7H1cIbG8eTLYEYcqtabilhRuSPXco0olfv2/rA2L/0DuSSRP8d6SB5Ng7
K8RIKUOX+Me90E8abeDffTLT5TH1ByUdnFYyiBA00iXdUDDpH3ZgvPVhMCbXG/Q6
6AOSOmIra4zsF/X6KX7//pIC2fUOqOE0/g9JnZO/AKT+fag+2N8jJ9gCkLyuZ+2Y
Px28pK+j1OVWN9iBB8syPelIwPiIkwaPPBE8+7jDuyFt5evFOdYOEruQJqmvj+lD
clTsNgth06LOvzzHp5KPThBplRLLW40T7yy3SzJByCiVFyho2SgWytejIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0cwZZJ0VpN7eG/dZsUJPHam/9mMB8GA1UdIwQY
MBaAFFxk+dBO/VqfwuI7QtW1Gu/ZpQJQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUt
YjY2ZmE0ZjQ3NjNhLzEvZlJ6QmxrblJXazN0NGI5MW14UWs4ZHFiXzJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8xODQ5YTYtZjkyMS00YjUwLTkxNWUtYjY2ZmE0ZjQ3NjNh
LzEvWEdUNTBFNzlXcF9DNGp0QzFiVWE3OW1sQWxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDH4U4MA0G
CSqGSIb3DQEBCwUAA4IBAQCGohqhPGioPblLvHkgbfFOT7QC8vetpunW3k9TWndq
gNu6dkeEluRMDkvdXcD9Cun23xi4R5uNVwyIkuwnUJytb0hGqKFq3v9CRRJ/Rrb6
arzwGEOmsR4hkg/sAOXDA3uOm33z1/jbK5vPK0grhOokHLqrW6QrtgDyCr+ZK7l7
QND4yWa6ZjZ/htjs3/cf4wFAMH15Jmu/pCuInc4uj0R4tEQniJzCbPcsIlXIM6V7
lgiW0kTDa+cJyjI2c1YctctY2sACxdOlW7ctepHAlWb7spEQcfoM1q8QpeWnPfID
eE2u2OTiVO6xh6uGHdDFJQCUGGl1mNSmREMDmlyHdKnm
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:33:46 2025 by rpki-client