Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-IuCyLHDXoTrW_tBOILAuJOahP0.roa
File: 1-IuCyLHDXoTrW_tBOILAuJOahP0.roa (raw, json)
Hash identifier: JQOAkK4GTfvR3O0iAgDrcKhiYHAStJmzj8i8fWCZNnM=
Subject key identifier: F8:8B:82:C8:B1:C3:5E:84:EB:5B:FB:41:38:82:C0:B8:93:9A:84:FD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194572728CE50D90CAF9929D4826FAB2C94
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-IuCyLHDXoTrW_tBOILAuJOahP0.roa
Signing time: Sat 11 Jan 2025 20:56:11 +0000
ROA not before: Sat 11 Jan 2025 20:56:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.92.0/22 maxlen: 24
31.57.96.0/22 maxlen: 24
31.57.120.0/22 maxlen: 24
31.57.124.0/22 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.196.0/22 maxlen: 24
31.58.204.0/22 maxlen: 24
31.58.208.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
31.58.220.0/22 maxlen: 24
31.58.224.0/22 maxlen: 24
31.58.232.0/23 maxlen: 24
31.59.120.0/22 maxlen: 24
217.60.0.0/18 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.11.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.24.0/24 maxlen: 24
217.60.25.0/24 maxlen: 24
217.60.26.0/24 maxlen: 24
217.60.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:57:27:28:ce:50:d9:0c:af:99:29:d4:82:6f:ab:2c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 11 20:56:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f88b82c8b1c35e84eb5bfb413882c0b8939a84fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e7:03:10:d4:80:81:52:14:b0:e5:16:ba:dc:
35:90:6d:75:65:5c:96:71:37:9c:2b:88:ff:09:3e:
f0:4d:8c:e4:9f:3f:36:6a:a1:5d:16:f2:d8:ce:55:
1e:40:59:97:c4:28:ea:13:75:7e:0d:63:3f:84:e7:
e8:be:5c:e1:e3:eb:6f:05:9b:38:12:32:b4:2b:f7:
7c:39:76:d4:d0:b6:d3:a8:74:04:c1:a9:ef:22:f7:
cb:be:13:9e:12:c5:ac:2c:2f:9b:b2:06:81:11:e5:
7a:42:e1:25:24:39:19:dd:36:77:d1:5c:0b:37:c5:
c2:ed:d8:35:e2:63:68:8f:9d:7a:2a:d6:fe:29:8a:
f8:32:1c:a2:a3:72:70:02:0a:a4:fe:89:3c:7a:d6:
95:00:59:40:e7:bd:3f:fc:e1:71:0a:cc:4e:80:de:
42:66:ee:d9:ee:56:39:2c:b5:45:6c:f8:20:ba:7b:
95:f2:cb:c2:ef:54:46:0d:25:ec:d3:1d:6a:de:2f:
be:48:2c:b3:83:f7:69:38:dc:d1:90:26:1b:ea:b7:
81:d6:fc:61:07:e9:ff:36:28:37:8f:e3:b8:1a:ff:
61:62:1b:97:4b:8d:0c:f9:ee:15:a6:92:61:9a:d9:
fe:b6:94:67:4e:c2:10:dd:a2:d4:cb:85:79:e0:8d:
de:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8B:82:C8:B1:C3:5E:84:EB:5B:FB:41:38:82:C0:B8:93:9A:84:FD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-IuCyLHDXoTrW_tBOILAuJOahP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.48.0/20
31.57.92.0-31.57.99.255
31.57.120.0/21
31.58.34.0/23
31.58.196.0/22
31.58.204.0-31.58.209.255
31.58.212.0/22
31.58.220.0-31.58.227.255
31.58.232.0/23
31.59.120.0/22
217.60.0.0/18
Signature Algorithm: sha256WithRSAEncryption
74:1a:e6:dc:d0:9d:a8:6e:3b:68:c4:62:60:de:af:6d:48:54:
3a:40:f8:62:46:61:39:5b:92:3a:73:c5:0d:6d:a8:32:ff:2f:
13:7e:fb:a6:b1:91:03:10:32:be:76:95:29:f4:0b:59:25:9e:
7e:b6:a5:23:d3:a3:b6:fe:b7:f4:23:cd:b5:07:6b:9e:e9:65:
91:4d:c6:47:ae:33:e9:9b:4e:ee:03:69:25:6e:4e:64:6a:e9:
05:36:67:58:91:35:e5:c5:9d:8d:85:6c:9c:e3:63:4f:9b:05:
1c:43:b9:4f:2b:b6:32:98:0b:97:2d:9a:2b:61:6c:d8:26:38:
2c:e4:c5:e3:12:67:3f:34:c2:f6:63:08:03:53:bc:ca:ab:81:
03:ce:35:32:cd:a9:7b:6d:1c:6c:39:4c:02:4b:b5:d7:30:9d:
05:49:53:ed:7f:0d:c6:d1:12:8b:80:be:7e:ff:e3:92:66:7c:
36:eb:f5:3d:36:55:2c:f1:5f:a3:42:16:d1:76:09:62:83:75:
47:e9:9b:82:c5:40:fc:61:b8:26:c1:69:ca:c3:56:06:4d:a4:
72:88:9f:f4:02:b7:c4:b0:1a:a0:8a:54:bb:d5:f6:de:fe:e9:
8d:81:f3:f4:b8:4d:a2:e9:b8:f6:cf:b8:b9:8c:4d:6e:e8:b8:
36:69:aa:f0
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZRXJyjOUNkMr5kp1IJvqyyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTExMjA1NjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODhiODJjOGIxYzM1ZTg0ZWI1YmZiNDEzODgyYzBiODkzOWE4NGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOcDENSAgVIUsOUWutw1kG11ZVyW
cTecK4j/CT7wTYzknz82aqFdFvLYzlUeQFmXxCjqE3V+DWM/hOfovlzh4+tvBZs4
EjK0K/d8OXbU0LbTqHQEwanvIvfLvhOeEsWsLC+bsgaBEeV6QuElJDkZ3TZ30VwL
N8XC7dg14mNoj516Ktb+KYr4Mhyio3JwAgqk/ok8etaVAFlA570//OFxCsxOgN5C
Zu7Z7lY5LLVFbPggunuV8svC71RGDSXs0x1q3i++SCyzg/dpONzRkCYb6reB1vxh
B+n/Nig3j+O4Gv9hYhuXS40M+e4VppJhmtn+tpRnTsIQ3aLUy4V54I3edQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPiLgsixw16E61v7QTiCwLiTmoT9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1JdUN5TEhEWG9UcldfdEJPSUxBdUpPYWhQMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAB84
mgMEAR84ngMEAh84qAMEAR84rgMEAx85GAMEBB85MDAMAwQCHzlcAwQCHzlgAwQD
Hzl4AwQBHzoiAwQCHzrEMAwDBAIfOswDBAEfOtADBAIfOtQwDAMEAh863AMEAh86
4AMEAR866AMEAh87eAMEBtk8ADANBgkqhkiG9w0BAQsFAAOCAQEAdBrm3NCdqG47
aMRiYN6vbUhUOkD4YkZhOVuSOnPFDW2oMv8vE377prGRAxAyvnaVKfQLWSWefral
I9Ojtv639CPNtQdrnullkU3GR64z6ZtO7gNpJW5OZGrpBTZnWJE15cWdjYVsnONj
T5sFHEO5Tyu2MpgLly2aK2Fs2CY4LOTF4xJnPzTC9mMIA1O8yquBA841Ms2pe20c
bDlMAku11zCdBUlT7X8NxtESi4C+fv/jkmZ8Nuv1PTZVLPFfo0IW0XYJYoN1R+mb
gsVA/GG4JsFpysNWBk2kcoif9AK3xLAaoIpUu9X23v7pjYHz9LhNoum49s+4uYxN
bui4Nmmq8A==
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:53:07 2025 by rpki-client