Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-puS9PS4RtE4_gp9QSgqMW22I70.roa
File: 1-puS9PS4RtE4_gp9QSgqMW22I70.roa (raw, json)
Hash identifier: z7qVhgKFRO8Jwb+PJ1HaLkv6+W05pqjpCU1JMw6oy4k=
Subject key identifier: FA:9B:92:F4:F4:B8:46:D1:38:FE:0A:7D:41:28:2A:31:6D:B6:23:BD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019296057158D116B1FCE650C27D244D4528
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-puS9PS4RtE4_gp9QSgqMW22I70.roa
Signing time: Wed 16 Oct 2024 15:49:52 +0000
ROA not before: Wed 16 Oct 2024 15:49:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26737
IP address blocks: 31.56.42.0/24 maxlen: 24
31.56.43.0/24 maxlen: 24
31.56.87.0/24 maxlen: 24
31.56.89.0/24 maxlen: 24
31.58.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:05:71:58:d1:16:b1:fc:e6:50:c2:7d:24:4d:45:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 16 15:49:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa9b92f4f4b846d138fe0a7d41282a316db623bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ec:0e:70:51:aa:85:43:f6:b0:16:c8:a1:40:
62:65:09:1c:08:62:8e:35:19:07:09:a0:f1:09:9d:
e1:22:18:13:e8:f6:f9:a3:5c:cf:e1:25:7a:6c:f6:
a5:e3:86:8b:5c:c5:52:d1:66:b4:89:f1:e5:28:45:
86:67:2a:00:ba:04:d4:05:59:2c:85:81:a5:e0:56:
35:68:80:bb:27:5d:1e:74:2a:9b:93:e1:12:cf:e5:
2a:f2:19:79:e9:bd:dc:86:4b:3d:93:18:0a:8a:b5:
50:b8:e5:5e:b0:e7:27:38:2f:8f:63:21:a8:10:5d:
fc:53:ce:2d:0c:87:59:63:da:ca:73:cd:92:d5:1c:
66:75:f1:0a:fd:8e:67:8b:f1:40:e1:49:4e:26:83:
9e:da:12:41:f4:c2:ce:4a:c2:06:ad:93:8a:e8:64:
5a:b0:57:e8:cb:a0:67:fd:32:0c:43:9f:3c:6d:7c:
60:d2:a7:16:a2:30:ca:47:f1:35:37:14:70:fe:5e:
e6:28:25:c8:a3:50:4e:7a:48:39:17:ba:75:7d:06:
4f:73:ef:20:6c:93:4f:b0:58:81:54:89:8c:4e:c6:
bf:e0:bd:c4:64:df:83:31:f6:15:cc:17:7b:dd:a4:
2d:11:71:49:6a:18:1b:63:f4:e9:40:7e:70:22:cc:
b8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:9B:92:F4:F4:B8:46:D1:38:FE:0A:7D:41:28:2A:31:6D:B6:23:BD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/1-puS9PS4RtE4_gp9QSgqMW22I70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.42.0/23
31.56.87.0/24
31.56.89.0/24
31.58.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:06:1b:3e:d1:12:32:08:46:6d:30:0c:e8:51:41:0c:d0:47:
e4:50:2a:f9:ec:1e:c1:d8:33:dd:e7:72:56:f6:e1:57:0d:51:
86:c0:fa:c2:8a:07:ae:34:66:5c:72:c5:60:75:92:39:31:fe:
56:5d:fc:61:2b:2c:d3:42:e5:48:2e:3e:ea:c7:54:29:97:65:
54:df:3a:ff:48:e7:98:50:a9:cd:e4:ab:2a:1d:08:7d:b5:be:
26:0c:f2:43:7c:c0:95:b3:6c:28:d6:a9:94:98:aa:54:49:a8:
e3:1b:67:4b:01:d3:d9:1f:e2:1a:5c:d4:be:3c:9d:9a:7d:59:
ca:38:20:99:c8:80:4e:7b:1d:df:7f:11:1a:23:fa:b7:a5:3a:
69:f3:9b:38:60:8d:4f:ff:e2:3a:4b:85:54:93:ab:4c:a6:97:
29:9e:e6:f5:a0:e1:1f:27:bb:6a:bd:d6:98:63:c1:fe:b4:93:
f3:0c:48:88:8f:21:d7:e6:1b:5e:ef:77:61:5f:ce:2c:35:a7:
28:d7:89:e5:d0:3a:2a:3b:e9:ea:66:be:3b:ae:76:2c:a9:2f:
c7:a5:99:9c:0b:78:0d:ca:31:5f:3f:49:bc:f4:f1:d9:bc:7e:
bc:bd:61:22:db:ae:10:e3:d4:74:90:bc:f7:dd:a5:67:05:1e:
1b:02:0d:40
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAZKWBXFY0Rax/OZQwn0kTUUoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE2MTU0OTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTliOTJmNGY0Yjg0NmQxMzhmZTBhN2Q0MTI4MmEzMTZkYjYyM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+wOcFGqhUP2sBbIoUBiZQkcCGKO
NRkHCaDxCZ3hIhgT6Pb5o1zP4SV6bPal44aLXMVS0Wa0ifHlKEWGZyoAugTUBVks
hYGl4FY1aIC7J10edCqbk+ESz+Uq8hl56b3chks9kxgKirVQuOVesOcnOC+PYyGo
EF38U84tDIdZY9rKc82S1RxmdfEK/Y5ni/FA4UlOJoOe2hJB9MLOSsIGrZOK6GRa
sFfoy6Bn/TIMQ588bXxg0qcWojDKR/E1NxRw/l7mKCXIo1BOekg5F7p1fQZPc+8g
bJNPsFiBVImMTsa/4L3EZN+DMfYVzBd73aQtEXFJahgbY/TpQH5wIsy4tQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPqbkvT0uEbROP4KfUEoKjFttiO9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMS1wdVM5UFM0UnRFNF9ncDlRU2dxTVcyMkk3MC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTIvNTExZjk1LWU0YmYtNDNmMS1hZjJmLWI4MTFjZmNiOWZk
NS8xL1R4c0pYNnRuWXp3Qko5WWY5b1Y0Wk9wckpjVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAR84KgME
AB84VwMEAB84WQMEAB86ITANBgkqhkiG9w0BAQsFAAOCAQEArQYbPtESMghGbTAM
6FFBDNBH5FAq+ewewdgz3edyVvbhVw1RhsD6wooHrjRmXHLFYHWSOTH+Vl38YSss
00LlSC4+6sdUKZdlVN86/0jnmFCpzeSrKh0IfbW+JgzyQ3zAlbNsKNaplJiqVEmo
4xtnSwHT2R/iGlzUvjydmn1ZyjggmciATnsd338RGiP6t6U6afObOGCNT//iOkuF
VJOrTKaXKZ7m9aDhHye7ar3WmGPB/rST8wxIiI8h1+YbXu93YV/OLDWnKNeJ5dA6
Kjvp6ma+O652LKkvx6WZnAt4DcoxXz9JvPTx2bx+vL1hItuuEOPUdJC8992lZwUe
GwINQA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:03 2024 by rpki-client on console-ams.rpki-client.org