Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2gPro6lUtYmsQUtQhE3shL1aSng.roa
File: 2gPro6lUtYmsQUtQhE3shL1aSng.roa (raw, json)
Hash identifier: DHprrMRUdpwHwTVU2wSfSrr0o41oF4NVHdqeqNhMHyk=
Subject key identifier: DA:03:EB:A3:A9:54:B5:89:AC:41:4B:50:84:4D:EC:84:BD:5A:4A:78
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428236505B6C44770DF758F8372AE3F56
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2gPro6lUtYmsQUtQhE3shL1aSng.roa
Signing time: Thu 02 Jan 2025 17:49:55 +0000
ROA not before: Thu 02 Jan 2025 17:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 31.57.0.0/24 maxlen: 24
31.57.1.0/24 maxlen: 24
31.57.2.0/24 maxlen: 24
31.57.3.0/24 maxlen: 24
31.57.4.0/24 maxlen: 24
31.57.5.0/24 maxlen: 24
31.57.6.0/24 maxlen: 24
31.57.7.0/24 maxlen: 24
31.57.8.0/24 maxlen: 24
31.57.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:65:05:b6:c4:47:70:df:75:8f:83:72:ae:3f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da03eba3a954b589ac414b50844dec84bd5a4a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:f2:8b:e1:ea:09:53:e1:12:1c:1e:81:eb:
6c:bc:78:bf:f6:1d:6c:41:5f:be:d4:2e:b7:c5:17:
67:0a:74:8a:f7:1d:5a:db:3a:0e:2d:0d:06:20:4b:
9c:da:c7:b1:cc:c1:f3:07:52:88:40:ed:88:01:74:
e0:4b:ac:a9:11:9b:16:60:cc:c4:5d:5b:73:57:a2:
64:ad:aa:04:76:b4:d6:45:76:33:e5:9d:90:30:13:
b4:17:0a:aa:b3:fd:0c:1d:86:2c:c1:3b:30:5b:f9:
58:a3:b6:cf:ba:3a:84:20:5b:d0:80:26:c2:4e:e3:
70:3f:ae:76:c1:92:60:92:56:76:2a:38:01:26:cd:
7a:10:99:f0:5a:42:eb:b1:8b:eb:1c:7f:e8:c1:80:
0b:e1:df:26:75:69:75:48:99:d2:16:64:d2:75:af:
88:2f:2e:b4:2e:69:44:86:7c:e4:2b:7b:4b:b6:01:
ae:78:51:c4:50:e4:09:21:95:7f:08:99:f4:9c:9f:
d2:3a:fc:7a:9d:a1:fd:18:7a:c7:72:7f:ed:dd:d1:
0d:ca:3b:51:62:24:46:d3:a9:44:86:94:0e:d1:bc:
d9:77:34:cf:52:0f:cf:c2:09:5d:56:cc:8f:71:a7:
a8:3b:c3:35:e0:6d:ce:16:10:e5:00:8b:e4:c6:60:
78:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:03:EB:A3:A9:54:B5:89:AC:41:4B:50:84:4D:EC:84:BD:5A:4A:78
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/2gPro6lUtYmsQUtQhE3shL1aSng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.0.0-31.57.9.255
Signature Algorithm: sha256WithRSAEncryption
09:7a:6c:bb:ad:cf:d0:6e:be:6f:6e:31:62:a9:ed:89:96:65:
f8:e6:66:07:9f:df:fd:e2:a2:72:b7:9f:0c:10:34:03:11:be:
17:0d:54:b4:c3:6c:3c:c3:cc:a1:ad:1e:3b:11:05:ef:91:cb:
53:61:24:43:f4:e4:43:4f:0f:66:c8:63:5b:82:77:8b:aa:c0:
18:38:c7:ab:74:ef:68:bc:2d:61:e8:11:5b:8a:55:11:a9:09:
c1:aa:fb:dd:1a:ff:26:a4:30:29:66:c4:02:ea:fc:39:85:42:
d9:15:64:78:ed:72:0c:8c:c6:4a:9a:f7:09:a1:e8:13:c0:d3:
06:cd:52:49:a0:78:58:8a:7e:5d:17:dc:f0:de:28:79:34:b5:
1e:e5:57:27:44:f8:57:47:4f:03:90:fc:3c:2c:e7:0a:97:74:
b7:34:3b:74:a0:51:e5:f2:66:ae:c6:c5:b5:bd:84:85:bb:85:
c1:90:2e:08:f1:99:3b:cc:b6:e2:dc:23:a7:38:ec:1f:e9:4e:
dd:7b:a5:e4:c9:b9:35:bb:c7:d7:51:e2:1a:e8:3d:59:5e:ee:
c3:46:86:87:62:1d:09:23:93:67:53:1e:7e:ad:69:4c:7f:87:
fa:08:77:08:04:9e:e7:a2:6f:9c:aa:19:7c:22:89:9b:3b:83:
56:72:93:83
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQoI2UFtsRHcN91j4Nyrj9WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTAzZWJhM2E5NTRiNTg5YWM0MTRiNTA4NDRkZWM4NGJkNWE0YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpLyi+HqCVPhEhwegetsvHi/9h1s
QV++1C63xRdnCnSK9x1a2zoOLQ0GIEuc2sexzMHzB1KIQO2IAXTgS6ypEZsWYMzE
XVtzV6JkraoEdrTWRXYz5Z2QMBO0Fwqqs/0MHYYswTswW/lYo7bPujqEIFvQgCbC
TuNwP652wZJgklZ2KjgBJs16EJnwWkLrsYvrHH/owYAL4d8mdWl1SJnSFmTSda+I
Ly60LmlEhnzkK3tLtgGueFHEUOQJIZV/CJn0nJ/SOvx6naH9GHrHcn/t3dENyjtR
YiRG06lEhpQO0bzZdzTPUg/PwgldVsyPcaeoO8M14G3OFhDlAIvkxmB4YQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFNoD66OpVLWJrEFLUIRN7IS9Wkp4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvMmdQcm82bFV0WW1zUVV0UWhFM3NoTDFhU25nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwAfOQME
AR85CDANBgkqhkiG9w0BAQsFAAOCAQEACXpsu63P0G6+b24xYqntiZZl+OZmB5/f
/eKicrefDBA0AxG+Fw1UtMNsPMPMoa0eOxEF75HLU2EkQ/TkQ08PZshjW4J3i6rA
GDjHq3TvaLwtYegRW4pVEakJwar73Rr/JqQwKWbEAur8OYVC2RVkeO1yDIzGSpr3
CaHoE8DTBs1SSaB4WIp+XRfc8N4oeTS1HuVXJ0T4V0dPA5D8PCznCpd0tzQ7dKBR
5fJmrsbFtb2EhbuFwZAuCPGZO8y24twjpzjsH+lO3Xul5Mm5NbvH11HiGug9WV7u
w0aGh2IdCSOTZ1Mefq1pTH+H+gh3CASe56JvnKoZfCKJmzuDVnKTgw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:58:37 2025 by rpki-client