Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4Q4SqqNT_1KxyUXz4P46W-mJDi0.roa
File: 4Q4SqqNT_1KxyUXz4P46W-mJDi0.roa (raw, json)
Hash identifier: nT9NoUJnB1nAHsNcOAQi2TC0P/187ZVlXdl7UYZBLR8=
Subject key identifier: E1:0E:12:AA:A3:53:FF:52:B1:C9:45:F3:E0:FE:3A:5B:E9:89:0E:2D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193077F45A3AE61DDECD45A8CC9A6F83943
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4Q4SqqNT_1KxyUXz4P46W-mJDi0.roa
Signing time: Thu 07 Nov 2024 16:40:01 +0000
ROA not before: Thu 07 Nov 2024 16:40:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.57.240.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:7f:45:a3:ae:61:dd:ec:d4:5a:8c:c9:a6:f8:39:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 7 16:40:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e10e12aaa353ff52b1c945f3e0fe3a5be9890e2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5f:e1:4e:78:19:33:7f:c3:51:e3:8f:1a:3e:
60:8a:f7:7d:f3:20:57:2d:da:5d:6b:c3:bb:89:d0:
6b:b1:73:34:80:7f:00:d7:7d:6f:0f:59:7d:ad:ba:
5d:cd:64:42:db:c8:70:48:79:81:cd:98:50:9e:e5:
34:d8:05:3e:31:f2:7c:a8:86:4f:6e:10:05:65:76:
a7:e8:af:39:da:45:56:a9:b4:51:d7:45:80:ca:85:
62:31:b1:04:d0:81:f1:54:43:6e:d5:ec:c4:98:fc:
10:69:9e:e4:35:52:e5:83:7d:2f:87:b5:02:c3:26:
6c:ba:78:ae:a2:14:1b:29:b3:87:46:20:2c:e7:bb:
02:30:6a:c1:c8:44:16:bb:35:a0:7d:a1:fd:43:1d:
9d:c2:67:c3:1b:39:75:c5:ed:fc:9e:4a:43:fa:20:
9d:b7:b7:f4:80:1e:70:ff:88:7d:23:1b:70:2e:56:
77:12:f5:9b:d9:a6:a6:06:9a:3d:d4:cf:98:45:11:
96:09:16:05:6f:f3:48:cc:08:56:19:1c:d2:b4:aa:
13:21:6b:ae:71:d7:af:23:3b:26:5f:14:67:06:f0:
b5:5e:40:5b:62:5f:79:b7:ea:c1:cc:a4:67:08:11:
b4:03:9d:c7:0e:24:f4:05:3f:9d:d8:bf:31:ce:36:
60:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0E:12:AA:A3:53:FF:52:B1:C9:45:F3:E0:FE:3A:5B:E9:89:0E:2D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4Q4SqqNT_1KxyUXz4P46W-mJDi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.153.0/24
31.57.236.0/24
31.57.240.0/24
31.58.43.0/24
31.58.128.0/24
31.58.162.0-31.58.164.255
31.58.166.0/24
31.59.88.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:f8:09:bf:f2:25:bd:f5:46:20:93:54:15:85:5e:b8:50:68:
4c:07:dc:9b:64:83:dd:53:a6:6e:a0:bb:91:cb:e4:c7:69:8e:
82:ab:6f:e0:3b:90:ba:24:e9:ce:bd:84:d2:03:97:c5:c4:7e:
3b:8e:51:fd:e1:9f:31:8f:d8:62:49:9a:ef:17:32:dd:df:c9:
6a:f1:64:18:6a:0d:dd:68:0f:4c:f5:de:cb:33:22:af:a1:a2:
25:ec:3b:c3:25:91:8e:14:59:db:f9:a5:7d:fa:9e:6a:23:1f:
b3:db:7c:13:f9:96:73:82:cd:36:52:43:0b:fc:b9:8a:05:e2:
2e:3b:66:8b:89:44:0b:4e:1d:53:c5:aa:b9:da:99:dd:c5:7d:
9c:20:22:4e:8f:9e:d1:60:b0:68:df:63:7e:c4:59:e1:4f:ce:
50:09:c2:6c:e7:3c:e8:65:fe:bf:64:67:6e:0b:99:05:57:77:
08:d4:20:79:a0:58:e4:7c:7b:92:1b:09:61:f2:d8:1e:d5:c4:
bf:aa:35:c3:28:9b:7c:72:88:f3:5f:b9:0b:1c:b8:e5:b8:cc:
ff:6e:0a:ab:57:d3:25:51:a7:d2:ac:5b:87:32:67:7c:29:c5:
6a:24:10:21:67:2b:ed:75:d2:0f:de:ca:14:50:a4:d3:b3:f0:
cc:45:64:90
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZMHf0WjrmHd7NRajMmm+DlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA3MTY0MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTBlMTJhYWEzNTNmZjUyYjFjOTQ1ZjNlMGZlM2E1YmU5ODkwZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6V/hTngZM3/DUeOPGj5givd98yBX
Ldpda8O7idBrsXM0gH8A131vD1l9rbpdzWRC28hwSHmBzZhQnuU02AU+MfJ8qIZP
bhAFZXan6K852kVWqbRR10WAyoViMbEE0IHxVENu1ezEmPwQaZ7kNVLlg30vh7UC
wyZsuniuohQbKbOHRiAs57sCMGrByEQWuzWgfaH9Qx2dwmfDGzl1xe38nkpD+iCd
t7f0gB5w/4h9IxtwLlZ3EvWb2aamBpo91M+YRRGWCRYFb/NIzAhWGRzStKoTIWuu
cdevIzsmXxRnBvC1XkBbYl95t+rBzKRnCBG0A53HDiT0BT+d2L8xzjZgFwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOEOEqqjU/9SsclF8+D+OlvpiQ4tMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNFE0U3FxTlRfMUt4eVVYejRQNDZXLW1KRGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHzmZAwQA
HznsAwQAHznwAwQAHzorAwQAHzqAMAwDBAEfOqIDBAAfOqQDBAAfOqYDBAAfO1gw
DQYJKoZIhvcNAQELBQADggEBAAz4Cb/yJb31RiCTVBWFXrhQaEwH3Jtkg91Tpm6g
u5HL5MdpjoKrb+A7kLok6c69hNIDl8XEfjuOUf3hnzGP2GJJmu8XMt3fyWrxZBhq
Dd1oD0z13sszIq+hoiXsO8MlkY4UWdv5pX36nmojH7PbfBP5lnOCzTZSQwv8uYoF
4i47ZouJRAtOHVPFqrnamd3FfZwgIk6PntFgsGjfY37EWeFPzlAJwmznPOhl/r9k
Z24LmQVXdwjUIHmgWOR8e5IbCWHy2B7VxL+qNcMom3xyiPNfuQscuOW4zP9uCqtX
0yVRp9KsW4cyZ3wpxWokECFnK+110g/eyhRQpNOz8MxFZJA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:12 2024 by rpki-client on console-fra.rpki-client.org