Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4veOhKIRitc7-MfbplSswgVVqJs.roa
File: 4veOhKIRitc7-MfbplSswgVVqJs.roa (raw, json)
Hash identifier: /lCpSW3Zao+nNGtht77oTD5a9a16J3r9XZbgqBc1CQA=
Subject key identifier: E2:F7:8E:84:A2:11:8A:D7:3B:F8:C7:DB:A6:54:AC:C2:05:55:A8:9B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428236CDCE67004D4FB629DE9FB6D4C68
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4veOhKIRitc7-MfbplSswgVVqJs.roa
Signing time: Thu 02 Jan 2025 17:49:57 +0000
ROA not before: Thu 02 Jan 2025 17:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213948
IP address blocks: 31.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:6c:dc:e6:70:04:d4:fb:62:9d:e9:fb:6d:4c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e2f78e84a2118ad73bf8c7dba654acc20555a89b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:06:ea:0b:53:2f:a1:83:85:1a:5c:66:ef:a0:
36:04:f4:be:90:35:c2:45:a9:fd:11:78:a1:d8:c5:
65:16:5e:67:c5:ce:23:a4:54:8c:71:61:05:b9:97:
73:95:24:7e:d2:cf:01:8e:6b:4e:ac:2f:e9:55:7d:
e9:8b:ea:d5:24:a7:bb:cb:63:27:49:aa:6e:fe:18:
a2:4f:b9:c8:d0:d3:2d:66:95:dd:36:17:66:49:d0:
0a:87:0a:b3:97:e0:f7:ee:2e:be:2c:a0:59:3e:9e:
38:33:34:1e:a2:7e:bb:97:c5:a1:f5:fc:05:db:26:
51:06:bc:40:94:d1:b1:87:f4:a9:93:e4:e1:fd:49:
b8:c9:2b:7e:8c:c3:f7:30:95:e5:b3:ed:29:06:1a:
54:88:ac:48:57:54:a6:89:71:da:a2:a0:01:6b:8f:
0e:54:a3:f4:07:b8:b7:37:ea:39:81:d9:8b:a7:4b:
84:5d:0d:e6:ee:d6:92:5d:30:a4:8f:a4:f7:1a:ab:
69:0e:04:5f:8c:65:3d:8a:42:f5:81:fc:fc:56:22:
71:15:fe:45:12:60:6c:b4:0e:3d:05:7b:99:8e:26:
d3:f2:d2:40:9b:35:de:a5:c5:1b:6d:c9:ae:16:d4:
e0:35:ca:b2:96:4a:3b:79:4d:ed:df:0a:fd:5f:15:
c0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F7:8E:84:A2:11:8A:D7:3B:F8:C7:DB:A6:54:AC:C2:05:55:A8:9B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4veOhKIRitc7-MfbplSswgVVqJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.59.71.0/24
Signature Algorithm: sha256WithRSAEncryption
69:6c:64:0d:ff:8d:28:4a:d1:2e:33:a3:4d:a2:dc:9e:ac:f6:
4a:29:d4:91:66:1d:d9:43:56:1d:e7:94:24:ee:c2:1b:ab:23:
04:fb:92:e2:a9:ea:29:74:92:f6:9b:d0:d6:14:09:e2:2a:97:
95:7a:8c:a7:d4:fa:1a:64:f8:55:ee:cb:12:ec:1d:63:02:91:
4d:6f:85:22:9e:97:de:3e:41:f6:7c:d7:4f:3b:da:69:65:6d:
b9:ea:f5:3a:52:47:b9:d0:1e:c2:99:3a:99:e5:de:43:8d:0f:
ee:46:ed:89:e2:e6:b7:98:2a:7f:2f:03:30:4a:0e:b7:db:cf:
8d:c6:5f:a2:6d:8d:24:06:c2:85:e9:99:00:76:38:3d:6b:2c:
8b:3a:97:78:31:be:4b:39:5a:e6:a8:07:78:02:ea:eb:56:c5:
cc:9c:4f:75:74:64:41:77:60:95:9f:6b:ab:35:f4:b2:d9:30:
1f:2c:fc:c4:c4:8c:9f:4d:47:77:3b:ad:14:7d:f4:2a:77:f3:
88:31:4f:ad:bc:ed:6c:65:83:02:e1:88:8c:22:67:1a:c3:90:
4d:d9:02:95:f5:fa:2a:b1:c8:fc:ab:61:72:7e:8f:57:d1:00:
b1:e9:bf:6f:db:c3:b4:d0:04:9e:69:ed:9f:7e:6b:ff:c4:e1:
1c:2c:48:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoI2zc5nAE1Ptinen7bUxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmY3OGU4NGEyMTE4YWQ3M2JmOGM3ZGJhNjU0YWNjMjA1NTVhODliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5AbqC1MvoYOFGlxm76A2BPS+kDXC
Ran9EXih2MVlFl5nxc4jpFSMcWEFuZdzlSR+0s8BjmtOrC/pVX3pi+rVJKe7y2Mn
Sapu/hiiT7nI0NMtZpXdNhdmSdAKhwqzl+D37i6+LKBZPp44MzQeon67l8Wh9fwF
2yZRBrxAlNGxh/Spk+Th/Um4ySt+jMP3MJXls+0pBhpUiKxIV1SmiXHaoqABa48O
VKP0B7i3N+o5gdmLp0uEXQ3m7taSXTCkj6T3GqtpDgRfjGU9ikL1gfz8ViJxFf5F
EmBstA49BXuZjibT8tJAmzXepcUbbcmuFtTgNcqylko7eU3t3wr9XxXA7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOL3joSiEYrXO/jH26ZUrMIFVaibMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNHZlT2hLSVJpdGM3LU1mYnBsU3N3Z1ZWcUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHztHMA0G
CSqGSIb3DQEBCwUAA4IBAQBpbGQN/40oStEuM6NNotyerPZKKdSRZh3ZQ1Yd55Qk
7sIbqyME+5LiqeopdJL2m9DWFAniKpeVeoyn1PoaZPhV7ssS7B1jApFNb4Uinpfe
PkH2fNdPO9ppZW256vU6Uke50B7CmTqZ5d5DjQ/uRu2J4ua3mCp/LwMwSg6328+N
xl+ibY0kBsKF6ZkAdjg9ayyLOpd4Mb5LOVrmqAd4AurrVsXMnE91dGRBd2CVn2ur
NfSy2TAfLPzExIyfTUd3O60UffQqd/OIMU+tvO1sZYMC4YiMImcaw5BN2QKV9foq
scj8q2Fyfo9X0QCx6b9v28O00ASeae2ffmv/xOEcLEgX
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:01:20 2025 by rpki-client