Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6QEroPraRoA5djxRs5GDL3g2mLo.roa
File: 6QEroPraRoA5djxRs5GDL3g2mLo.roa (raw, json)
Hash identifier: lu+0DpNmDQ+1WsqGDePYk0szuq3+VorX7fHEGyMOsh4=
Subject key identifier: E9:01:2B:A0:FA:DA:46:80:39:76:3C:51:B3:91:83:2F:78:36:98:BA
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282380CBA70BA90BA741DFF0D80A3BFD
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6QEroPraRoA5djxRs5GDL3g2mLo.roa
Signing time: Thu 02 Jan 2025 17:50:02 +0000
ROA not before: Thu 02 Jan 2025 17:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 31.56.141.0/24 maxlen: 24
31.57.155.0/24 maxlen: 24
31.57.160.0/24 maxlen: 24
31.57.161.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.59.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:80:cb:a7:0b:a9:0b:a7:41:df:f0:d8:0a:3b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9012ba0fada468039763c51b391832f783698ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:74:4d:66:86:d4:92:f2:60:02:86:8c:ff:2c:
05:0b:5b:62:9f:2d:ea:89:f8:e4:86:d9:d6:fa:b1:
39:f2:c1:9d:78:5c:5c:f9:83:59:6b:4f:52:75:67:
01:e1:e0:2b:e7:c7:0d:ce:19:35:99:9c:3a:9b:8e:
65:03:f1:ef:a9:66:e6:f7:22:38:d9:ec:5e:fa:70:
a1:20:52:d3:2a:c7:01:6c:7b:c4:94:52:d9:3f:34:
9a:22:d6:6b:06:e4:05:35:b6:95:28:e9:1a:ce:0c:
26:98:ee:83:ce:99:9a:81:0e:9a:cd:1f:12:4f:f3:
b0:0e:95:c4:59:81:13:c5:cb:60:d9:f5:0c:a3:4c:
04:0a:80:d3:80:20:13:f4:84:6c:3f:c8:31:f6:1f:
66:ea:83:53:bc:74:f1:28:12:33:0a:57:cc:d2:c1:
79:5c:b7:d6:8c:7a:e8:cb:16:7b:62:1e:d6:27:51:
e5:e9:dc:9d:ec:82:20:20:ef:1e:98:69:a7:4a:a6:
9e:db:0e:05:d8:0d:f0:fb:70:75:00:aa:d8:18:0d:
6d:b7:03:b0:f1:b2:a3:ce:88:69:c0:90:f7:82:f1:
a5:4c:22:b3:24:d1:97:a8:ce:9c:ef:a8:8d:f0:03:
45:40:d4:e6:20:03:c1:1b:93:fe:1f:5f:ce:b8:95:
5d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:01:2B:A0:FA:DA:46:80:39:76:3C:51:B3:91:83:2F:78:36:98:BA
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6QEroPraRoA5djxRs5GDL3g2mLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.141.0/24
31.57.155.0/24
31.57.160.0/23
31.57.206.0/24
31.59.99.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:63:d9:24:85:f8:fd:5d:3a:de:1a:4a:ee:3a:d2:a9:cf:1d:
30:80:f6:cd:85:73:46:7e:e9:4d:de:02:2c:a6:17:a9:83:4f:
29:d1:5f:4e:ca:2f:c0:33:e6:14:b1:c5:49:27:1b:39:be:c7:
d8:5e:4f:e3:d3:ad:96:82:28:7c:52:47:cf:52:a7:26:c0:a4:
64:87:0b:60:ce:86:2e:fd:56:17:8d:58:53:e1:01:fc:a3:82:
ac:f5:d3:f2:79:95:76:fb:14:c4:b1:cb:8b:68:de:a8:f5:ee:
96:6a:d1:c0:7e:a9:66:26:6b:6e:23:25:df:46:e1:7d:b1:50:
21:b1:91:a2:44:bf:ef:7b:ab:f8:f3:2e:c9:6c:3d:0b:31:60:
b6:a3:ea:0e:80:de:e3:53:08:40:1d:97:ea:dd:1c:bf:e8:f1:
7a:b3:32:4f:b5:52:bc:11:ce:f1:1b:5e:11:2d:38:cf:cd:e7:
d6:17:b4:cd:79:47:fb:11:21:e1:55:a3:c7:93:10:45:16:16:
ad:be:10:28:27:61:25:a2:02:f3:40:47:f6:2b:e6:ab:6b:aa:
9f:83:8e:50:0a:7e:f6:79:77:36:03:46:dd:0e:52:19:03:7e:
de:a5:a1:f9:e6:10:1e:c9:f3:c8:29:41:36:5f:f7:e0:8c:ac:
b4:bf:69:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQoI4DLpwupC6dB3/DYCjv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTAxMmJhMGZhZGE0NjgwMzk3NjNjNTFiMzkxODMyZjc4MzY5OGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnRNZobUkvJgAoaM/ywFC1tiny3q
ifjkhtnW+rE58sGdeFxc+YNZa09SdWcB4eAr58cNzhk1mZw6m45lA/HvqWbm9yI4
2exe+nChIFLTKscBbHvElFLZPzSaItZrBuQFNbaVKOkazgwmmO6DzpmagQ6azR8S
T/OwDpXEWYETxctg2fUMo0wECoDTgCAT9IRsP8gx9h9m6oNTvHTxKBIzClfM0sF5
XLfWjHroyxZ7Yh7WJ1Hl6dyd7IIgIO8emGmnSqae2w4F2A3w+3B1AKrYGA1ttwOw
8bKjzohpwJD3gvGlTCKzJNGXqM6c76iN8ANFQNTmIAPBG5P+H1/OuJVdFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOkBK6D62kaAOXY8UbORgy94Npi6MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNlFFcm9QcmFSb0E1ZGp4UnM1R0RMM2cybUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHziNAwQA
HzmbAwQBHzmgAwQAHznOAwQAHztjMA0GCSqGSIb3DQEBCwUAA4IBAQCqY9kkhfj9
XTreGkruOtKpzx0wgPbNhXNGfulN3gIsphepg08p0V9Oyi/AM+YUscVJJxs5vsfY
Xk/j062Wgih8UkfPUqcmwKRkhwtgzoYu/VYXjVhT4QH8o4Ks9dPyeZV2+xTEscuL
aN6o9e6WatHAfqlmJmtuIyXfRuF9sVAhsZGiRL/ve6v48y7JbD0LMWC2o+oOgN7j
UwhAHZfq3Ry/6PF6szJPtVK8Ec7xG14RLTjPzefWF7TNeUf7ESHhVaPHkxBFFhat
vhAoJ2ElogLzQEf2K+ara6qfg45QCn72eXc2A0bdDlIZA37epaH55hAeyfPIKUE2
X/fgjKy0v2kE
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:11:39 2025 by rpki-client