Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6xvypo267CEpNX2ImVyIFGb1MBo.roa
File: 6xvypo267CEpNX2ImVyIFGb1MBo.roa (raw, json)
Hash identifier: Oo0BkN4oLU3UXbOiT1TfkISnIoPkeZls9bncfD9r1Pk=
Subject key identifier: EB:1B:F2:A6:8D:BA:EC:21:29:35:7D:88:99:5C:88:14:66:F5:30:1A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01942823886F11258425C6A7A0D757D7AF38
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6xvypo267CEpNX2ImVyIFGb1MBo.roa
Signing time: Thu 02 Jan 2025 17:50:04 +0000
ROA not before: Thu 02 Jan 2025 17:50:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 31.56.140.0/24 maxlen: 24
31.56.147.0/24 maxlen: 24
31.57.78.0/24 maxlen: 24
31.57.79.0/24 maxlen: 24
31.57.80.0/24 maxlen: 24
31.57.81.0/24 maxlen: 24
31.57.85.0/24 maxlen: 24
31.57.86.0/24 maxlen: 24
31.57.87.0/24 maxlen: 24
31.58.10.0/24 maxlen: 24
31.58.16.0/24 maxlen: 24
31.58.19.0/24 maxlen: 24
31.58.20.0/24 maxlen: 24
31.58.21.0/24 maxlen: 24
31.58.26.0/24 maxlen: 24
31.58.29.0/24 maxlen: 24
31.58.30.0/24 maxlen: 24
31.58.167.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.18.0/24 maxlen: 24
31.59.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:88:6f:11:25:84:25:c6:a7:a0:d7:57:d7:af:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb1bf2a68dbaec2129357d88995c881466f5301a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:81:15:fa:52:70:52:87:df:6d:9c:d1:65:39:
ae:6d:36:3e:61:2d:cc:f7:9d:a6:7f:87:68:71:76:
a7:ca:9a:dc:b0:7d:a7:d8:22:f7:7f:97:36:73:98:
76:c7:9d:3b:ef:2a:a1:4f:f2:8f:50:bd:3c:ee:13:
bb:99:05:fa:ca:91:05:df:76:40:17:00:e4:62:32:
03:8e:74:ea:e3:f8:f4:14:be:23:1d:ef:48:95:92:
48:66:01:62:80:b9:37:2b:1a:44:cf:7d:7d:18:b9:
61:5c:e1:dd:6d:8e:3a:76:7d:6d:68:36:78:c9:08:
49:03:8d:8d:ba:10:22:c4:3d:eb:63:e4:08:c9:79:
75:3a:21:b9:78:fe:8a:8e:77:bf:51:19:ac:23:80:
90:58:a0:30:c0:5d:b4:a2:b0:4d:40:9a:99:db:f4:
78:e9:bd:48:08:e3:32:51:33:fc:ba:a8:b9:42:2c:
da:01:c1:bf:aa:c2:85:6b:e5:14:dc:0a:b9:e1:06:
1c:d5:59:6c:b0:47:4d:e3:02:08:44:f1:f0:0c:d9:
a0:4a:6a:44:50:27:19:89:46:41:22:81:f9:5b:d5:
d0:75:2d:8e:95:b2:3d:b8:04:0c:65:e2:87:0d:c1:
3d:da:ac:e8:f8:7a:b4:16:88:85:74:79:84:71:a3:
02:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:1B:F2:A6:8D:BA:EC:21:29:35:7D:88:99:5C:88:14:66:F5:30:1A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/6xvypo267CEpNX2ImVyIFGb1MBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.140.0/24
31.56.147.0/24
31.57.78.0-31.57.81.255
31.57.85.0-31.57.87.255
31.58.10.0/24
31.58.16.0/24
31.58.19.0-31.58.21.255
31.58.26.0/24
31.58.29.0-31.58.30.255
31.58.167.0/24
31.59.13.0/24
31.59.18.0/24
31.59.24.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:d8:48:5c:8e:90:5b:e2:7e:73:82:42:be:8c:c6:9f:3d:8d:
5d:f0:76:19:cd:7d:6b:35:59:e2:54:4c:87:af:a3:db:f1:65:
53:53:07:15:83:18:00:02:94:cf:fd:e0:25:99:8b:dc:15:a9:
1e:99:1e:bc:d2:61:70:c0:6d:57:e1:78:45:a0:10:61:d8:fb:
b3:c8:da:de:68:36:bf:71:5f:64:46:7f:fa:12:e9:15:98:a9:
0f:a3:19:06:82:09:1d:6f:36:f1:9c:be:69:8c:61:4b:4e:18:
df:93:3f:01:5d:7e:be:1d:6e:1b:60:be:56:a5:7a:50:b4:a5:
da:32:dd:df:a9:32:73:95:e2:81:fc:6d:3b:3d:b0:dc:48:46:
e8:81:c9:6f:be:52:e2:9f:99:3c:57:14:2d:1f:30:f8:d9:5e:
42:24:9d:43:60:08:c8:d4:da:67:21:53:a1:5d:c4:3c:83:c3:
c0:a5:c4:b6:f1:da:b4:ab:81:22:1d:3b:b1:87:77:5f:8d:fc:
ef:e1:47:3e:71:ec:b4:f0:41:51:14:24:84:09:90:20:13:e7:
f8:f4:5d:81:75:81:ec:0f:7f:d8:79:44:8f:39:23:c0:72:cf:
97:1a:b1:5c:b5:9e:74:23:13:db:a7:cb:6e:af:10:54:34:0e:
6d:52:8c:49
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZQoI4hvESWEJcanoNdX1684MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjFiZjJhNjhkYmFlYzIxMjkzNTdkODg5OTVjODgxNDY2ZjUzMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oEV+lJwUoffbZzRZTmubTY+YS3M
952mf4docXanyprcsH2n2CL3f5c2c5h2x5077yqhT/KPUL087hO7mQX6ypEF33ZA
FwDkYjIDjnTq4/j0FL4jHe9IlZJIZgFigLk3KxpEz319GLlhXOHdbY46dn1taDZ4
yQhJA42NuhAixD3rY+QIyXl1OiG5eP6Kjne/URmsI4CQWKAwwF20orBNQJqZ2/R4
6b1ICOMyUTP8uqi5QizaAcG/qsKFa+UU3Aq54QYc1VlssEdN4wIIRPHwDNmgSmpE
UCcZiUZBIoH5W9XQdS2OlbI9uAQMZeKHDcE92qzo+Hq0FoiFdHmEcaMCLQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFOsb8qaNuuwhKTV9iJlciBRm9TAaMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNnh2eXBvMjY3Q0VwTlgySW1WeUlGR2IxTUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAB84jAME
AB84kzAMAwQBHzlOAwQBHzlQMAwDBAAfOVUDBAMfOVADBAAfOgoDBAAfOhAwDAME
AB86EwMEAR86FAMEAB86GjAMAwQAHzodAwQAHzoeAwQAHzqnAwQAHzsNAwQAHzsS
AwQAHzsYMA0GCSqGSIb3DQEBCwUAA4IBAQC32EhcjpBb4n5zgkK+jMafPY1d8HYZ
zX1rNVniVEyHr6Pb8WVTUwcVgxgAApTP/eAlmYvcFakemR680mFwwG1X4XhFoBBh
2PuzyNreaDa/cV9kRn/6EukVmKkPoxkGggkdbzbxnL5pjGFLThjfkz8BXX6+HW4b
YL5WpXpQtKXaMt3fqTJzleKB/G07PbDcSEbogclvvlLin5k8VxQtHzD42V5CJJ1D
YAjI1NpnIVOhXcQ8g8PApcS28dq0q4EiHTuxh3dfjfzv4Uc+cey08EFRFCSECZAg
E+f49F2BdYHsD3/YeUSPOSPAcs+XGrFctZ50IxPbp8turxBUNA5tUoxJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:12:15 2025 by rpki-client