Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CmIST6Wv7aITnYre9HQPrcetjBk.roa
File: CmIST6Wv7aITnYre9HQPrcetjBk.roa (raw, json)
Hash identifier: 96kqKANeqUnKwv6fJV4K/OaP/SywxnIaAgY/5eKva0I=
Subject key identifier: 0A:62:12:4F:A5:AF:ED:A2:13:9D:8A:DE:F4:74:0F:AD:C7:AD:8C:19
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195A7CD1482C9B1F9FC8A1156031A8D260F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CmIST6Wv7aITnYre9HQPrcetjBk.roa
Signing time: Tue 18 Mar 2025 05:49:49 +0000
ROA not before: Tue 18 Mar 2025 05:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4637
IP address blocks: 31.58.172.0/23 maxlen: 24
31.58.174.0/23 maxlen: 24
31.59.76.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:a7:cd:14:82:c9:b1:f9:fc:8a:11:56:03:1a:8d:26:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 18 05:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a62124fa5afeda2139d8adef4740fadc7ad8c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:ad:80:90:30:3b:ec:92:1a:04:fd:6f:88:
f2:fc:a8:da:df:0e:9b:43:0f:51:36:b2:61:c9:45:
00:15:42:29:b5:0c:de:34:5d:cc:65:bf:7c:27:02:
02:2f:6f:49:9c:95:fe:85:b8:c9:12:02:ed:e8:a5:
b2:e9:81:de:2e:d2:ae:fb:31:07:fd:fe:08:24:63:
2a:2c:b9:03:a6:96:81:cb:23:b9:56:4d:0b:30:22:
51:b5:13:f5:ba:02:d8:70:ea:f7:85:f7:53:bd:9e:
b3:e0:89:55:e3:25:1c:a1:77:86:23:94:e6:0d:0e:
02:b8:13:9e:a0:52:62:29:37:6e:00:c8:d1:a8:a1:
ba:dc:24:32:31:e3:88:88:ec:cf:af:ad:54:1b:d6:
7e:a8:e2:fc:2d:da:02:6e:e6:4a:fb:9e:c8:ce:6b:
0a:7a:6f:ea:5c:d4:82:4f:9a:e9:23:35:c3:5c:51:
d8:7e:38:57:35:4f:80:d6:17:27:3a:05:07:de:69:
15:77:21:3e:56:08:c9:66:1a:44:c1:ce:ae:52:07:
37:56:89:11:a0:b4:a0:1e:c9:28:cd:27:78:84:40:
2d:97:bc:4f:65:44:20:7e:48:95:ac:bc:3b:d2:48:
d9:ac:aa:94:7b:a9:8e:ea:f5:35:e0:55:50:3c:35:
c6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:62:12:4F:A5:AF:ED:A2:13:9D:8A:DE:F4:74:0F:AD:C7:AD:8C:19
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/CmIST6Wv7aITnYre9HQPrcetjBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.172.0/22
31.59.76.0/23
Signature Algorithm: sha256WithRSAEncryption
53:a8:f1:77:40:59:c9:26:4c:46:73:07:4e:5f:4b:34:27:22:
49:7f:c2:95:0b:63:0f:8c:54:fc:fb:b0:32:4e:db:ab:fd:fb:
77:3b:d4:4d:a5:82:05:af:6e:1d:a9:95:63:c9:67:13:f9:2e:
5d:62:65:be:6c:e4:ae:75:78:7f:94:64:a0:94:5c:c3:e3:60:
83:68:6f:d6:0c:36:7f:9c:63:58:02:56:1c:a0:82:ed:72:c4:
15:d4:ce:90:58:a9:a3:3e:6c:a6:86:ea:7f:f4:08:80:92:6a:
50:c3:53:4d:00:f9:f5:8a:e1:30:25:ca:a9:10:06:6f:7b:2d:
ec:22:f5:f7:56:e5:85:38:cc:02:4d:67:89:10:47:0c:2a:b3:
6f:c7:1a:3b:c8:63:8e:69:e1:d6:68:0c:55:80:9a:cc:c0:4e:
73:2f:ee:bd:fe:b0:c4:a2:1a:15:e6:10:b5:f7:b6:46:4f:aa:
b0:50:f4:d5:03:d3:fe:f2:9b:91:cc:89:7b:23:c5:3a:12:d8:
43:43:7b:65:95:15:1a:dd:03:2b:a5:0d:70:69:1a:14:76:58:
82:19:73:28:26:6c:40:3d:19:7a:fd:a9:8c:95:d9:8b:8c:3e:
2f:d5:bc:86:57:e6:cf:ff:be:80:2e:02:16:7a:25:f2:30:75:
54:b3:0b:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWnzRSCybH5/IoRVgMajSYPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE4MDU0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTYyMTI0ZmE1YWZlZGEyMTM5ZDhhZGVmNDc0MGZhZGM3YWQ4YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt46tgJAwO+ySGgT9b4jy/Kja3w6b
Qw9RNrJhyUUAFUIptQzeNF3MZb98JwICL29JnJX+hbjJEgLt6KWy6YHeLtKu+zEH
/f4IJGMqLLkDppaByyO5Vk0LMCJRtRP1ugLYcOr3hfdTvZ6z4IlV4yUcoXeGI5Tm
DQ4CuBOeoFJiKTduAMjRqKG63CQyMeOIiOzPr61UG9Z+qOL8LdoCbuZK+57IzmsK
em/qXNSCT5rpIzXDXFHYfjhXNU+A1hcnOgUH3mkVdyE+VgjJZhpEwc6uUgc3VokR
oLSgHskozSd4hEAtl7xPZUQgfkiVrLw70kjZrKqUe6mO6vU14FVQPDXG1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFApiEk+lr+2iE52K3vR0D63HrYwZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvQ21JU1Q2V3Y3YUlUbllyZTlIUVByY2V0akJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCHzqsAwQB
HztMMA0GCSqGSIb3DQEBCwUAA4IBAQBTqPF3QFnJJkxGcwdOX0s0JyJJf8KVC2MP
jFT8+7AyTtur/ft3O9RNpYIFr24dqZVjyWcT+S5dYmW+bOSudXh/lGSglFzD42CD
aG/WDDZ/nGNYAlYcoILtcsQV1M6QWKmjPmymhup/9AiAkmpQw1NNAPn1iuEwJcqp
EAZvey3sIvX3VuWFOMwCTWeJEEcMKrNvxxo7yGOOaeHWaAxVgJrMwE5zL+69/rDE
ohoV5hC197ZGT6qwUPTVA9P+8puRzIl7I8U6EthDQ3tllRUa3QMrpQ1waRoUdliC
GXMoJmxAPRl6/amMldmLjD4v1byGV+bP/76ALgIWeiXyMHVUswtq
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:42:21 2025 by rpki-client