Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ej4O1ezXQBtjIb8UyL498KnzQns.roa
File: Ej4O1ezXQBtjIb8UyL498KnzQns.roa (raw, json)
Hash identifier: tQyx2IlmWdaWuk3m2XDp/u+z4fg5CKe0gferfuLSKeU=
Subject key identifier: 12:3E:0E:D5:EC:D7:40:1B:63:21:BF:14:C8:BE:3D:F0:A9:F3:42:7B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01945149B3149F459A8CA9210A4C14AD847D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ej4O1ezXQBtjIb8UyL498KnzQns.roa
Signing time: Fri 10 Jan 2025 17:36:11 +0000
ROA not before: Fri 10 Jan 2025 17:36:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 31.56.139.0/24 maxlen: 24
31.57.90.0/24 maxlen: 24
31.58.72.0/22 maxlen: 24
31.58.108.0/22 maxlen: 24
31.58.124.0/22 maxlen: 24
31.58.136.0/24 maxlen: 24
31.59.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:51:49:b3:14:9f:45:9a:8c:a9:21:0a:4c:14:ad:84:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 10 17:36:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=123e0ed5ecd7401b6321bf14c8be3df0a9f3427b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7e:dc:14:b5:d7:d6:57:0c:04:82:b6:bc:ea:
70:21:0c:c8:15:ab:9d:d3:55:ed:2e:e8:19:d1:2a:
21:ef:f4:10:98:38:69:06:92:fe:07:48:c7:dc:f7:
ee:4a:c3:61:9b:ee:b2:bc:54:d8:dd:e4:fb:f0:b5:
82:7b:46:b8:16:f0:97:0f:ae:7e:59:f8:c3:04:2f:
90:59:6d:0f:cc:90:6b:7f:f9:0e:39:ec:cf:70:08:
6a:f1:c2:b0:b0:1e:9e:22:f2:15:4c:ae:b7:b2:a0:
07:c3:94:93:8f:89:6d:8f:be:98:72:12:f9:3f:7e:
11:d5:39:2d:7f:a5:d5:ab:bd:2b:f6:f2:da:2b:37:
f8:0e:b7:bb:89:c0:72:8b:ca:e4:df:72:cc:91:e1:
d2:d1:29:56:66:aa:f0:ab:10:68:ec:32:07:24:82:
1c:72:9f:5e:7c:55:ca:d5:96:ee:fc:e8:b1:dd:cb:
36:6d:c2:af:79:c1:a9:42:39:02:c6:1e:dc:0f:4a:
2b:46:0a:cf:3b:f0:1c:7a:ce:aa:f9:15:2e:11:9a:
3d:7d:fe:ac:e1:a0:04:ac:c1:67:49:ec:ff:53:57:
29:f0:66:35:ce:35:b3:c9:41:c8:28:b5:5f:8b:4b:
8d:9c:4c:4c:b3:60:18:8e:77:87:d6:df:ff:d7:d6:
43:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:3E:0E:D5:EC:D7:40:1B:63:21:BF:14:C8:BE:3D:F0:A9:F3:42:7B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Ej4O1ezXQBtjIb8UyL498KnzQns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.139.0/24
31.57.90.0/24
31.58.72.0/22
31.58.108.0/22
31.58.124.0/22
31.58.136.0/24
31.59.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:76:53:cc:5c:5d:a4:de:c3:17:ab:7e:fe:f4:a9:21:a0:b5:
67:16:00:ff:07:96:f9:28:0a:e0:c4:37:ac:35:dc:95:c4:3d:
29:a9:f3:23:d1:ea:99:62:c6:d8:9a:d2:5d:b5:cf:3d:33:e0:
55:0f:42:7f:9e:d5:f7:36:51:3b:63:e7:90:aa:81:07:22:ee:
c3:8c:ef:88:65:29:1d:86:cb:ec:13:d9:b4:3b:88:f0:11:2b:
84:83:8d:18:b9:39:73:34:22:2c:2e:38:ef:91:0a:1a:0f:2a:
c2:1f:54:4f:08:0d:cb:7b:94:80:c5:51:30:7a:d8:00:a7:d0:
db:d9:db:7b:df:f9:56:8d:8c:81:9e:b8:2f:b7:d2:99:1b:1d:
be:d7:0c:ab:f3:9e:4a:b9:93:bc:79:86:1c:f0:6c:55:43:77:
49:95:55:eb:cf:9e:5a:d6:8d:45:9d:41:5c:2e:e9:b3:c1:28:
8d:9d:a9:0f:d1:35:12:17:29:8a:3f:15:b0:47:6f:53:92:5c:
b7:7e:44:7f:29:b5:22:4f:42:b9:a7:3b:2f:09:c0:61:91:93:
d4:5e:2e:ea:3e:c4:48:e2:0b:c7:c4:f3:65:19:69:f0:1f:0c:
7d:a4:e4:e8:fa:14:6e:b4:01:7d:44:50:d2:2f:9b:b5:e8:59:
9c:6e:a1:8a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZRRSbMUn0WajKkhCkwUrYR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTEwMTczNjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjNlMGVkNWVjZDc0MDFiNjMyMWJmMTRjOGJlM2RmMGE5ZjM0MjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk37cFLXX1lcMBIK2vOpwIQzIFaud
01XtLugZ0Soh7/QQmDhpBpL+B0jH3PfuSsNhm+6yvFTY3eT78LWCe0a4FvCXD65+
WfjDBC+QWW0PzJBrf/kOOezPcAhq8cKwsB6eIvIVTK63sqAHw5STj4ltj76YchL5
P34R1Tktf6XVq70r9vLaKzf4Dre7icByi8rk33LMkeHS0SlWZqrwqxBo7DIHJIIc
cp9efFXK1Zbu/Oix3cs2bcKvecGpQjkCxh7cD0orRgrPO/Aces6q+RUuEZo9ff6s
4aAErMFnSez/U1cp8GY1zjWzyUHIKLVfi0uNnExMs2AYjneH1t//19ZDBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBI+DtXs10AbYyG/FMi+PfCp80J7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRWo0TzFlelhRQnRqSWI4VXlMNDk4S256UW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHziLAwQA
HzlaAwQCHzpIAwQCHzpsAwQCHzp8AwQAHzqIAwQAHzsLMA0GCSqGSIb3DQEBCwUA
A4IBAQBOdlPMXF2k3sMXq37+9KkhoLVnFgD/B5b5KArgxDesNdyVxD0pqfMj0eqZ
YsbYmtJdtc89M+BVD0J/ntX3NlE7Y+eQqoEHIu7DjO+IZSkdhsvsE9m0O4jwESuE
g40YuTlzNCIsLjjvkQoaDyrCH1RPCA3Le5SAxVEwetgAp9Db2dt73/lWjYyBnrgv
t9KZGx2+1wyr855KuZO8eYYc8GxVQ3dJlVXrz55a1o1FnUFcLumzwSiNnakP0TUS
FymKPxWwR29Tkly3fkR/KbUiT0K5pzsvCcBhkZPUXi7qPsRI4gvHxPNlGWnwHwx9
pOTo+hRutAF9RFDSL5u16FmcbqGK
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:11:07 2025 by rpki-client