Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I0u8FsqttZ-DByMF6fxxztW9N2w.roa
File: I0u8FsqttZ-DByMF6fxxztW9N2w.roa (raw, json)
Hash identifier: P1pQgzE7HVGisb+Om98xfd13JFIscqb8nLwKaYyQAm8=
Subject key identifier: 23:4B:BC:16:CA:AD:B5:9F:83:07:23:05:E9:FC:71:CE:D5:BD:37:6C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282334766CD3B70F73CBAB93814D2C1A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I0u8FsqttZ-DByMF6fxxztW9N2w.roa
Signing time: Thu 02 Jan 2025 17:49:43 +0000
ROA not before: Thu 02 Jan 2025 17:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.59.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:34:76:6c:d3:b7:0f:73:cb:ab:93:81:4d:2c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=234bbc16caadb59f83072305e9fc71ced5bd376c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fa:0b:4c:9f:0d:87:23:3c:c2:64:e8:23:34:
d4:5e:23:7e:80:37:ec:02:cf:7d:0e:d0:83:31:a7:
1e:03:44:be:3e:f9:c0:ed:b8:65:df:4e:b0:1c:df:
08:e2:df:77:5b:99:1d:c2:10:fb:75:7f:d9:17:9a:
ba:2e:e5:9a:19:29:6b:c7:14:49:d6:e2:bd:d9:5a:
9a:b4:be:de:55:0b:80:c2:d2:85:b0:ea:15:58:df:
39:b2:b6:28:3a:24:04:f6:06:c5:7e:d5:3a:8e:ec:
ac:38:0c:a6:be:ad:0c:33:98:44:52:44:54:95:71:
62:ac:27:ac:b1:a2:b0:e6:30:83:65:27:e5:e1:25:
5e:48:c5:90:eb:a2:c3:8d:82:6a:e2:c7:9b:49:59:
57:4a:11:a1:22:9d:45:58:0f:42:16:97:65:85:21:
e3:24:2e:a7:19:14:80:0f:c4:7a:6e:e3:5e:ca:fb:
6d:7e:ea:00:25:6d:ca:1c:19:b6:74:e7:08:6e:0a:
ea:f8:f9:20:45:42:d5:fe:44:ac:71:fb:66:69:d5:
31:93:8d:91:36:04:e6:e3:3a:1a:e6:d4:7a:8f:66:
9c:f3:2c:da:5b:e5:35:df:27:b4:84:95:2b:40:3d:
02:9f:3f:be:55:05:ce:eb:31:2f:72:d6:81:8c:3d:
f2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4B:BC:16:CA:AD:B5:9F:83:07:23:05:E9:FC:71:CE:D5:BD:37:6C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I0u8FsqttZ-DByMF6fxxztW9N2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.160.0/21
31.57.202.0/23
31.59.116.0/22
Signature Algorithm: sha256WithRSAEncryption
53:ad:f4:fe:22:e6:71:02:33:db:9d:b7:32:d0:69:e4:b6:f1:
f8:bf:ed:a2:a6:09:1f:a7:a9:a4:47:32:15:4d:f8:ed:a3:2c:
7f:16:8c:19:d5:cc:32:f5:bf:77:5b:46:2c:cc:25:f9:6c:b6:
88:3f:eb:ae:e1:a4:39:bf:84:b3:fd:4d:2e:26:41:f3:5b:56:
ce:60:69:06:b7:06:9b:54:89:24:75:13:1b:04:f0:19:bc:fe:
0b:25:70:7e:20:f7:05:97:46:33:78:3f:5f:2e:80:ba:c6:f5:
1f:fd:ff:f7:bf:2a:df:01:e1:8c:21:c1:e4:6d:a4:27:fd:c1:
17:2d:9f:c3:40:63:8e:54:f0:ce:1b:88:80:32:2d:d8:f5:9d:
d2:d8:9d:4d:e1:d3:6f:e8:2c:81:36:01:a1:c1:be:00:44:b2:
74:3d:66:73:21:0d:21:04:8d:f3:cc:3d:1e:55:dc:6a:b6:34:
d1:31:ea:4b:eb:c3:44:97:b3:ec:d4:54:94:37:bc:6f:d6:e7:
ad:17:05:1d:9d:d7:ff:36:1a:e5:9a:d1:71:3c:98:0c:35:a7:
de:ee:b0:43:e4:d2:f2:24:57:6f:ef:48:da:98:ba:5c:f1:7b:
08:f4:9c:7d:63:8f:84:62:63:71:40:e1:cc:44:e0:e7:1a:19:
f0:52:bd:6d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoIzR2bNO3D3PLq5OBTSwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRiYmMxNmNhYWRiNTlmODMwNzIzMDVlOWZjNzFjZWQ1YmQzNzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvoLTJ8NhyM8wmToIzTUXiN+gDfs
As99DtCDMaceA0S+PvnA7bhl306wHN8I4t93W5kdwhD7dX/ZF5q6LuWaGSlrxxRJ
1uK92VqatL7eVQuAwtKFsOoVWN85srYoOiQE9gbFftU6juysOAymvq0MM5hEUkRU
lXFirCessaKw5jCDZSfl4SVeSMWQ66LDjYJq4sebSVlXShGhIp1FWA9CFpdlhSHj
JC6nGRSAD8R6buNeyvttfuoAJW3KHBm2dOcIbgrq+PkgRULV/kSscftmadUxk42R
NgTm4zoa5tR6j2ac8yzaW+U13ye0hJUrQD0Cnz++VQXO6zEvctaBjD3y/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCNLvBbKrbWfgwcjBen8cc7VvTdsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSTB1OEZzcXR0Wi1EQnlNRjZmeHh6dFc5TjJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHzigAwQB
HznKAwQCHzt0MA0GCSqGSIb3DQEBCwUAA4IBAQBTrfT+IuZxAjPbnbcy0GnktvH4
v+2ipgkfp6mkRzIVTfjtoyx/FowZ1cwy9b93W0YszCX5bLaIP+uu4aQ5v4Sz/U0u
JkHzW1bOYGkGtwabVIkkdRMbBPAZvP4LJXB+IPcFl0YzeD9fLoC6xvUf/f/3vyrf
AeGMIcHkbaQn/cEXLZ/DQGOOVPDOG4iAMi3Y9Z3S2J1N4dNv6CyBNgGhwb4ARLJ0
PWZzIQ0hBI3zzD0eVdxqtjTRMepL68NEl7Ps1FSUN7xv1uetFwUdndf/NhrlmtFx
PJgMNafe7rBD5NLyJFdv70jamLpc8XsI9Jx9Y4+EYmNxQOHMRODnGhnwUr1t
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:56:50 2025 by rpki-client