Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I3ZHKWfjpRs9aQ5SxckKl4VJSQw.roa
File: I3ZHKWfjpRs9aQ5SxckKl4VJSQw.roa (raw, json)
Hash identifier: Tz1K7oMYIwxcSquGgfmdTn0XaWtUPfbM5TGePIG54rY=
Subject key identifier: 23:76:47:29:67:E3:A5:1B:3D:69:0E:52:C5:C9:0A:97:85:49:49:0C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192BE0A940115BF50434C1AB2D0833760AC
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I3ZHKWfjpRs9aQ5SxckKl4VJSQw.roa
Signing time: Thu 24 Oct 2024 10:20:17 +0000
ROA not before: Thu 24 Oct 2024 10:20:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 31.58.68.0/22 maxlen: 24
31.58.76.0/22 maxlen: 24
31.58.84.0/22 maxlen: 24
31.58.92.0/22 maxlen: 24
31.58.100.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:0a:94:01:15:bf:50:43:4c:1a:b2:d0:83:37:60:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 24 10:20:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2376472967e3a51b3d690e52c5c90a978549490c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:77:64:33:e3:01:78:5a:4c:af:da:fd:9b:
2d:c5:f5:e7:a9:ab:19:25:41:9d:e5:d8:94:1f:12:
76:9a:bb:0c:6f:2b:12:bc:b9:c5:1d:d4:9b:11:be:
87:99:70:c9:f5:19:c6:d1:83:51:ab:6d:82:40:0c:
f6:59:43:b8:00:0e:88:53:4a:64:df:7d:f5:a9:a9:
ed:54:7f:27:22:be:ef:54:40:69:3d:fd:88:71:35:
de:65:04:8c:4c:58:02:d7:3d:6d:b4:38:ce:f3:6d:
0f:f9:6f:88:db:9a:f8:66:73:21:d5:13:3b:05:51:
74:da:06:be:9e:13:7b:20:c5:a5:1f:8a:5d:9f:e7:
99:e9:93:54:c7:28:40:87:fc:fb:ce:d5:78:dc:d7:
10:64:46:04:29:4f:cf:ff:11:44:45:44:e1:c6:9c:
02:b6:dd:04:60:67:d8:c9:6d:ec:96:50:c4:f8:d0:
ac:f6:d7:7b:f0:4c:f3:7c:03:0a:8f:8c:48:9e:c0:
11:c7:be:40:26:2e:5d:dc:40:b5:e3:95:3a:bf:8c:
e5:41:f0:b1:33:af:61:d7:7a:17:66:25:76:5a:e9:
1d:74:ec:3c:af:a9:8b:cf:b7:b9:09:50:31:56:dd:
5f:c6:18:48:c6:b3:4d:32:99:0c:8a:91:ec:19:9e:
94:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:76:47:29:67:E3:A5:1B:3D:69:0E:52:C5:C9:0A:97:85:49:49:0C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/I3ZHKWfjpRs9aQ5SxckKl4VJSQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.68.0/22
31.58.76.0/22
31.58.84.0/22
31.58.92.0/22
31.58.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:e8:57:82:ab:26:0d:9e:99:69:6f:3a:23:c3:2f:be:ba:01:
a4:9e:7d:e2:84:a2:a8:b5:8d:98:93:22:5c:d9:27:46:63:93:
03:c2:d2:f5:2f:c7:33:12:85:24:01:94:1e:d6:73:e6:49:4e:
72:aa:0d:68:88:82:50:2c:22:a7:f6:83:65:d4:64:6d:53:74:
7e:f8:77:fc:d1:ee:09:1b:c8:91:92:11:60:8b:90:23:07:a3:
7f:1c:92:f5:e9:34:cf:bd:93:13:c7:b0:22:81:c2:ba:1d:50:
5d:a4:b1:b2:06:d0:c2:e6:23:65:e9:7c:00:31:1f:d4:41:0c:
d2:d7:73:27:ca:63:17:1c:1e:d7:1a:13:10:42:78:93:44:db:
34:21:5d:f0:f9:8e:8b:a4:6e:ba:50:14:fb:9c:70:eb:a7:cf:
07:dc:2a:0c:94:13:42:3e:da:2a:14:c5:f4:ee:29:5b:b5:2c:
fc:5e:12:37:73:c1:2b:ba:5f:97:74:93:f4:17:86:bb:6a:6a:
f7:2e:3d:e6:fc:af:d6:74:47:2a:1d:76:ef:a2:d5:d9:96:7a:
17:59:de:18:92:d5:9f:45:76:1b:82:df:c9:cf:f2:d9:50:22:
40:46:ec:95:aa:a2:cd:fb:7c:5a:b5:f8:6f:7b:bb:e7:3e:d8:
64:65:7b:51
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZK+CpQBFb9QQ0wastCDN2CsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDI0MTAyMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzc2NDcyOTY3ZTNhNTFiM2Q2OTBlNTJjNWM5MGE5Nzg1NDk0OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+R3ZDPjAXhaTK/a/ZstxfXnqasZ
JUGd5diUHxJ2mrsMbysSvLnFHdSbEb6HmXDJ9RnG0YNRq22CQAz2WUO4AA6IU0pk
3331qantVH8nIr7vVEBpPf2IcTXeZQSMTFgC1z1ttDjO820P+W+I25r4ZnMh1RM7
BVF02ga+nhN7IMWlH4pdn+eZ6ZNUxyhAh/z7ztV43NcQZEYEKU/P/xFERUThxpwC
tt0EYGfYyW3sllDE+NCs9td78EzzfAMKj4xInsARx75AJi5d3EC145U6v4zlQfCx
M69h13oXZiV2WukddOw8r6mLz7e5CVAxVt1fxhhIxrNNMpkMipHsGZ6UKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCN2Ryln46UbPWkOUsXJCpeFSUkMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSTNaSEtXZmpwUnM5YVE1U3hja0tsNFZKU1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHzpEAwQC
HzpMAwQCHzpUAwQCHzpcAwQCHzpkMA0GCSqGSIb3DQEBCwUAA4IBAQAe6FeCqyYN
nplpbzojwy++ugGknn3ihKKotY2YkyJc2SdGY5MDwtL1L8czEoUkAZQe1nPmSU5y
qg1oiIJQLCKn9oNl1GRtU3R++Hf80e4JG8iRkhFgi5AjB6N/HJL16TTPvZMTx7Ai
gcK6HVBdpLGyBtDC5iNl6XwAMR/UQQzS13MnymMXHB7XGhMQQniTRNs0IV3w+Y6L
pG66UBT7nHDrp88H3CoMlBNCPtoqFMX07ilbtSz8XhI3c8Erul+XdJP0F4a7amr3
Lj3m/K/WdEcqHXbvotXZlnoXWd4YktWfRXYbgt/Jz/LZUCJARuyVqqLN+3xatfhv
e7vnPthkZXtR
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:15 2024 by rpki-client on console-ams.rpki-client.org