Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/INjXyHa6MGl4EH0p2FT2_Cyxt3Q.roa
File: INjXyHa6MGl4EH0p2FT2_Cyxt3Q.roa (raw, json)
Hash identifier: C5QJ80lPb26XnK59hBM21qd/nBmCGuHgGDq7nIDtpos=
Subject key identifier: 20:D8:D7:C8:76:BA:30:69:78:10:7D:29:D8:54:F6:FC:2C:B1:B7:74
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946EE45C313FE38ED427A3BA2114BC3F93
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/INjXyHa6MGl4EH0p2FT2_Cyxt3Q.roa
Signing time: Thu 16 Jan 2025 11:34:07 +0000
ROA not before: Thu 16 Jan 2025 11:34:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:e4:5c:31:3f:e3:8e:d4:27:a3:ba:21:14:bc:3f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 16 11:34:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20d8d7c876ba306978107d29d854f6fc2cb1b774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a3:97:44:d2:57:75:65:dd:07:fe:41:f8:06:
f3:67:6c:a6:71:82:fd:96:d9:af:79:dc:8b:7b:a1:
de:41:8d:9c:1e:2d:20:81:5c:8b:59:84:4f:f6:71:
63:32:a4:84:d4:34:28:0a:59:e7:4b:e7:09:26:3b:
2d:b7:b0:e9:a4:73:af:ce:27:3a:c7:86:64:fe:dc:
56:af:4d:1d:f6:4e:4c:b2:71:a8:e3:c9:ce:60:d9:
7d:a6:3b:ee:2e:fc:a9:df:85:fc:4b:c6:90:52:e7:
26:e2:d2:a7:5e:83:d0:c6:4c:26:06:6d:36:27:23:
44:4a:d8:4e:0f:e1:23:52:c5:b7:e4:69:54:f0:bd:
c6:78:40:62:59:19:75:29:2a:31:bf:9f:50:14:7b:
3a:5b:b7:35:49:12:3c:98:9f:40:77:53:d4:2c:73:
80:db:9b:80:86:2e:fe:31:06:81:bf:fa:c6:b1:8e:
b3:20:5f:87:60:27:26:e9:95:46:79:f9:cc:b3:7e:
b7:6f:57:6f:6a:de:6a:1c:47:c6:d9:07:71:a8:6b:
47:f3:79:9e:d9:d8:ec:dc:f2:d6:a1:5f:8d:20:ec:
b3:1e:af:e6:d6:07:b9:fd:b2:06:b0:67:8d:c4:6c:
a5:e3:bd:06:31:45:ad:5c:d4:92:b8:ec:05:76:cf:
42:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:D8:D7:C8:76:BA:30:69:78:10:7D:29:D8:54:F6:FC:2C:B1:B7:74
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/INjXyHa6MGl4EH0p2FT2_Cyxt3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.200.0/24
31.56.202.0/24
31.57.132.0/24
31.57.181.0/24
31.57.215.0/24
31.57.219.0/24
31.57.221.0/24
31.57.255.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
38:14:36:ef:7a:25:07:94:92:c1:3c:1c:8f:09:6b:41:7b:14:
37:bc:9c:4a:14:96:01:3a:39:a9:52:1d:1d:ea:7c:27:89:d4:
46:b0:40:8d:80:88:8b:98:53:2f:e0:a2:90:4b:e5:1d:0a:b5:
b7:cc:61:5e:0e:8d:90:a4:8f:e9:59:da:08:d5:3d:85:26:b6:
a3:d2:57:bc:4c:45:28:e3:41:60:66:08:9b:bd:ce:b6:8b:df:
5e:cd:95:a9:f8:3b:1d:7b:bf:52:7b:30:d0:4c:99:20:f0:d2:
a9:20:89:d5:de:cc:c0:bb:02:c6:ac:32:5a:d2:67:1a:48:78:
06:c9:97:f3:e3:47:d0:be:89:ea:23:67:c4:1e:2a:7e:b2:e4:
56:84:97:00:1f:8c:a0:e2:6d:72:f7:63:93:e8:42:ce:b9:c6:
58:14:a9:87:fd:3a:f0:90:f8:d8:78:0c:bb:6d:6c:33:93:25:
e7:19:c4:c5:26:fe:a5:2a:c5:d5:37:0f:ec:cd:09:13:93:6a:
cc:33:ba:27:9a:f4:04:e7:5f:62:39:0e:98:ac:a1:30:db:a2:
65:d1:f8:cb:b9:53:fd:75:b8:fe:f2:df:96:db:60:e4:ac:f0:
e4:3e:b3:d7:69:4c:53:0b:7b:a3:d1:cd:17:96:f3:41:f5:9b:
30:43:8a:d4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZRu5FwxP+OO1CejuiEUvD+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE2MTEzNDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGQ4ZDdjODc2YmEzMDY5NzgxMDdkMjlkODU0ZjZmYzJjYjFiNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKOXRNJXdWXdB/5B+AbzZ2ymcYL9
ltmvedyLe6HeQY2cHi0ggVyLWYRP9nFjMqSE1DQoClnnS+cJJjstt7DppHOvzic6
x4Zk/txWr00d9k5MsnGo48nOYNl9pjvuLvyp34X8S8aQUucm4tKnXoPQxkwmBm02
JyNESthOD+EjUsW35GlU8L3GeEBiWRl1KSoxv59QFHs6W7c1SRI8mJ9Ad1PULHOA
25uAhi7+MQaBv/rGsY6zIF+HYCcm6ZVGefnMs363b1dvat5qHEfG2QdxqGtH83me
2djs3PLWoV+NIOyzHq/m1ge5/bIGsGeNxGyl470GMUWtXNSSuOwFds9CzwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCDY18h2ujBpeBB9KdhU9vwssbd0MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSU5qWHlIYTZNR2w0RUgwcDJGVDJfQ3l4dDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjIAwQAHzjKAwQAHzmEAwQAHzm1AwQAHznXAwQAHznbAwQA
HzndAwQAHzn/AwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQA4FDbveiUHlJLBPByP
CWtBexQ3vJxKFJYBOjmpUh0d6nwnidRGsECNgIiLmFMv4KKQS+UdCrW3zGFeDo2Q
pI/pWdoI1T2FJraj0le8TEUo40FgZgibvc62i99ezZWp+Dsde79SezDQTJkg8NKp
IInV3szAuwLGrDJa0mcaSHgGyZfz40fQvonqI2fEHip+suRWhJcAH4yg4m1y92OT
6ELOucZYFKmH/TrwkPjYeAy7bWwzkyXnGcTFJv6lKsXVNw/szQkTk2rMM7onmvQE
519iOQ6YrKEw26Jl0fjLuVP9dbj+8t+W22DkrPDkPrPXaUxTC3uj0c0XlvNB9Zsw
Q4rU
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:06:05 2025 by rpki-client