Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IR_A5tX1VYwK4_G7JdEbajR3eDM.roa
File: IR_A5tX1VYwK4_G7JdEbajR3eDM.roa (raw, json)
Hash identifier: KVwI5rZCTcoUK9p4TltPhjNjG79ncSxMZqJFNh5ve1E=
Subject key identifier: 21:1F:C0:E6:D5:F5:55:8C:0A:E3:F1:BB:25:D1:1B:6A:34:77:78:33
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01932AF5C4E0CF36F04474590F06E0A964E2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IR_A5tX1VYwK4_G7JdEbajR3eDM.roa
Signing time: Thu 14 Nov 2024 13:56:10 +0000
ROA not before: Thu 14 Nov 2024 13:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2a:f5:c4:e0:cf:36:f0:44:74:59:0f:06:e0:a9:64:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 14 13:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=211fc0e6d5f5558c0ae3f1bb25d11b6a34777833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:80:de:e2:4e:83:39:44:67:54:d6:ca:2d:f2:
3f:c6:80:d4:14:e9:b3:19:16:8c:a4:44:70:86:a6:
5a:97:ab:93:33:b1:ef:00:a5:c4:bf:da:28:3f:03:
42:2b:90:ab:48:f2:a4:b2:75:b1:ff:53:ec:74:f6:
6a:86:9c:61:15:bf:8e:78:e3:24:43:62:e8:5a:49:
a1:95:48:80:93:eb:b5:78:7c:ed:1a:1e:c9:97:cc:
7c:d5:72:b3:6a:de:ee:d2:5d:5f:40:ec:32:76:6f:
6a:89:bf:73:51:a9:15:08:c5:0d:0c:fb:f1:bf:0f:
cb:85:dd:ac:b2:b4:74:3b:9a:6c:6a:1c:4f:a2:f0:
93:69:e4:b4:08:02:8f:d3:6d:76:0b:38:75:30:ca:
db:0f:21:e4:ab:3e:b2:10:0e:2d:c5:1a:71:a9:74:
0d:6f:da:39:02:3c:67:1a:8e:15:04:62:79:41:c5:
13:9c:29:f1:0f:68:b0:ce:91:c6:51:a0:6a:54:fd:
45:2f:45:69:95:7f:ad:f1:38:da:7e:74:7b:03:c8:
71:50:29:a4:3f:c8:98:55:78:8d:ac:db:57:ea:54:
35:6b:e3:b9:e3:67:4e:45:39:49:c1:f9:8d:c7:7f:
92:3e:53:3f:d9:ef:30:48:2d:eb:bc:f7:f8:bc:18:
4c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:1F:C0:E6:D5:F5:55:8C:0A:E3:F1:BB:25:D1:1B:6A:34:77:78:33
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/IR_A5tX1VYwK4_G7JdEbajR3eDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.160.0/21
31.57.202.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:a1:31:13:3d:7d:6f:05:f6:72:15:cc:01:68:88:3a:38:9d:
e8:89:4b:27:6a:fe:75:66:5c:12:c5:2c:3c:77:f2:eb:05:0f:
90:c3:44:bd:61:3f:65:d9:b6:fb:75:e0:15:3f:ae:9f:41:7e:
d4:ed:52:e0:22:3d:60:ac:98:ac:72:30:b4:ee:c9:01:3a:7f:
b8:bd:1f:2f:7d:e8:25:0d:4e:cb:17:fd:84:9a:6d:da:70:aa:
ec:34:88:e2:a2:de:c5:5e:29:4d:97:a9:c9:f6:76:4d:ed:46:
b0:85:b4:8e:89:3a:a6:63:3d:b4:1e:00:09:6d:67:b4:3d:3e:
4a:e0:9d:fd:65:db:93:33:87:99:cb:66:78:84:db:41:bc:c1:
26:aa:bd:80:e9:f4:67:47:c7:0f:95:6a:c7:17:43:2b:86:ea:
fb:4b:26:c5:1f:bc:e2:14:d9:49:d8:20:f3:10:8d:9a:a8:4c:
41:04:bd:da:af:87:81:58:92:0d:bc:c0:c5:97:8b:f9:a1:bf:
01:f4:21:22:90:9f:00:1c:6f:50:7c:99:7b:c6:aa:be:13:d1:
09:50:b2:bf:de:96:bf:e3:db:5a:0c:64:be:7e:b8:32:6b:81:
55:94:27:4a:f3:ad:ec:82:2d:4c:7b:5b:de:c0:8a:21:28:15:
f0:14:42:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMq9cTgzzbwRHRZDwbgqWTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE0MTM1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTFmYzBlNmQ1ZjU1NThjMGFlM2YxYmIyNWQxMWI2YTM0Nzc3ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYDe4k6DOURnVNbKLfI/xoDUFOmz
GRaMpERwhqZal6uTM7HvAKXEv9ooPwNCK5CrSPKksnWx/1PsdPZqhpxhFb+OeOMk
Q2LoWkmhlUiAk+u1eHztGh7Jl8x81XKzat7u0l1fQOwydm9qib9zUakVCMUNDPvx
vw/Lhd2ssrR0O5psahxPovCTaeS0CAKP0212Czh1MMrbDyHkqz6yEA4txRpxqXQN
b9o5AjxnGo4VBGJ5QcUTnCnxD2iwzpHGUaBqVP1FL0VplX+t8TjafnR7A8hxUCmk
P8iYVXiNrNtX6lQ1a+O542dORTlJwfmNx3+SPlM/2e8wSC3rvPf4vBhMOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCEfwObV9VWMCuPxuyXRG2o0d3gzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSVJfQTV0WDFWWXdLNF9HN0pkRWJhalIzZURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDHzigAwQB
HznKMA0GCSqGSIb3DQEBCwUAA4IBAQChoTETPX1vBfZyFcwBaIg6OJ3oiUsnav51
ZlwSxSw8d/LrBQ+Qw0S9YT9l2bb7deAVP66fQX7U7VLgIj1grJiscjC07skBOn+4
vR8vfeglDU7LF/2Emm3acKrsNIjiot7FXilNl6nJ9nZN7UawhbSOiTqmYz20HgAJ
bWe0PT5K4J39ZduTM4eZy2Z4hNtBvMEmqr2A6fRnR8cPlWrHF0Mrhur7SybFH7zi
FNlJ2CDzEI2aqExBBL3ar4eBWJINvMDFl4v5ob8B9CEikJ8AHG9QfJl7xqq+E9EJ
ULK/3pa/49taDGS+frgya4FVlCdK863sgi1Me1vewIohKBXwFELS
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:40:03 2024 by rpki-client on console-ams.rpki-client.org