Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KvPGVCGewnZG-A03NvbrQvFDnQs.roa
File: KvPGVCGewnZG-A03NvbrQvFDnQs.roa (raw, json)
Hash identifier: ECI4Lc9aHKwW+ThX7U4PWh+E9snmZwgKQaYQhMIOrmU=
Subject key identifier: 2A:F3:C6:54:21:9E:C2:76:46:F8:0D:37:36:F6:EB:42:F1:43:9D:0B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946EEE6D6DE33D224E405BE1DC35B6924A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KvPGVCGewnZG-A03NvbrQvFDnQs.roa
Signing time: Thu 16 Jan 2025 11:45:06 +0000
ROA not before: Thu 16 Jan 2025 11:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 31.56.114.0/24 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.201.0/24 maxlen: 24
31.57.133.0/24 maxlen: 24
31.57.136.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.187.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:ee:6d:6d:e3:3d:22:4e:40:5b:e1:dc:35:b6:92:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 16 11:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2af3c654219ec27646f80d3736f6eb42f1439d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5c:43:7a:77:2b:99:c1:0a:33:e6:3b:c5:12:
35:23:e1:bc:c1:88:72:3d:29:ad:48:49:82:be:ee:
3e:38:d1:fc:ef:b2:eb:d0:11:d7:ec:a4:79:ee:d9:
87:b2:37:0d:8f:24:8f:93:7e:1c:2f:24:07:0a:38:
d2:9f:a4:8d:e9:61:68:da:ce:33:c0:f9:ad:60:ff:
1b:61:04:4e:2a:f8:ac:38:96:04:b5:e2:64:4a:ea:
10:87:01:7a:22:0e:a6:de:30:9a:3a:36:1f:07:56:
b8:82:82:fa:be:5a:f1:35:06:f5:e5:36:44:52:c5:
e0:12:07:4f:9b:36:7b:01:9e:bd:f7:1b:25:94:84:
eb:dc:2e:a7:7d:0e:04:da:56:7d:6f:9f:a2:0c:38:
8a:2e:27:ec:29:2f:f7:12:23:ca:fb:cd:3b:fe:61:
f9:21:ac:d7:6e:72:40:6f:1f:fb:5a:79:c4:07:57:
99:d0:09:0e:3d:00:be:8a:39:c5:a0:52:4f:d7:3a:
28:72:c4:c6:8a:50:39:60:7a:35:81:8c:c0:56:4c:
7f:a3:70:a8:f3:6a:25:3b:30:97:8c:ed:37:93:4f:
bc:e3:9e:d5:41:02:0b:37:03:b1:a4:de:e4:4b:29:
45:80:01:88:69:2c:2f:f0:6f:47:96:d5:64:14:2d:
94:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F3:C6:54:21:9E:C2:76:46:F8:0D:37:36:F6:EB:42:F1:43:9D:0B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/KvPGVCGewnZG-A03NvbrQvFDnQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.114.0/24
31.56.157.0/24
31.56.201.0/24
31.57.133.0/24
31.57.136.0/24
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.43.0/24
31.59.56.0/24
31.59.97.0/24
31.59.112.0/23
31.59.115.0/24
31.59.130.0/24
31.59.187.0/24
31.59.229.0/24
31.59.231.0/24
31.59.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:6b:5a:b2:ab:16:28:31:1e:54:0f:e7:f1:2d:ec:0f:3a:67:
76:4f:cf:b7:c2:95:39:d0:1a:6c:46:0e:95:91:56:01:4b:63:
d3:7b:4e:f8:41:8c:92:ac:d3:13:44:b0:4f:4e:9b:67:ad:eb:
6c:36:13:7d:0f:8e:e3:64:5c:9b:af:23:17:d9:18:18:c3:e5:
b4:0e:73:30:e7:56:e4:89:27:ef:a2:66:4a:e0:89:df:d3:21:
20:b0:b7:ea:48:e6:85:43:ce:7c:03:cf:87:60:26:41:87:5b:
cf:e4:ea:f0:48:86:70:fc:ab:3a:94:fa:bc:28:33:77:e5:4f:
58:72:f8:a3:fa:ee:79:21:ea:b3:8b:d4:7f:ed:5f:d4:c6:30:
6b:a2:85:1f:03:c3:f7:a0:73:7d:3d:67:93:92:4b:71:9a:03:
53:50:90:24:de:a1:72:7b:8f:1e:5a:e0:82:6b:36:42:02:23:
e7:df:4e:f6:0a:66:7f:a4:f1:a3:8a:2f:2c:50:3c:7a:f3:2a:
31:e7:e7:57:65:56:9f:d5:98:d2:ed:d9:c4:cb:b6:c5:99:c4:
2c:d2:79:63:a8:7d:e4:5f:65:42:1b:9d:f3:c3:50:de:d9:49:
e6:17:d0:0c:e6:88:1a:b7:1e:46:93:87:36:a9:9b:28:89:b8:
9a:d4:08:21
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZRu7m1t4z0iTkBb4dw1tpJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE2MTE0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYzYzY1NDIxOWVjMjc2NDZmODBkMzczNmY2ZWI0MmYxNDM5ZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlxDencrmcEKM+Y7xRI1I+G8wYhy
PSmtSEmCvu4+ONH877Lr0BHX7KR57tmHsjcNjySPk34cLyQHCjjSn6SN6WFo2s4z
wPmtYP8bYQROKvisOJYEteJkSuoQhwF6Ig6m3jCaOjYfB1a4goL6vlrxNQb15TZE
UsXgEgdPmzZ7AZ699xsllITr3C6nfQ4E2lZ9b5+iDDiKLifsKS/3EiPK+807/mH5
IazXbnJAbx/7WnnEB1eZ0AkOPQC+ijnFoFJP1zoocsTGilA5YHo1gYzAVkx/o3Co
82olOzCXjO03k0+8457VQQILNwOxpN7kSylFgAGIaSwv8G9HltVkFC2U8wIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFCrzxlQhnsJ2RvgNNzb260LxQ50LMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvS3ZQR1ZDR2V3blpHLUEwM052YnJRdkZEblFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHzhy
AwQAHzidAwQAHzjJAwQAHzmFAwQAHzmIAwQAHzqBAwQBHzqKAwQAHzqWAwQAHzqa
AwQAHzqlAwQAHzsrAwQAHzs4AwQAHzthAwQBHztwAwQAHztzAwQAHzuCAwQAHzu7
AwQAHzvlAwQAHzvnAwQAHzv1MA0GCSqGSIb3DQEBCwUAA4IBAQCPa1qyqxYoMR5U
D+fxLewPOmd2T8+3wpU50BpsRg6VkVYBS2PTe074QYySrNMTRLBPTptnretsNhN9
D47jZFybryMX2RgYw+W0DnMw51bkiSfvomZK4Inf0yEgsLfqSOaFQ858A8+HYCZB
h1vP5OrwSIZw/Ks6lPq8KDN35U9Ycvij+u55Ieqzi9R/7V/UxjBrooUfA8P3oHN9
PWeTkktxmgNTUJAk3qFye48eWuCCazZCAiPn3072CmZ/pPGjii8sUDx68yox5+dX
ZVaf1ZjS7dnEy7bFmcQs0nljqH3kX2VCG53zw1De2UnmF9AM5ogatx5Gk4c2qZso
ibia1Agh
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:56:47 2025 by rpki-client