Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzE5an9m0Y9lMkO7IOyYAC737nk.roa
File: MzE5an9m0Y9lMkO7IOyYAC737nk.roa (raw, json)
Hash identifier: 9tZxhKnwDoPIApFnxeYfyl5yOoWKjurcQBrYKc/sc24=
Subject key identifier: 33:31:39:6A:7F:66:D1:8F:65:32:43:BB:20:EC:98:00:2E:F7:EE:79
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428233AF8EF7F4E25768EFD1888220F4B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzE5an9m0Y9lMkO7IOyYAC737nk.roa
Signing time: Thu 02 Jan 2025 17:49:45 +0000
ROA not before: Thu 02 Jan 2025 17:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 31.57.100.0/24 maxlen: 24
31.57.228.0/24 maxlen: 24
31.57.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:3a:f8:ef:7f:4e:25:76:8e:fd:18:88:22:0f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3331396a7f66d18f653243bb20ec98002ef7ee79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ca:b9:a3:dc:de:03:b9:35:8a:94:a5:66:d2:
04:03:17:a2:be:7c:c1:db:aa:21:2f:df:99:cd:8b:
a2:61:7b:70:33:ab:98:ab:af:5a:51:13:2c:5d:8c:
92:56:74:34:70:b5:21:09:15:ad:65:b1:8f:32:5b:
ec:c6:ef:00:36:ed:4e:09:c3:62:68:ee:97:04:9c:
7b:ae:ed:76:6a:df:9d:8f:ef:78:ba:72:4e:c1:b9:
65:0f:13:a5:d9:0c:42:47:74:83:86:7f:ae:ca:b4:
be:15:07:af:fc:93:ea:ae:24:18:a2:12:4d:e8:54:
66:06:c8:2e:46:c8:92:99:97:7c:b2:24:da:da:71:
40:17:80:17:d1:7c:e7:95:8b:fe:1f:ff:e6:05:ed:
e9:1e:2b:7e:79:ad:03:05:58:f5:89:a7:73:5d:e9:
a1:00:60:09:db:72:f1:29:f0:69:90:68:85:9a:ed:
73:a7:b0:a9:9a:a2:15:2d:c7:42:c8:a1:38:fd:1a:
53:47:bc:f6:3d:ba:6c:3e:d8:c2:c0:55:6f:71:f5:
ea:f4:97:1f:3a:02:c7:93:81:b0:c2:58:f3:26:83:
e9:a6:ea:83:54:6f:bd:6d:6c:44:ed:3a:5e:de:45:
5f:9e:68:ed:3c:4d:44:6d:06:59:41:7a:14:e8:42:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:31:39:6A:7F:66:D1:8F:65:32:43:BB:20:EC:98:00:2E:F7:EE:79
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/MzE5an9m0Y9lMkO7IOyYAC737nk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.100.0/24
31.57.228.0/24
31.57.248.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:11:82:5a:13:7e:21:3f:a0:ff:d2:41:43:fb:34:8f:7a:a3:
50:b7:ac:88:a7:b7:57:d7:90:91:e6:e9:73:da:5b:2a:3e:b1:
c8:93:90:bb:b1:e5:3f:06:e9:fd:28:6b:68:c8:fc:1d:ef:9e:
cf:f4:41:d7:d7:9d:7e:27:bf:cf:f8:67:e8:d8:02:aa:69:6a:
7e:18:61:1f:6f:90:cf:fc:22:14:98:2f:08:72:76:0e:2c:0f:
05:5a:ca:3d:5b:cc:ad:ba:f0:5c:d8:3d:ef:8f:b3:47:73:43:
12:ae:22:91:e3:aa:d9:ab:13:09:db:5f:7e:80:da:35:89:dc:
d2:fd:2a:83:c0:ce:ec:2f:cf:74:18:80:8d:38:36:27:6a:a0:
a5:70:2f:41:09:07:a0:ec:07:ad:1c:76:24:e8:f4:c6:1d:35:
99:83:4e:93:58:2e:a1:c4:aa:8e:fd:02:f0:46:93:64:92:c4:
42:4e:d5:1d:7d:ac:21:e8:d3:40:73:df:d8:4a:2f:85:42:a0:
3a:b4:84:45:17:52:d9:13:40:33:a6:5a:7c:a6:a2:28:f0:18:
f7:0e:31:98:04:7b:16:d3:87:b7:15:d2:0e:ee:59:50:4b:ba:
9f:29:fb:3a:28:74:e8:5a:33:f4:04:6f:73:97:83:7b:76:53:
7d:a5:1a:f3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoIzr4739OJXaO/RiIIg9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzMxMzk2YTdmNjZkMThmNjUzMjQzYmIyMGVjOTgwMDJlZjdlZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Mq5o9zeA7k1ipSlZtIEAxeivnzB
26ohL9+ZzYuiYXtwM6uYq69aURMsXYySVnQ0cLUhCRWtZbGPMlvsxu8ANu1OCcNi
aO6XBJx7ru12at+dj+94unJOwbllDxOl2QxCR3SDhn+uyrS+FQev/JPqriQYohJN
6FRmBsguRsiSmZd8siTa2nFAF4AX0XznlYv+H//mBe3pHit+ea0DBVj1iadzXemh
AGAJ23LxKfBpkGiFmu1zp7CpmqIVLcdCyKE4/RpTR7z2PbpsPtjCwFVvcfXq9Jcf
OgLHk4GwwljzJoPppuqDVG+9bWxE7Tpe3kVfnmjtPE1EbQZZQXoU6EL3GQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDMxOWp/ZtGPZTJDuyDsmAAu9+55MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTXpFNWFuOW0wWTlsTWtPN0lPeVlBQzczN25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzlkAwQA
HznkAwQAHzn4MA0GCSqGSIb3DQEBCwUAA4IBAQB9EYJaE34hP6D/0kFD+zSPeqNQ
t6yIp7dX15CR5ulz2lsqPrHIk5C7seU/Bun9KGtoyPwd757P9EHX151+J7/P+Gfo
2AKqaWp+GGEfb5DP/CIUmC8IcnYOLA8FWso9W8ytuvBc2D3vj7NHc0MSriKR46rZ
qxMJ219+gNo1idzS/SqDwM7sL890GICNODYnaqClcC9BCQeg7AetHHYk6PTGHTWZ
g06TWC6hxKqO/QLwRpNkksRCTtUdfawh6NNAc9/YSi+FQqA6tIRFF1LZE0Azplp8
pqIo8Bj3DjGYBHsW04e3FdIO7llQS7qfKfs6KHToWjP0BG9zl4N7dlN9pRrz
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:08:15 2025 by rpki-client