Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NE567sfW81-T0-E3IJfeZrVXqcQ.roa
File: NE567sfW81-T0-E3IJfeZrVXqcQ.roa (raw, json)
Hash identifier: 3Bcfs2GH5/Vsv+E4OlsFTmjgVWGoWHLdPAHBWaqaoGU=
Subject key identifier: 34:4E:7A:EE:C7:D6:F3:5F:93:D3:E1:37:20:97:DE:66:B5:57:A9:C4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946B64F7B0E7284124CE9D3907D66122F6
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NE567sfW81-T0-E3IJfeZrVXqcQ.roa
Signing time: Wed 15 Jan 2025 19:16:06 +0000
ROA not before: Wed 15 Jan 2025 19:16:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 31.56.160.0/21 maxlen: 24
31.57.202.0/24 maxlen: 24
31.57.203.0/24 maxlen: 24
31.59.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:64:f7:b0:e7:28:41:24:ce:9d:39:07:d6:61:22:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 15 19:16:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=344e7aeec7d6f35f93d3e1372097de66b557a9c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2e:58:ae:62:5c:be:72:6a:b8:03:ed:ba:b1:
a8:e6:ac:4d:3b:31:1f:8d:56:41:ac:cd:c0:de:c6:
73:73:8e:a8:61:a5:52:84:f5:08:9d:56:93:7b:19:
0a:70:43:37:b7:c9:c6:0d:33:bf:f0:b8:6b:14:7d:
94:f2:6b:1d:3e:1d:b3:93:f8:fa:6d:9d:ca:d9:37:
88:59:a4:84:72:a4:7f:8b:c9:d3:3a:9f:75:21:34:
35:1d:09:5b:34:d9:2d:7b:69:07:7c:27:b3:46:5f:
a7:1b:b0:37:da:16:91:45:57:9c:7d:22:f5:67:aa:
8e:fa:0d:f6:06:66:d4:fb:7b:ef:76:af:ba:c6:c4:
ff:e0:3e:6e:aa:20:e7:1f:a2:cd:cb:0c:c0:f6:5d:
8f:03:74:2f:4c:43:78:90:1d:76:aa:89:4e:bb:d4:
2f:d5:6d:ef:1c:92:71:84:c7:97:22:bb:35:0a:2a:
db:f4:b5:1b:da:5b:f8:74:8d:ce:6d:25:94:4a:05:
55:82:9f:2e:6c:e7:d1:c6:6c:74:1f:1c:94:ef:93:
5d:d0:79:6c:21:e4:9b:16:50:b0:a3:e1:c7:b8:eb:
4a:49:72:fe:ab:67:57:8c:fd:ab:bb:4f:96:c6:e0:
d3:7b:c6:1e:f6:97:b8:18:a3:b6:b9:a6:9c:e5:a0:
be:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4E:7A:EE:C7:D6:F3:5F:93:D3:E1:37:20:97:DE:66:B5:57:A9:C4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NE567sfW81-T0-E3IJfeZrVXqcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.160.0/21
31.57.202.0/23
31.59.116.0/22
Signature Algorithm: sha256WithRSAEncryption
44:4e:57:da:83:56:c4:9c:e1:66:7c:82:cf:79:a9:03:e9:8e:
d6:fd:29:71:a1:3b:80:b7:c0:f2:ea:1f:bf:cc:88:da:d2:c4:
bf:91:93:26:31:10:89:9b:c3:38:0d:ec:07:d5:46:43:e1:99:
a8:92:3b:86:c9:d6:64:2d:12:18:7b:d0:cb:43:8d:9c:eb:7a:
a0:24:2e:74:9a:15:82:4d:46:28:d2:c3:1c:d2:04:39:35:13:
36:32:fd:bb:eb:29:44:9e:c0:f8:ec:f7:b9:fe:0c:d1:b7:fd:
96:41:f0:78:08:78:49:3c:0b:ea:23:26:49:cc:14:89:49:cd:
31:58:02:05:c1:40:4f:b4:ad:f3:ce:66:07:17:66:a2:e8:ae:
89:ca:a4:d2:f3:5b:83:87:06:45:b3:49:f5:f7:0c:d8:3a:a5:
5e:49:3e:fb:59:f9:6a:8e:93:8e:0d:f9:e9:93:89:8e:5d:7f:
bc:26:06:97:3b:e8:d6:37:9c:b2:ae:de:7e:5c:02:0d:a2:26:
8f:6c:53:97:d5:80:10:79:0a:40:c4:ba:f3:3e:c4:d9:7b:30:
f7:14:b3:99:82:40:22:7b:37:00:c5:dc:01:57:aa:fb:84:7f:
7e:50:47:61:bd:74:e3:8f:1a:ef:eb:57:43:ff:f3:57:24:2a:
9f:72:9d:77
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRrZPew5yhBJM6dOQfWYSL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE1MTkxNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDRlN2FlZWM3ZDZmMzVmOTNkM2UxMzcyMDk3ZGU2NmI1NTdhOWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji5YrmJcvnJquAPturGo5qxNOzEf
jVZBrM3A3sZzc46oYaVShPUInVaTexkKcEM3t8nGDTO/8LhrFH2U8msdPh2zk/j6
bZ3K2TeIWaSEcqR/i8nTOp91ITQ1HQlbNNkte2kHfCezRl+nG7A32haRRVecfSL1
Z6qO+g32BmbU+3vvdq+6xsT/4D5uqiDnH6LNywzA9l2PA3QvTEN4kB12qolOu9Qv
1W3vHJJxhMeXIrs1Cirb9LUb2lv4dI3ObSWUSgVVgp8ubOfRxmx0HxyU75Nd0Hls
IeSbFlCwo+HHuOtKSXL+q2dXjP2ru0+WxuDTe8Ye9pe4GKO2uaac5aC+vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDROeu7H1vNfk9PhNyCX3ma1V6nEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTkU1NjdzZlc4MS1UMC1FM0lKZmVaclZYcWNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHzigAwQB
HznKAwQCHzt0MA0GCSqGSIb3DQEBCwUAA4IBAQBETlfag1bEnOFmfILPeakD6Y7W
/SlxoTuAt8Dy6h+/zIja0sS/kZMmMRCJm8M4DewH1UZD4ZmokjuGydZkLRIYe9DL
Q42c63qgJC50mhWCTUYo0sMc0gQ5NRM2Mv276ylEnsD47Pe5/gzRt/2WQfB4CHhJ
PAvqIyZJzBSJSc0xWAIFwUBPtK3zzmYHF2ai6K6JyqTS81uDhwZFs0n19wzYOqVe
ST77WflqjpOODfnpk4mOXX+8JgaXO+jWN5yyrt5+XAINoiaPbFOX1YAQeQpAxLrz
PsTZezD3FLOZgkAiezcAxdwBV6r7hH9+UEdhvXTjjxrv61dD//NXJCqfcp13
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:02:57 2025 by rpki-client