Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OW_nAP1XL0BNqiNdzUUOq1vPA1A.roa
File: OW_nAP1XL0BNqiNdzUUOq1vPA1A.roa (raw, json)
Hash identifier: tDBhCeTtTaResYW9F7GRXqyYxFg7JsUPxWS8Dy0qEl8=
Subject key identifier: 39:6F:E7:00:FD:57:2F:40:4D:AA:23:5D:CD:45:0E:AB:5B:CF:03:50
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019253DDF8EDF6DB53B52F53BBA1CEE30467
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OW_nAP1XL0BNqiNdzUUOq1vPA1A.roa
Signing time: Thu 03 Oct 2024 19:31:49 +0000
ROA not before: Thu 03 Oct 2024 19:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 31.56.141.0/24 maxlen: 24
31.57.155.0/24 maxlen: 24
31.57.160.0/24 maxlen: 24
31.57.161.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:dd:f8:ed:f6:db:53:b5:2f:53:bb:a1:ce:e3:04:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 3 19:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=396fe700fd572f404daa235dcd450eab5bcf0350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d4:6e:fd:d2:85:f5:83:dd:dc:22:b8:64:14:
37:92:33:83:09:5b:7c:ef:18:a2:9f:bf:b6:08:5b:
d1:62:7b:7a:a6:c5:f5:23:01:77:50:d7:2e:1d:ef:
5f:24:01:ea:a2:d5:49:25:1d:fd:23:5b:c2:96:62:
56:a0:12:1a:f0:21:63:ee:5b:a3:5a:0d:0f:25:14:
3d:c4:4e:2d:7c:38:bf:f1:d5:98:28:6c:e7:99:96:
8a:a4:03:68:04:69:00:bf:dd:b7:63:52:24:a2:41:
53:09:9f:7b:cb:f2:03:78:4e:e9:ca:1b:db:a4:4d:
80:8b:ae:2a:cb:a9:32:2d:0f:dd:52:20:5c:fb:ea:
56:ca:52:5a:7d:85:64:b5:bc:73:e8:8a:ba:6e:1b:
f3:4d:07:9e:e2:6c:fb:a5:4b:e2:6b:73:6d:49:2d:
bd:d4:11:01:9a:92:81:ce:da:9a:b4:7e:8e:05:4b:
b5:15:bd:3c:a8:df:fd:16:fe:d6:d8:0f:ef:9b:e9:
df:f4:6b:a1:90:3d:f7:4a:d6:59:a7:ff:86:00:63:
09:0b:3b:98:ae:38:26:c4:94:ac:de:39:84:cd:4d:
cc:86:af:dc:6f:0f:d6:f2:ed:79:ab:7a:27:0a:5d:
4e:8e:86:4b:be:6a:53:3b:07:79:44:4e:8a:44:8f:
22:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6F:E7:00:FD:57:2F:40:4D:AA:23:5D:CD:45:0E:AB:5B:CF:03:50
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OW_nAP1XL0BNqiNdzUUOq1vPA1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.141.0/24
31.57.155.0/24
31.57.160.0/23
31.57.206.0/24
Signature Algorithm: sha256WithRSAEncryption
92:71:45:3c:57:0c:5f:7e:6a:a4:59:95:c5:bc:52:61:5b:44:
df:fa:aa:93:76:01:1e:7b:aa:d9:3b:34:72:5d:79:e8:c5:b6:
5a:78:b8:03:68:44:67:71:53:c4:11:fc:69:03:fe:a3:71:78:
e8:40:49:e7:2e:60:7c:2c:e7:bb:10:a2:aa:c9:47:c1:ab:a0:
91:a2:0c:b3:72:0b:a6:7e:c2:1a:92:91:c0:d4:46:c5:e2:0e:
13:11:eb:f2:bd:66:f4:06:b5:66:04:e2:fd:59:1d:aa:b5:d5:
9b:07:b5:34:26:11:5d:fb:f2:68:03:35:e6:1f:54:ca:6e:4c:
76:ab:d3:c4:08:0f:77:d7:59:fa:47:6a:4a:cd:82:7b:11:8d:
24:df:a3:00:ef:76:96:d3:4b:da:73:49:3e:36:29:b4:69:2e:
f2:c7:fc:60:f9:2a:03:01:a7:79:18:b9:fc:e6:b9:22:64:67:
24:4e:24:d7:80:7f:81:ce:1c:81:d7:d6:5e:eb:be:1a:2c:1d:
1c:c8:d7:ce:ad:0e:98:30:be:ca:a8:cb:1a:d4:32:06:2d:3f:
7e:02:00:d5:03:c7:21:d0:c0:dc:de:24:db:bd:1e:02:0a:c7:
1a:2d:73:69:dd:c9:01:e3:76:85:e8:15:da:b9:f6:09:29:97:
42:62:63:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJT3fjt9ttTtS9Tu6HO4wRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDAzMTkzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZmZTcwMGZkNTcyZjQwNGRhYTIzNWRjZDQ1MGVhYjViY2YwMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNRu/dKF9YPd3CK4ZBQ3kjODCVt8
7xiin7+2CFvRYnt6psX1IwF3UNcuHe9fJAHqotVJJR39I1vClmJWoBIa8CFj7luj
Wg0PJRQ9xE4tfDi/8dWYKGznmZaKpANoBGkAv923Y1IkokFTCZ97y/IDeE7pyhvb
pE2Ai64qy6kyLQ/dUiBc++pWylJafYVktbxz6Iq6bhvzTQee4mz7pUvia3NtSS29
1BEBmpKBztqatH6OBUu1Fb08qN/9Fv7W2A/vm+nf9GuhkD33StZZp/+GAGMJCzuY
rjgmxJSs3jmEzU3Mhq/cbw/W8u15q3onCl1OjoZLvmpTOwd5RE6KRI8i9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDlv5wD9Vy9ATaojXc1FDqtbzwNQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT1dfbkFQMVhMMEJOcWlOZHpVVU9xMXZQQTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHziNAwQA
HzmbAwQBHzmgAwQAHznOMA0GCSqGSIb3DQEBCwUAA4IBAQCScUU8VwxffmqkWZXF
vFJhW0Tf+qqTdgEee6rZOzRyXXnoxbZaeLgDaERncVPEEfxpA/6jcXjoQEnnLmB8
LOe7EKKqyUfBq6CRogyzcgumfsIakpHA1EbF4g4TEevyvWb0BrVmBOL9WR2qtdWb
B7U0JhFd+/JoAzXmH1TKbkx2q9PECA9311n6R2pKzYJ7EY0k36MA73aW00vac0k+
Nim0aS7yx/xg+SoDAad5GLn85rkiZGckTiTXgH+BzhyB19Ze674aLB0cyNfOrQ6Y
ML7KqMsa1DIGLT9+AgDVA8ch0MDc3iTbvR4CCscaLXNp3ckB43aF6BXaufYJKZdC
YmNS
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:55 2024 by rpki-client on console-ams.rpki-client.org