Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QEL5HlGmfbu5QvaAOYsFOe8Z-RA.roa
File: QEL5HlGmfbu5QvaAOYsFOe8Z-RA.roa (raw, json)
Hash identifier: NHJstOQ8W9VHysjwGccBsiHecJczQmyL+j33Bm9pc5M=
Subject key identifier: 40:42:F9:1E:51:A6:7D:BB:B9:42:F6:80:39:8B:05:39:EF:19:F9:10
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019460C32EB3B345576E6C91EAE5C387C567
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QEL5HlGmfbu5QvaAOYsFOe8Z-RA.roa
Signing time: Mon 13 Jan 2025 17:43:11 +0000
ROA not before: Mon 13 Jan 2025 17:43:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.126.0/24 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.57.184.0/22 maxlen: 24
31.59.68.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
217.60.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:60:c3:2e:b3:b3:45:57:6e:6c:91:ea:e5:c3:87:c5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 13 17:43:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4042f91e51a67dbbb942f680398b0539ef19f910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:24:cc:98:bf:c5:a3:4a:97:6d:d7:51:6e:
76:0e:db:ec:29:3b:80:41:9d:b4:37:28:5c:e6:43:
6c:f4:4a:1d:3d:c2:98:b1:83:bf:0c:d9:cc:0e:a2:
25:c4:97:6e:47:87:fb:ff:d5:cd:74:d9:c3:b0:23:
d6:c0:f1:c1:12:77:4b:8d:f8:ee:62:d1:fc:e8:cb:
00:e9:d2:b2:e8:4b:80:4f:3d:9c:d3:ac:51:2d:a2:
60:1a:0e:cb:59:74:46:94:ba:32:92:b6:8e:66:37:
d5:c2:ec:7e:8d:df:4a:4b:4c:fe:e6:c1:39:7b:ea:
45:dc:6a:34:41:4b:f4:af:dd:41:c9:2d:69:60:5f:
a1:a8:c2:d9:bc:88:0d:a0:3f:3c:20:57:b4:6d:0e:
25:bd:bc:f2:75:de:9b:b5:c0:69:c4:27:a4:a8:d2:
d0:5a:36:56:2e:3e:d9:c9:48:b4:ad:aa:67:c4:da:
22:1c:68:c7:a1:a1:54:63:51:7c:f7:cd:90:89:aa:
ba:8c:d0:00:39:a9:94:71:b7:30:ea:e6:ac:12:0e:
21:d4:fe:1a:77:ef:9e:b8:b0:5c:da:1c:90:a1:1d:
c1:05:70:b3:df:4c:0e:03:06:3f:ae:14:4e:41:13:
59:5d:6a:df:b5:4e:b3:ae:88:62:77:48:c8:e1:72:
6f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:42:F9:1E:51:A6:7D:BB:B9:42:F6:80:39:8B:05:39:EF:19:F9:10
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QEL5HlGmfbu5QvaAOYsFOe8Z-RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.126.0/24
31.56.142.0/23
31.56.148.0/22
31.57.184.0/22
31.59.68.0/24
31.59.136.0-31.59.175.255
217.60.62.0/24
Signature Algorithm: sha256WithRSAEncryption
73:bd:e7:65:db:44:9b:e1:fc:92:eb:02:39:6b:63:27:82:7b:
18:1e:ed:1f:43:af:5c:71:59:b1:f3:44:ac:d0:ae:c9:18:c0:
76:9c:78:54:0f:66:0d:f1:1c:66:fb:11:d4:2a:34:cb:a1:fb:
9f:65:8d:97:4a:6d:5a:dc:84:72:d6:24:8f:ed:db:d4:e0:2f:
6d:0f:c5:45:f2:12:98:dc:9a:0e:35:f9:52:2a:af:50:74:2b:
d3:75:6e:45:e9:c8:df:aa:55:9a:41:17:90:d9:89:76:c1:77:
3c:8a:a1:34:bc:c7:a9:70:93:31:39:d7:bc:22:4c:b2:7a:b3:
d8:9a:14:5e:3f:9a:80:b6:51:a9:22:f9:47:15:4c:f0:a9:cf:
33:87:8a:86:ca:5c:a8:58:d4:ca:63:5a:e3:0b:c5:39:71:a8:
4e:f6:be:df:4b:68:7e:ef:03:4c:92:ae:38:c1:05:25:cd:86:
b2:5b:77:fe:f6:2e:a9:55:f9:3b:a4:98:06:cf:bd:d8:aa:ae:
f5:67:2e:ff:a3:15:02:86:43:af:8f:9b:7a:4f:03:84:9b:cd:
e0:62:4e:f0:db:5a:c2:36:45:d3:ce:72:45:e7:da:42:41:3c:
df:8c:de:66:b6:13:ea:d9:42:91:44:42:03:10:1e:f9:02:05:
5c:40:64:b3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZRgwy6zs0VXbmyR6uXDh8VnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTEzMTc0MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDQyZjkxZTUxYTY3ZGJiYjk0MmY2ODAzOThiMDUzOWVmMTlmOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdwkzJi/xaNKl23XUW52DtvsKTuA
QZ20Nyhc5kNs9EodPcKYsYO/DNnMDqIlxJduR4f7/9XNdNnDsCPWwPHBEndLjfju
YtH86MsA6dKy6EuATz2c06xRLaJgGg7LWXRGlLoykraOZjfVwux+jd9KS0z+5sE5
e+pF3Go0QUv0r91ByS1pYF+hqMLZvIgNoD88IFe0bQ4lvbzydd6btcBpxCekqNLQ
WjZWLj7ZyUi0rapnxNoiHGjHoaFUY1F8982Qiaq6jNAAOamUcbcw6uasEg4h1P4a
d++euLBc2hyQoR3BBXCz30wOAwY/rhROQRNZXWrftU6zrohid0jI4XJvhwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFEBC+R5Rpn27uUL2gDmLBTnvGfkQMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUUVMNUhsR21mYnU1UXZhQU9Zc0ZPZThaLVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDHzgIAwQA
Hzh+AwQBHziOAwQCHziUAwQCHzm4AwQAHztEMAwDBAMfO4gDBAQfO6ADBADZPD4w
DQYJKoZIhvcNAQELBQADggEBAHO952XbRJvh/JLrAjlrYyeCexge7R9Dr1xxWbHz
RKzQrskYwHaceFQPZg3xHGb7EdQqNMuh+59ljZdKbVrchHLWJI/t29TgL20PxUXy
Epjcmg41+VIqr1B0K9N1bkXpyN+qVZpBF5DZiXbBdzyKoTS8x6lwkzE517wiTLJ6
s9iaFF4/moC2Uaki+UcVTPCpzzOHiobKXKhY1MpjWuMLxTlxqE72vt9LaH7vA0yS
rjjBBSXNhrJbd/72LqlV+TukmAbPvdiqrvVnLv+jFQKGQ6+Pm3pPA4SbzeBiTvDb
WsI2RdPOckXn2kJBPN+M3ma2E+rZQpFEQgMQHvkCBVxAZLM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:01:15 2025 by rpki-client