Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QMXKF2xtTIo1deiIJJFGyKFQi5E.roa
File: QMXKF2xtTIo1deiIJJFGyKFQi5E.roa (raw, json)
Hash identifier: gmx/SW4gDr3Pshq7XABklhhpqL40eqLDpKRFHifGtPA=
Subject key identifier: 40:C5:CA:17:6C:6D:4C:8A:35:75:E8:88:24:91:46:C8:A1:50:8B:91
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0191DA4F31C325DA8E4D263D181C9D11858D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QMXKF2xtTIo1deiIJJFGyKFQi5E.roa
Signing time: Tue 10 Sep 2024 05:01:48 +0000
ROA not before: Tue 10 Sep 2024 05:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215523
IP address blocks: 31.56.90.0/23 maxlen: 23
31.57.136.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:4f:31:c3:25:da:8e:4d:26:3d:18:1c:9d:11:85:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 10 05:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40c5ca176c6d4c8a3575e888249146c8a1508b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:87:d6:94:87:d1:a7:e3:53:0b:10:df:a3:29:
96:90:c8:cc:36:90:65:dc:2a:49:ac:e0:6d:9d:82:
fd:c6:f5:ee:03:e7:84:40:b6:c7:da:a9:ef:87:69:
9e:ce:4a:1b:20:c8:34:76:ae:5a:fe:16:28:7e:af:
88:ca:88:0c:0d:1e:c9:d9:36:ff:28:03:5c:c7:57:
e6:bf:47:c7:ab:7f:fd:3e:38:c9:10:7f:aa:7f:b0:
b8:c8:35:5d:64:2e:1d:b3:95:51:70:b5:e7:27:71:
68:2c:9e:4c:87:05:1b:dc:e3:b5:96:9f:6b:f7:40:
c7:ae:e6:0c:45:04:f9:be:b0:95:8a:2d:9f:8f:bd:
dc:31:75:1d:96:df:0e:af:c1:bc:b0:42:cb:1c:e2:
ca:cc:7e:f0:b6:6e:7d:0f:cd:17:a8:98:c0:21:93:
ef:02:8a:f9:49:6b:62:d5:78:37:3f:11:de:5e:e9:
97:30:0f:58:87:13:ef:3b:52:ce:aa:50:bd:e8:4b:
e5:8a:10:36:6f:9e:bf:f5:81:26:bc:2d:2f:01:e3:
20:74:82:d5:d6:39:a0:8d:78:54:dd:87:97:5f:f5:
f9:13:73:dd:82:ad:0b:83:a5:0f:09:cb:77:08:23:
bb:34:28:22:49:5d:97:56:50:7c:0c:88:42:c4:4e:
8e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C5:CA:17:6C:6D:4C:8A:35:75:E8:88:24:91:46:C8:A1:50:8B:91
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QMXKF2xtTIo1deiIJJFGyKFQi5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.90.0/23
31.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
56:ba:55:ef:15:be:fc:55:4e:f0:14:7a:e9:a6:e2:d4:9b:67:
1c:d2:3a:e6:58:bc:26:ee:c5:a5:68:ef:0a:bb:e1:e3:4b:e0:
72:ce:4a:4c:6e:1e:f4:f0:0c:af:63:5e:93:36:c4:c5:59:f9:
b8:7e:e7:08:66:dd:a6:43:e6:cf:73:98:28:f9:0a:0e:2e:91:
c1:c2:34:1a:72:6d:26:ff:18:d1:03:dd:4b:7f:a7:19:dc:d2:
82:92:dd:6d:34:25:7c:ea:56:a7:0a:ac:fa:41:be:5f:7c:14:
21:a2:5b:2a:17:19:e1:ae:0c:da:e1:74:e2:20:ea:7c:d4:37:
84:03:2f:d3:99:a1:95:2b:d5:9d:af:e6:33:0c:3c:2e:97:0c:
04:78:83:5f:e7:b1:4a:e3:a1:44:a0:99:c8:d5:f6:9a:66:b6:
fe:c5:be:08:67:40:de:9d:65:e8:68:8c:16:7d:da:cf:9d:e8:
43:27:59:5b:62:b1:40:6e:c2:95:d9:95:e5:92:9d:80:c3:f4:
6d:8b:70:10:13:8d:2c:9f:c4:06:47:b7:81:54:d8:f1:7c:b6:
e7:49:67:38:85:a0:2a:ce:8a:9e:db:29:7e:80:1a:d8:be:9b:
9b:00:b2:9b:bc:3c:55:0f:1d:f7:ca:62:48:89:bc:bd:39:58:
6d:b9:7d:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZHaTzHDJdqOTSY9GBydEYWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQwOTEwMDUwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGM1Y2ExNzZjNmQ0YzhhMzU3NWU4ODgyNDkxNDZjOGExNTA4YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIfWlIfRp+NTCxDfoymWkMjMNpBl
3CpJrOBtnYL9xvXuA+eEQLbH2qnvh2mezkobIMg0dq5a/hYofq+IyogMDR7J2Tb/
KANcx1fmv0fHq3/9PjjJEH+qf7C4yDVdZC4ds5VRcLXnJ3FoLJ5MhwUb3OO1lp9r
90DHruYMRQT5vrCVii2fj73cMXUdlt8Or8G8sELLHOLKzH7wtm59D80XqJjAIZPv
Aor5SWti1Xg3PxHeXumXMA9YhxPvO1LOqlC96EvlihA2b56/9YEmvC0vAeMgdILV
1jmgjXhU3YeXX/X5E3Pdgq0Lg6UPCct3CCO7NCgiSV2XVlB8DIhCxE6OQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEDFyhdsbUyKNXXoiCSRRsihUIuRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUU1YS0YyeHRUSW8xZGVpSUpKRkd5S0ZRaTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHzhaAwQD
HzmIMA0GCSqGSIb3DQEBCwUAA4IBAQBWulXvFb78VU7wFHrppuLUm2cc0jrmWLwm
7sWlaO8Ku+HjS+ByzkpMbh708AyvY16TNsTFWfm4fucIZt2mQ+bPc5go+QoOLpHB
wjQacm0m/xjRA91Lf6cZ3NKCkt1tNCV86lanCqz6Qb5ffBQholsqFxnhrgza4XTi
IOp81DeEAy/TmaGVK9Wdr+YzDDwulwwEeINf57FK46FEoJnI1faaZrb+xb4IZ0De
nWXoaIwWfdrPnehDJ1lbYrFAbsKV2ZXlkp2Aw/Rti3AQE40sn8QGR7eBVNjxfLbn
SWc4haAqzoqe2yl+gBrYvpubALKbvDxVDx33ymJIiby9OVhtuX0B
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:51:30 2024 by rpki-client on console-ams.rpki-client.org