Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRLENZAug8nk47v08mXJZpqhJ4I.roa
File: QRLENZAug8nk47v08mXJZpqhJ4I.roa (raw, json)
Hash identifier: rBikD4BolKIT2awy14EmjF7pyuuBpkM1LTgBxYjz9Jk=
Subject key identifier: 41:12:C4:35:90:2E:83:C9:E4:E3:BB:F4:F2:65:C9:66:9A:A1:27:82
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019434F6D60079D007156B8EE8032A7F9C99
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRLENZAug8nk47v08mXJZpqhJ4I.roa
Signing time: Sun 05 Jan 2025 05:36:19 +0000
ROA not before: Sun 05 Jan 2025 05:36:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 31.56.73.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:34:f6:d6:00:79:d0:07:15:6b:8e:e8:03:2a:7f:9c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 5 05:36:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4112c435902e83c9e4e3bbf4f265c9669aa12782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:10:ef:35:ec:3f:5a:55:83:2c:d6:55:44:f2:
bc:81:c7:6b:67:e6:38:02:af:ce:49:1d:a8:1c:54:
d5:80:95:f6:b4:50:58:a6:c4:cf:88:c9:62:d5:ae:
2e:4d:50:80:30:dc:bd:08:32:33:8f:a5:fd:fa:55:
cd:5f:e4:bc:6c:ea:f7:cf:19:92:b4:1b:c8:e4:4e:
26:90:cb:a0:61:f7:3c:a7:7e:d1:9e:ae:52:5c:02:
0d:0f:ee:5b:97:8a:cb:95:98:ff:18:17:aa:e7:53:
34:c3:a8:bf:4f:52:d8:54:8c:44:74:be:07:b1:80:
f0:23:1e:95:10:74:05:a9:05:18:80:73:7b:6d:2e:
f0:21:19:61:04:38:d6:af:31:b5:3b:b3:9a:c3:fa:
5a:1b:c1:c6:54:51:7d:bf:c2:fc:3c:31:a9:7f:5e:
af:48:d8:65:8f:54:b1:98:49:2d:7a:f2:2b:4c:68:
7b:d9:58:4c:18:14:8c:f2:e8:c5:1f:41:2e:e5:a7:
81:e3:3f:75:cb:12:b1:be:a7:1b:d5:f4:02:24:74:
b0:59:71:98:48:4c:b0:81:dd:57:09:ec:a3:7f:04:
34:55:0f:4c:b3:c2:7a:2c:21:38:54:d3:6e:0c:45:
25:98:0b:2b:37:e0:42:4b:0e:70:fa:8a:1a:19:f1:
76:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:12:C4:35:90:2E:83:C9:E4:E3:BB:F4:F2:65:C9:66:9A:A1:27:82
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QRLENZAug8nk47v08mXJZpqhJ4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.73.0/24
31.57.153.0/24
31.57.236.0/24
31.58.43.0/24
31.58.128.0/24
31.58.162.0/24
31.58.164.0/24
31.58.166.0/24
31.59.88.0/24
Signature Algorithm: sha256WithRSAEncryption
92:eb:21:ef:6c:d4:ec:01:35:98:5c:11:3e:18:e0:65:ae:55:
53:61:7a:91:da:27:03:ba:42:1b:ce:97:44:e2:51:e2:81:bc:
0d:0d:b7:aa:b1:02:01:21:4c:f8:0c:fb:45:31:cd:13:d9:2b:
75:64:48:00:f5:d7:04:6d:78:4b:a1:84:85:54:07:fa:c1:cb:
49:75:f5:27:1a:26:e7:8b:64:c8:71:a8:66:68:bd:79:d6:91:
dc:7c:45:7d:2d:c9:4d:9b:18:d9:35:cf:c8:35:56:a3:3a:8e:
ed:a8:4c:bc:a1:bd:7c:66:a3:ec:fd:7d:62:7a:ed:a7:ca:d0:
04:4a:ec:0e:e8:c0:be:f6:b5:89:55:ae:61:e5:a9:af:f9:9f:
4c:48:a5:19:4d:f3:3c:38:fd:05:ad:e6:9c:76:66:0a:9a:c2:
b9:13:e2:77:da:ec:31:3b:69:16:ce:91:a3:01:b0:52:22:dd:
14:8d:86:25:8b:34:d8:9d:3e:75:3e:c4:b9:20:03:94:12:c1:
e7:ab:1a:fa:8c:e5:6e:ca:47:17:bb:7d:e3:4e:dc:d2:65:bb:
6b:c6:84:de:74:d3:23:20:3f:d7:ac:a1:8e:23:d3:ef:55:67:
78:05:7b:92:85:05:00:da:79:07:e5:29:d0:43:d0:60:70:2a:
a0:08:25:1c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZQ09tYAedAHFWuO6AMqf5yZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA1MDUzNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTEyYzQzNTkwMmU4M2M5ZTRlM2JiZjRmMjY1Yzk2NjlhYTEyNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhDvNew/WlWDLNZVRPK8gcdrZ+Y4
Aq/OSR2oHFTVgJX2tFBYpsTPiMli1a4uTVCAMNy9CDIzj6X9+lXNX+S8bOr3zxmS
tBvI5E4mkMugYfc8p37Rnq5SXAIND+5bl4rLlZj/GBeq51M0w6i/T1LYVIxEdL4H
sYDwIx6VEHQFqQUYgHN7bS7wIRlhBDjWrzG1O7Oaw/paG8HGVFF9v8L8PDGpf16v
SNhlj1SxmEktevIrTGh72VhMGBSM8ujFH0Eu5aeB4z91yxKxvqcb1fQCJHSwWXGY
SEywgd1XCeyjfwQ0VQ9Ms8J6LCE4VNNuDEUlmAsrN+BCSw5w+ooaGfF2jwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEESxDWQLoPJ5OO79PJlyWaaoSeCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUVJMRU5aQXVnOG5rNDd2MDhtWEpacHFoSjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHzhJAwQA
HzmZAwQAHznsAwQAHzorAwQAHzqAAwQAHzqiAwQAHzqkAwQAHzqmAwQAHztYMA0G
CSqGSIb3DQEBCwUAA4IBAQCS6yHvbNTsATWYXBE+GOBlrlVTYXqR2icDukIbzpdE
4lHigbwNDbeqsQIBIUz4DPtFMc0T2St1ZEgA9dcEbXhLoYSFVAf6wctJdfUnGibn
i2TIcahmaL151pHcfEV9LclNmxjZNc/INVajOo7tqEy8ob18ZqPs/X1ieu2nytAE
SuwO6MC+9rWJVa5h5amv+Z9MSKUZTfM8OP0FreacdmYKmsK5E+J32uwxO2kWzpGj
AbBSIt0UjYYlizTYnT51PsS5IAOUEsHnqxr6jOVuykcXu33jTtzSZbtrxoTedNMj
ID/XrKGOI9PvVWd4BXuShQUA2nkH5SnQQ9BgcCqgCCUc
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:58:00 2025 by rpki-client