Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QWiwIsUOfaONqkxfpcT21rkSiZw.roa
File: QWiwIsUOfaONqkxfpcT21rkSiZw.roa (raw, json)
Hash identifier: Nl+EujH+bqd1uAJ7yBHggKVpOIIyxwQ565qdx1oA6Sk=
Subject key identifier: 41:68:B0:22:C5:0E:7D:A3:8D:AA:4C:5F:A5:C4:F6:D6:B9:12:89:9C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192F6FB5DA4742770090534E5E823C1E027
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QWiwIsUOfaONqkxfpcT21rkSiZw.roa
Signing time: Mon 04 Nov 2024 11:42:01 +0000
ROA not before: Mon 04 Nov 2024 11:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212742
IP address blocks: 31.58.180.0/22 maxlen: 24
31.58.184.0/21 maxlen: 24
31.58.192.0/22 maxlen: 24
31.59.84.0/22 maxlen: 24
31.59.90.0/23 maxlen: 24
31.59.92.0/22 maxlen: 24
31.59.101.0/24 maxlen: 24
31.59.102.0/23 maxlen: 24
31.59.104.0/23 maxlen: 24
31.59.106.0/24 maxlen: 24
217.60.128.0/19 maxlen: 24
217.60.160.0/20 maxlen: 24
217.60.176.0/21 maxlen: 24
217.60.184.0/23 maxlen: 24
217.60.186.0/24 maxlen: 24
217.60.200.0/21 maxlen: 24
217.60.208.0/20 maxlen: 24
217.60.224.0/21 maxlen: 24
217.60.232.0/22 maxlen: 24
217.60.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:fb:5d:a4:74:27:70:09:05:34:e5:e8:23:c1:e0:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 4 11:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4168b022c50e7da38daa4c5fa5c4f6d6b912899c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c0:13:76:a0:71:e0:bf:6a:63:99:c0:a1:57:
38:c4:7e:e5:17:78:77:2f:c4:04:e4:c2:af:3e:2f:
8f:97:d0:99:af:52:e7:c6:1e:d8:fd:62:52:75:ca:
f0:49:79:24:ed:d0:12:71:b0:78:6c:24:75:4e:3a:
50:3a:af:f8:a7:06:ac:51:fb:9b:02:9c:de:dc:40:
64:21:c3:e0:73:c4:fb:9a:f4:f8:0e:f9:fb:04:bb:
54:08:7c:b4:7a:aa:ad:5a:2f:6d:69:8f:05:be:f8:
39:bc:8c:18:ad:3d:ed:06:9c:a5:62:3d:c7:91:7e:
ad:5f:9f:2c:45:95:b3:2f:de:ba:c0:4c:75:11:3a:
19:d2:a3:6e:e0:cb:66:d8:45:8b:c2:71:4a:f8:02:
9f:ef:17:5d:b3:16:be:c9:85:da:b1:eb:d1:0d:b8:
2f:24:c5:75:5e:e2:65:6c:91:ea:f2:3a:fd:ac:c2:
09:cc:59:78:07:6d:26:ed:75:f9:e3:7b:71:08:1a:
7c:4a:7c:e7:2c:2d:b1:21:b0:2b:14:25:b8:c7:8a:
34:72:6d:53:52:ed:b1:0c:04:19:02:2a:88:7b:b2:
bc:0b:b7:fb:a1:b6:d7:e7:0e:88:34:0a:2b:bd:42:
64:fc:84:54:92:8d:02:ea:66:5e:d2:94:81:33:32:
2b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:68:B0:22:C5:0E:7D:A3:8D:AA:4C:5F:A5:C4:F6:D6:B9:12:89:9C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QWiwIsUOfaONqkxfpcT21rkSiZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.180.0-31.58.195.255
31.59.84.0/22
31.59.90.0-31.59.95.255
31.59.101.0-31.59.106.255
217.60.128.0-217.60.186.255
217.60.200.0-217.60.235.255
217.60.250.0/24
Signature Algorithm: sha256WithRSAEncryption
40:25:95:30:c8:42:76:c2:f3:21:75:30:01:03:56:ed:c8:b1:
57:9d:01:2d:3b:cc:77:15:ef:2e:76:fc:ce:64:d4:28:76:5c:
95:0f:02:be:03:47:73:82:a9:a3:a6:b0:ee:95:dd:e1:f4:ab:
d2:33:1b:69:e3:b3:79:0a:d6:51:05:aa:08:ab:19:90:ae:ac:
9f:f4:be:f0:ba:0e:22:84:9e:af:04:50:a9:13:db:b3:b2:1b:
0a:94:95:68:6a:96:91:92:31:f5:3b:e5:76:8d:41:88:07:3b:
d0:ea:78:f6:b7:9b:9b:96:86:f5:e9:87:4a:04:f9:a1:28:96:
dc:aa:5d:42:4b:25:cc:d0:20:a8:f5:f0:ca:7a:9f:b4:34:db:
e3:d6:97:a3:65:3e:6f:81:c3:d4:00:2a:17:2b:52:25:dc:37:
af:f3:0b:f0:28:33:cc:1b:79:db:88:fd:3b:89:32:79:ad:ab:
f7:6f:7c:f3:f6:d5:5d:b2:fe:20:a1:2d:85:1d:ad:90:8d:72:
82:4e:d9:35:e3:b4:57:3c:c0:e1:78:06:9d:72:64:78:b6:3b:
f6:5f:1d:29:a6:0e:39:16:d3:d5:b8:6c:c4:d9:4d:ad:13:ab:
e1:7d:e0:1f:89:53:6e:6d:b8:49:ca:16:73:82:bc:86:b0:5c:
0e:87:a0:1b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZL2+12kdCdwCQU05egjweAnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTA0MTE0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY4YjAyMmM1MGU3ZGEzOGRhYTRjNWZhNWM0ZjZkNmI5MTI4OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8ATdqBx4L9qY5nAoVc4xH7lF3h3
L8QE5MKvPi+Pl9CZr1Lnxh7Y/WJSdcrwSXkk7dAScbB4bCR1TjpQOq/4pwasUfub
Apze3EBkIcPgc8T7mvT4Dvn7BLtUCHy0eqqtWi9taY8Fvvg5vIwYrT3tBpylYj3H
kX6tX58sRZWzL966wEx1EToZ0qNu4Mtm2EWLwnFK+AKf7xddsxa+yYXasevRDbgv
JMV1XuJlbJHq8jr9rMIJzFl4B20m7XX543txCBp8SnznLC2xIbArFCW4x4o0cm1T
Uu2xDAQZAiqIe7K8C7f7obbX5w6INAorvUJk/IRUko0C6mZe0pSBMzIrCQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFEFosCLFDn2jjapMX6XE9ta5EomcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUVdpd0lzVU9mYU9OcWt4ZnBjVDIxcmtTaVp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBAIfOrQD
BAIfOsADBAIfO1QwDAMEAR87WgMEBR87QDAMAwQAHztlAwQAHztqMAwDBAfZPIAD
BADZPLowDAMEA9k8yAMEAtk86AMEANk8+jANBgkqhkiG9w0BAQsFAAOCAQEAQCWV
MMhCdsLzIXUwAQNW7cixV50BLTvMdxXvLnb8zmTUKHZclQ8CvgNHc4Kpo6aw7pXd
4fSr0jMbaeOzeQrWUQWqCKsZkK6sn/S+8LoOIoSerwRQqRPbs7IbCpSVaGqWkZIx
9Tvldo1BiAc70Op49rebm5aG9emHSgT5oSiW3KpdQkslzNAgqPXwynqftDTb49aX
o2U+b4HD1AAqFytSJdw3r/ML8CgzzBt524j9O4kyea2r92988/bVXbL+IKEthR2t
kI1ygk7ZNeO0VzzA4XgGnXJkeLY79l8dKaYOORbT1bhsxNlNrROr4X3gH4lTbm24
ScoWc4K8hrBcDoegGw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:51:30 2024 by rpki-client on console-ams.rpki-client.org