Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QfepSBZKxUQbJra20yiQa4nobOw.roa
File: QfepSBZKxUQbJra20yiQa4nobOw.roa (raw, json)
Hash identifier: S/Qua3T+Ct4Y+0fc5gAE26KMBXv16p3JwKWwSS345Ec=
Subject key identifier: 41:F7:A9:48:16:4A:C5:44:1B:26:B6:B6:D3:28:90:6B:89:E8:6C:EC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01945A291E61FDC193FF036B937AE6B16137
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QfepSBZKxUQbJra20yiQa4nobOw.roa
Signing time: Sun 12 Jan 2025 10:57:11 +0000
ROA not before: Sun 12 Jan 2025 10:57:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 31.56.88.0/24 maxlen: 24
31.56.112.0/21 maxlen: 24
31.57.11.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.176.0/24 maxlen: 24
31.57.194.0/24 maxlen: 24
31.58.59.0/24 maxlen: 24
31.58.146.0/24 maxlen: 24
31.59.14.0/24 maxlen: 24
31.59.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:29:1e:61:fd:c1:93:ff:03:6b:93:7a:e6:b1:61:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 12 10:57:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41f7a948164ac5441b26b6b6d328906b89e86cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:ae:0c:88:9e:51:be:c9:43:00:a1:83:09:
15:2c:54:b0:63:13:cd:67:c3:4e:4d:15:2a:02:8d:
41:a8:ce:4f:45:4f:fb:cc:c2:88:bf:8b:bd:d7:3c:
07:a9:0d:37:4a:e3:05:03:fe:b2:27:a3:7d:f2:a8:
7b:1a:48:25:9d:67:b3:dc:bf:fa:6e:80:94:d8:04:
37:ff:af:69:ae:67:38:30:02:4e:21:34:41:77:e5:
b1:18:58:fe:16:aa:3c:56:12:d7:f1:d0:48:49:65:
9f:eb:a2:e1:be:ce:20:ba:4f:60:db:19:10:14:0f:
5f:b0:f8:a6:24:16:7b:f1:ae:e8:bc:b8:0b:db:ca:
e8:d6:32:0b:fe:cb:6c:fc:8d:88:b2:52:35:6a:f0:
20:d5:3d:9e:98:15:08:26:c0:db:b6:11:b2:fd:12:
00:57:e4:e8:a9:4e:ed:fd:23:42:f8:7c:92:fd:38:
7c:84:1b:31:8e:23:28:0f:04:44:e5:17:df:c5:14:
1d:37:23:c5:ba:27:2b:af:af:d1:18:51:69:55:1d:
a3:2d:01:d9:a6:75:fe:05:c1:b2:68:ff:70:7a:04:
b0:57:b0:9e:8a:b5:d0:37:c2:1e:c7:9a:1c:64:a4:
fb:ed:06:5e:9b:b6:ba:90:be:c4:94:18:67:70:89:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F7:A9:48:16:4A:C5:44:1B:26:B6:B6:D3:28:90:6B:89:E8:6C:EC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QfepSBZKxUQbJra20yiQa4nobOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.88.0/24
31.56.112.0/21
31.57.11.0/24
31.57.131.0/24
31.57.150.0/24
31.57.176.0/24
31.57.194.0/24
31.58.59.0/24
31.58.146.0/24
31.59.14.0/24
31.59.30.0/24
Signature Algorithm: sha256WithRSAEncryption
15:43:bf:d6:5f:5e:44:34:8f:27:5c:50:e8:5a:44:f2:8d:3a:
b5:f6:af:1d:e2:d9:2b:3c:23:5e:46:30:bb:87:5f:f5:ff:3c:
9f:6d:a1:86:a3:52:34:19:42:c1:70:53:b5:f3:5f:af:f1:39:
09:7a:87:2c:f2:fe:11:09:fe:21:52:7a:1d:96:27:7b:21:2a:
a1:71:92:ec:6a:08:70:c6:31:28:e8:de:8b:2b:a8:4b:c5:df:
dc:33:86:19:4b:1f:ad:14:37:94:f5:3e:ce:59:7f:c8:60:ee:
e6:93:ba:76:fc:a9:a7:7f:c7:0f:00:b0:a6:af:4e:73:24:c8:
2e:9f:d8:84:34:54:c1:a1:b2:cd:3b:74:27:0e:77:1f:d8:de:
7b:9a:81:b0:1c:89:1e:a2:24:0c:79:88:55:0a:92:34:38:c7:
b7:74:be:70:e7:e4:60:74:d8:c9:90:17:72:8c:15:ab:64:ff:
c9:5a:d6:e6:ea:c1:f0:e4:f8:b2:75:19:8d:76:c1:54:47:c3:
06:e4:ab:88:cc:3d:e3:27:6f:71:0c:a7:f8:5a:b9:ef:7e:87:
f1:2a:70:e1:68:6a:b3:15:9d:68:94:59:e5:38:0b:4a:12:21:
4d:4a:d0:8f:32:ad:17:b9:86:d4:5a:20:32:b1:8f:4f:f4:7a:
66:0d:fa:2b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZRaKR5h/cGT/wNrk3rmsWE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTEyMTA1NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWY3YTk0ODE2NGFjNTQ0MWIyNmI2YjZkMzI4OTA2Yjg5ZTg2Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoSuDIieUb7JQwChgwkVLFSwYxPN
Z8NOTRUqAo1BqM5PRU/7zMKIv4u91zwHqQ03SuMFA/6yJ6N98qh7GkglnWez3L/6
boCU2AQ3/69prmc4MAJOITRBd+WxGFj+Fqo8VhLX8dBISWWf66Lhvs4guk9g2xkQ
FA9fsPimJBZ78a7ovLgL28ro1jIL/sts/I2IslI1avAg1T2emBUIJsDbthGy/RIA
V+ToqU7t/SNC+HyS/Th8hBsxjiMoDwRE5RffxRQdNyPFuicrr6/RGFFpVR2jLQHZ
pnX+BcGyaP9wegSwV7CeirXQN8Iex5ocZKT77QZem7a6kL7ElBhncIkDRQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFEH3qUgWSsVEGya2ttMokGuJ6GzsMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUWZlcFNCWkt4VVFiSnJhMjB5aVFhNG5vYk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAHzhYAwQD
HzhwAwQAHzkLAwQAHzmDAwQAHzmWAwQAHzmwAwQAHznCAwQAHzo7AwQAHzqSAwQA
HzsOAwQAHzseMA0GCSqGSIb3DQEBCwUAA4IBAQAVQ7/WX15ENI8nXFDoWkTyjTq1
9q8d4tkrPCNeRjC7h1/1/zyfbaGGo1I0GULBcFO181+v8TkJeocs8v4RCf4hUnod
lid7ISqhcZLsaghwxjEo6N6LK6hLxd/cM4YZSx+tFDeU9T7OWX/IYO7mk7p2/Kmn
f8cPALCmr05zJMgun9iENFTBobLNO3QnDncf2N57moGwHIkeoiQMeYhVCpI0OMe3
dL5w5+RgdNjJkBdyjBWrZP/JWtbm6sHw5PiydRmNdsFUR8MG5KuIzD3jJ29xDKf4
WrnvfofxKnDhaGqzFZ1olFnlOAtKEiFNStCPMq0XuYbUWiAysY9P9HpmDfor
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:00:37 2025 by rpki-client