Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QtGWzdD9adHwDhEHhCIwB9jbDQQ.roa
File: QtGWzdD9adHwDhEHhCIwB9jbDQQ.roa (raw, json)
Hash identifier: SFt49zZSlwXY0DV0/0VZe/QgVwP2YVUwEr1jb55xoJQ=
Subject key identifier: 42:D1:96:CD:D0:FD:69:D1:F0:0E:11:07:84:22:30:07:D8:DB:0D:04
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01928711EE23E45ED571354AE1738E6B3E6F
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QtGWzdD9adHwDhEHhCIwB9jbDQQ.roa
Signing time: Sun 13 Oct 2024 18:09:11 +0000
ROA not before: Sun 13 Oct 2024 18:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 31.56.23.0/24 maxlen: 24
31.56.25.0/24 maxlen: 24
31.56.27.0/24 maxlen: 24
31.56.28.0/22 maxlen: 24
31.56.32.0/24 maxlen: 24
31.56.34.0/24 maxlen: 24
31.56.36.0/24 maxlen: 24
31.56.38.0/24 maxlen: 24
31.56.40.0/24 maxlen: 24
31.56.58.0/24 maxlen: 24
31.56.61.0/24 maxlen: 24
31.56.68.0/24 maxlen: 24
31.56.70.0/24 maxlen: 24
31.56.71.0/24 maxlen: 24
31.56.73.0/24 maxlen: 24
31.56.74.0/24 maxlen: 24
31.56.75.0/24 maxlen: 24
31.56.80.0/22 maxlen: 22
31.56.92.0/22 maxlen: 22
31.56.96.0/22 maxlen: 22
31.56.100.0/22 maxlen: 22
31.56.104.0/22 maxlen: 22
31.56.108.0/22 maxlen: 22
31.57.119.0/24 maxlen: 24
31.57.168.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:87:11:ee:23:e4:5e:d5:71:35:4a:e1:73:8e:6b:3e:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 13 18:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42d196cdd0fd69d1f00e110784223007d8db0d04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a4:70:c6:d5:e3:62:ea:0f:67:bd:8f:14:5a:
30:e7:d9:bd:8e:ef:ac:d7:49:65:d6:10:e0:4c:81:
53:45:fe:33:1b:15:cd:d0:52:5f:40:49:af:91:40:
29:01:23:d6:71:30:54:3c:47:47:0b:d6:80:4a:9e:
ca:f9:05:34:6a:92:f5:62:c8:20:2c:cc:91:6b:ad:
f4:93:73:07:48:9c:a7:69:21:26:7c:f8:4f:04:99:
a1:4f:05:52:42:88:ac:8a:93:af:8b:4f:cf:5c:f1:
3e:4b:28:82:b1:34:69:de:63:d5:69:04:7d:00:4c:
8a:4a:e2:52:84:1b:53:3a:a7:d8:95:50:26:1d:05:
23:44:70:98:4e:b1:34:31:50:4c:5c:4e:2c:a1:be:
bd:6e:07:04:8b:8e:e6:a3:6d:7c:42:bf:f5:95:d8:
e8:fe:02:b8:dd:8b:d6:b0:1f:53:01:96:7e:6f:ee:
fa:43:94:c2:37:37:5e:86:ca:ed:5e:70:9c:e5:6a:
dd:07:f7:c5:d3:fd:f4:fa:88:3e:cc:66:d5:fc:1b:
29:70:68:59:55:65:8b:39:68:41:12:6f:75:1f:94:
30:8b:db:d8:a3:99:28:d2:a0:f0:2b:e8:bc:88:0d:
58:1c:69:47:ec:f4:80:cf:fe:e9:5d:65:7f:54:e4:
80:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D1:96:CD:D0:FD:69:D1:F0:0E:11:07:84:22:30:07:D8:DB:0D:04
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/QtGWzdD9adHwDhEHhCIwB9jbDQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.23.0/24
31.56.25.0/24
31.56.27.0-31.56.32.255
31.56.34.0/24
31.56.36.0/24
31.56.38.0/24
31.56.40.0/24
31.56.58.0/24
31.56.61.0/24
31.56.68.0/24
31.56.70.0/23
31.56.73.0-31.56.75.255
31.56.80.0/22
31.56.92.0-31.56.111.255
31.57.119.0/24
31.57.168.0/22
Signature Algorithm: sha256WithRSAEncryption
58:e6:38:36:db:45:b0:b5:ef:a6:21:67:69:1e:be:5b:a2:89:
33:ef:c5:73:9f:1b:03:35:1c:7f:9d:01:0f:76:f0:de:ec:3b:
3a:36:41:8a:34:8f:de:59:a5:ea:c8:80:c4:d1:c3:1a:68:c0:
31:f6:22:43:79:16:4e:5f:66:68:f0:ca:24:34:8e:f1:9a:11:
47:aa:ed:c3:e8:6d:34:9a:c4:57:e8:0e:95:59:fb:f5:bb:da:
12:83:cb:52:b5:12:4f:a7:eb:9f:5d:d4:4e:c7:bc:a7:7f:39:
1e:ac:86:18:4f:a9:36:e0:d3:39:d1:7e:7d:43:78:cb:d2:05:
b0:18:a3:d0:76:aa:06:a7:ba:b3:72:db:1f:08:30:1e:c5:61:
6c:25:45:e5:7a:94:10:30:32:97:34:f0:78:ab:9e:22:46:f0:
01:b0:33:fc:e4:d3:b5:d3:43:22:5b:9c:01:6c:72:57:d4:35:
66:ab:f8:58:c1:3c:9f:39:b1:7d:ce:67:20:2d:94:41:2a:9b:
fc:28:7b:2c:ec:a0:e2:dd:2f:4e:45:b9:40:e3:fc:1c:a4:43:
7d:55:7c:b7:16:aa:dc:4c:22:65:08:21:06:ca:6a:da:f7:4d:
f0:f1:6e:5c:25:bf:2b:b5:23:3b:ef:e6:93:0d:42:8c:1d:fa:
2d:c4:35:0c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZKHEe4j5F7VcTVK4XOOaz5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDEzMTgwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQxOTZjZGQwZmQ2OWQxZjAwZTExMDc4NDIyMzAwN2Q4ZGIwZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA86RwxtXjYuoPZ72PFFow59m9ju+s
10ll1hDgTIFTRf4zGxXN0FJfQEmvkUApASPWcTBUPEdHC9aASp7K+QU0apL1Ysgg
LMyRa630k3MHSJynaSEmfPhPBJmhTwVSQoisipOvi0/PXPE+SyiCsTRp3mPVaQR9
AEyKSuJShBtTOqfYlVAmHQUjRHCYTrE0MVBMXE4sob69bgcEi47mo218Qr/1ldjo
/gK43YvWsB9TAZZ+b+76Q5TCNzdehsrtXnCc5WrdB/fF0/30+og+zGbV/BspcGhZ
VWWLOWhBEm91H5Qwi9vYo5ko0qDwK+i8iA1YHGlH7PSAz/7pXWV/VOSAmwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFELRls3Q/WnR8A4RB4QiMAfY2w0EMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUXRHV3pkRDlhZEh3RGhFSGhDSXdCOWpiRFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAHzgX
AwQAHzgZMAwDBAAfOBsDBAAfOCADBAAfOCIDBAAfOCQDBAAfOCYDBAAfOCgDBAAf
ODoDBAAfOD0DBAAfOEQDBAEfOEYwDAMEAB84SQMEAh84SAMEAh84UDAMAwQCHzhc
AwQEHzhgAwQAHzl3AwQCHzmoMA0GCSqGSIb3DQEBCwUAA4IBAQBY5jg220Wwte+m
IWdpHr5bookz78VznxsDNRx/nQEPdvDe7Ds6NkGKNI/eWaXqyIDE0cMaaMAx9iJD
eRZOX2Zo8MokNI7xmhFHqu3D6G00msRX6A6VWfv1u9oSg8tStRJPp+ufXdROx7yn
fzkerIYYT6k24NM50X59Q3jL0gWwGKPQdqoGp7qzctsfCDAexWFsJUXlepQQMDKX
NPB4q54iRvABsDP85NO100MiW5wBbHJX1DVmq/hYwTyfObF9zmcgLZRBKpv8KHss
7KDi3S9ORblA4/wcpEN9VXy3FqrcTCJlCCEGymra903w8W5cJb8rtSM77+aTDUKM
HfotxDUM
-----END CERTIFICATE-----
Generated at Tue Oct 22 21:25:52 2024 by rpki-client on console-ams.rpki-client.org