Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/R3VWQFO2-C-VkJFItmps9ywGdJU.roa
File: R3VWQFO2-C-VkJFItmps9ywGdJU.roa (raw, json)
Hash identifier: z089/qkkykhm0yUVISkzG1fVrB5JxCJ0gwKh10tlj3Q=
Subject key identifier: 47:75:56:40:53:B6:F8:2F:95:90:91:48:B6:6A:6C:F7:2C:06:74:95
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019294B65BE387F49CC1CDDD9AD4817C464A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/R3VWQFO2-C-VkJFItmps9ywGdJU.roa
Signing time: Wed 16 Oct 2024 09:43:51 +0000
ROA not before: Wed 16 Oct 2024 09:43:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 31.56.140.0/24 maxlen: 24
31.56.147.0/24 maxlen: 24
31.57.78.0/24 maxlen: 24
31.57.79.0/24 maxlen: 24
31.57.80.0/24 maxlen: 24
31.57.81.0/24 maxlen: 24
31.57.85.0/24 maxlen: 24
31.57.86.0/24 maxlen: 24
31.57.87.0/24 maxlen: 24
31.58.10.0/24 maxlen: 24
31.58.16.0/24 maxlen: 24
31.58.19.0/24 maxlen: 24
31.58.20.0/24 maxlen: 24
31.58.21.0/24 maxlen: 24
31.58.26.0/24 maxlen: 24
31.58.29.0/24 maxlen: 24
31.58.30.0/24 maxlen: 24
31.59.13.0/24 maxlen: 24
31.59.18.0/24 maxlen: 24
31.59.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:94:b6:5b:e3:87:f4:9c:c1:cd:dd:9a:d4:81:7c:46:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 16 09:43:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4775564053b6f82f95909148b66a6cf72c067495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:fa:a9:9c:8e:f5:7a:ad:6f:e0:b6:3f:65:f3:
dc:cf:a6:30:93:4c:9b:ac:16:1f:63:9f:ee:da:ed:
26:62:92:a6:40:36:29:73:5d:6b:55:a4:ee:fa:52:
34:86:4c:b1:55:57:01:3c:96:22:89:52:8e:da:0f:
f7:72:9d:37:63:df:bf:4f:05:91:d7:a5:10:6c:30:
68:4b:0c:c1:9d:b3:10:4e:2c:e6:9b:2b:32:da:5b:
6d:93:f8:bf:e4:8a:a0:1a:ca:74:26:5f:f9:8e:1f:
b3:f7:f1:db:f8:ab:60:b9:93:36:14:ef:df:67:56:
a0:d6:4b:a9:fe:2e:21:b3:fa:4f:55:32:46:d0:ed:
77:26:1c:d7:a9:5f:13:71:2c:a2:c4:65:fc:c3:21:
1c:a5:1a:b0:65:49:24:de:9e:c1:0c:56:b5:06:5d:
0c:af:98:57:e3:59:66:bf:16:82:7d:34:1f:be:cc:
cc:d9:ff:59:84:9a:7d:0b:63:7f:42:58:62:bd:59:
33:a0:eb:62:e7:5a:f0:6d:cf:87:a7:10:d2:2e:65:
47:64:9b:fd:9c:39:c6:04:a7:47:16:17:52:43:6d:
87:56:26:eb:58:61:a8:df:00:75:9e:37:23:ec:34:
e2:50:24:72:bd:fd:10:f8:f1:3d:b7:e1:e7:6d:4a:
1d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:75:56:40:53:B6:F8:2F:95:90:91:48:B6:6A:6C:F7:2C:06:74:95
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/R3VWQFO2-C-VkJFItmps9ywGdJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.140.0/24
31.56.147.0/24
31.57.78.0-31.57.81.255
31.57.85.0-31.57.87.255
31.58.10.0/24
31.58.16.0/24
31.58.19.0-31.58.21.255
31.58.26.0/24
31.58.29.0-31.58.30.255
31.59.13.0/24
31.59.18.0/24
31.59.24.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:41:3e:bf:da:a2:76:57:2b:f6:1d:dc:9d:aa:af:97:2d:47:
1b:9f:1d:f3:9d:86:96:3c:5c:21:8a:43:bc:ea:17:d8:90:61:
37:a9:7b:83:eb:e4:af:a2:d4:36:fa:83:fe:e6:aa:6d:38:58:
16:83:c6:7a:4d:00:80:0c:03:0a:52:ad:d8:e6:e7:84:16:1e:
59:3f:ca:89:2d:38:97:d4:78:7a:d8:dc:5a:fd:f0:bd:76:7e:
0e:49:46:6c:89:2a:14:7e:66:90:d7:b6:d2:76:2f:27:96:f2:
d4:3c:a9:9d:b7:69:d6:67:6a:2a:53:cc:fe:b1:b3:d3:fd:ad:
1f:f6:c3:a3:e1:29:be:07:4d:1f:a2:48:1b:4e:e6:42:47:e9:
6f:ee:5a:dd:ee:8e:40:29:97:32:f2:9d:1e:01:24:51:68:00:
1d:1b:2c:aa:8a:00:f3:7a:b9:e8:db:2b:0c:64:ab:78:d7:16:
39:85:46:67:7c:0c:fb:85:31:78:5a:c2:54:48:75:c5:a7:e7:
9a:54:30:90:e2:ba:8a:fb:2c:65:34:95:c0:cc:6d:d9:66:e9:
25:11:75:20:34:cc:70:6f:10:63:77:54:00:19:0d:74:de:a6:
e7:90:34:47:2c:5e:c2:af:a8:af:42:15:cd:2a:54:24:de:c5:
63:5c:9f:c5
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZKUtlvjh/Scwc3dmtSBfEZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE2MDk0MzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzc1NTY0MDUzYjZmODJmOTU5MDkxNDhiNjZhNmNmNzJjMDY3NDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfqpnI71eq1v4LY/ZfPcz6Ywk0yb
rBYfY5/u2u0mYpKmQDYpc11rVaTu+lI0hkyxVVcBPJYiiVKO2g/3cp03Y9+/TwWR
16UQbDBoSwzBnbMQTizmmysy2lttk/i/5IqgGsp0Jl/5jh+z9/Hb+KtguZM2FO/f
Z1ag1kup/i4hs/pPVTJG0O13JhzXqV8TcSyixGX8wyEcpRqwZUkk3p7BDFa1Bl0M
r5hX41lmvxaCfTQfvszM2f9ZhJp9C2N/QlhivVkzoOti51rwbc+HpxDSLmVHZJv9
nDnGBKdHFhdSQ22HVibrWGGo3wB1njcj7DTiUCRyvf0Q+PE9t+HnbUodPwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFEd1VkBTtvgvlZCRSLZqbPcsBnSVMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvUjNWV1FGTzItQy1Wa0pGSXRtcHM5eXdHZEpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAB84jAME
AB84kzAMAwQBHzlOAwQBHzlQMAwDBAAfOVUDBAMfOVADBAAfOgoDBAAfOhAwDAME
AB86EwMEAR86FAMEAB86GjAMAwQAHzodAwQAHzoeAwQAHzsNAwQAHzsSAwQAHzsY
MA0GCSqGSIb3DQEBCwUAA4IBAQDBQT6/2qJ2Vyv2Hdydqq+XLUcbnx3znYaWPFwh
ikO86hfYkGE3qXuD6+SvotQ2+oP+5qptOFgWg8Z6TQCADAMKUq3Y5ueEFh5ZP8qJ
LTiX1Hh62Nxa/fC9dn4OSUZsiSoUfmaQ17bSdi8nlvLUPKmdt2nWZ2oqU8z+sbPT
/a0f9sOj4Sm+B00fokgbTuZCR+lv7lrd7o5AKZcy8p0eASRRaAAdGyyqigDzerno
2ysMZKt41xY5hUZnfAz7hTF4WsJUSHXFp+eaVDCQ4rqK+yxlNJXAzG3ZZuklEXUg
NMxwbxBjd1QAGQ103qbnkDRHLF7Cr6ivQhXNKlQk3sVjXJ/F
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:38:12 2024 by rpki-client on console-fra.rpki-client.org