Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TDIKeoQAEwlGAI-I-6hcokljYtk.roa
File: TDIKeoQAEwlGAI-I-6hcokljYtk.roa (raw, json)
Hash identifier: FGTqK/r0JtegxBENBJCqIh0WjL4/18unjZurfhdh06I=
Subject key identifier: 4C:32:0A:7A:84:00:13:09:46:00:8F:88:FB:A8:5C:A2:49:63:62:D9
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192AA868B4AAB810DD7AB020825CB77916B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TDIKeoQAEwlGAI-I-6hcokljYtk.roa
Signing time: Sun 20 Oct 2024 15:23:17 +0000
ROA not before: Sun 20 Oct 2024 15:23:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215071
IP address blocks: 31.57.77.0/24 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.57.118.0/24 maxlen: 24
31.57.230.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:86:8b:4a:ab:81:0d:d7:ab:02:08:25:cb:77:91:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 20 15:23:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c320a7a8400130946008f88fba85ca2496362d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:67:5a:7f:47:15:97:99:92:c6:8f:bd:47:54:
94:84:cc:88:57:96:9c:ae:5b:22:e6:d5:e7:df:b0:
ae:84:df:15:8a:5f:c4:7e:15:a0:fb:ff:63:20:59:
79:19:e6:00:7d:81:df:49:51:6c:ab:14:4b:38:06:
2b:10:1a:44:40:de:4f:01:69:a3:fa:07:86:db:d5:
5a:cf:aa:26:6d:01:28:e3:a3:e2:1e:05:81:02:9e:
fe:da:c5:0b:a3:d6:cf:1e:be:1c:3a:f4:5c:b2:58:
70:3b:03:2e:b5:17:d7:8f:4a:d1:b3:b5:10:47:5d:
91:f1:9d:30:d5:84:28:4d:00:43:e2:57:a1:d8:1e:
72:17:bf:b7:96:f4:92:b2:98:3c:12:99:47:90:aa:
60:96:de:ca:34:9d:15:8a:40:7d:b6:86:42:68:b1:
8c:f4:e5:7b:e8:c0:b8:e4:f9:c3:39:b0:62:d0:e3:
30:19:75:39:df:5c:1b:b4:7f:95:5b:22:3f:a1:68:
d4:bc:e3:4b:61:08:ec:14:5b:d0:69:96:71:5c:aa:
cc:d1:89:20:bc:52:ff:90:8f:28:5b:df:e5:f0:6a:
dc:a8:90:61:ab:f5:3c:41:82:f1:96:b1:af:61:9c:
1e:2e:22:a2:33:f0:1a:17:2f:ce:8b:5f:22:68:6a:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:32:0A:7A:84:00:13:09:46:00:8F:88:FB:A8:5C:A2:49:63:62:D9
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TDIKeoQAEwlGAI-I-6hcokljYtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.77.0/24
31.57.103.0/24
31.57.113.0-31.57.118.255
31.57.230.0/24
31.57.249.0-31.57.251.255
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:41:74:52:5e:27:b7:8d:f1:06:08:4f:80:31:1b:ae:b1:2e:
94:fc:e4:a6:5f:20:a2:18:65:8b:f1:c0:eb:51:4d:7a:27:1c:
48:bf:0c:a7:94:33:ce:b6:1c:d6:e1:46:b0:ce:90:b8:41:cd:
61:51:82:07:bd:1d:dc:77:2a:e1:5c:b5:72:d4:96:70:ad:4a:
6b:8e:cc:66:a0:96:0d:ae:69:db:31:fe:d9:e9:29:8d:5c:5c:
2f:54:9f:5d:85:9f:9d:bf:41:0c:bb:23:b8:05:82:47:0e:c1:
cd:16:b6:b2:2e:91:4d:ef:78:54:04:ef:f1:07:0b:0e:81:0e:
5d:56:c6:d5:e9:ce:56:d1:d6:2b:bc:5a:f5:f2:6d:f9:d0:5d:
46:52:81:43:ff:0a:2a:6b:12:8c:26:c5:60:d1:76:25:c3:1d:
0a:d0:2a:3e:a2:80:ce:23:84:57:fc:c3:65:7f:9d:6b:c2:cb:
77:f5:85:ae:97:b5:f3:14:49:43:5c:e4:a2:69:58:73:02:f7:
d2:01:fc:c4:4a:24:fe:11:53:4d:62:27:5e:de:fe:4e:aa:0b:
91:40:34:ce:4d:02:0f:35:cb:a4:1c:4d:cb:7c:99:da:e5:37:
8b:9d:01:61:75:5d:86:43:48:a6:b5:11:40:38:1f:dd:7e:18:
91:55:51:28
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZKqhotKq4EN16sCCCXLd5FrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDIwMTUyMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMyMGE3YTg0MDAxMzA5NDYwMDhmODhmYmE4NWNhMjQ5NjM2MmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmdaf0cVl5mSxo+9R1SUhMyIV5ac
rlsi5tXn37CuhN8Vil/EfhWg+/9jIFl5GeYAfYHfSVFsqxRLOAYrEBpEQN5PAWmj
+geG29Vaz6ombQEo46PiHgWBAp7+2sULo9bPHr4cOvRcslhwOwMutRfXj0rRs7UQ
R12R8Z0w1YQoTQBD4leh2B5yF7+3lvSSspg8EplHkKpglt7KNJ0VikB9toZCaLGM
9OV76MC45PnDObBi0OMwGXU531wbtH+VWyI/oWjUvONLYQjsFFvQaZZxXKrM0Ykg
vFL/kI8oW9/l8GrcqJBhq/U8QYLxlrGvYZweLiKiM/AaFy/Oi18iaGpdUwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFEwyCnqEABMJRgCPiPuoXKJJY2LZMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVERJS2VvUUFFd2xHQUktSS02aGNva2xqWXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAHzlNAwQA
HzlnMAwDBAAfOXEDBAAfOXYDBAAfOeYwDAMEAB85+QMEAh85+AMEAh874AMEAx87
6DANBgkqhkiG9w0BAQsFAAOCAQEAP0F0Ul4nt43xBghPgDEbrrEulPzkpl8gohhl
i/HA61FNeiccSL8Mp5QzzrYc1uFGsM6QuEHNYVGCB70d3Hcq4Vy1ctSWcK1Ka47M
ZqCWDa5p2zH+2ekpjVxcL1SfXYWfnb9BDLsjuAWCRw7BzRa2si6RTe94VATv8QcL
DoEOXVbG1enOVtHWK7xa9fJt+dBdRlKBQ/8KKmsSjCbFYNF2JcMdCtAqPqKAziOE
V/zDZX+da8LLd/WFrpe18xRJQ1zkomlYcwL30gH8xEok/hFTTWInXt7+TqoLkUA0
zk0CDzXLpBxNy3yZ2uU3i50BYXVdhkNIprURQDgf3X4YkVVRKA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:54 2024 by rpki-client on console-fra.rpki-client.org