Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WoaS0kZMbyRZrfuuKKs16deabIQ.roa
File: WoaS0kZMbyRZrfuuKKs16deabIQ.roa (raw, json)
Hash identifier: Skik7/0TxD12rrGwacaogdpWS2yFDfnv/YcTaJulA94=
Subject key identifier: 5A:86:92:D2:46:4C:6F:24:59:AD:FB:AE:28:AB:35:E9:D7:9A:6C:84
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019596376EA19825ED9C4795356B69A92BAF
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WoaS0kZMbyRZrfuuKKs16deabIQ.roa
Signing time: Fri 14 Mar 2025 19:52:50 +0000
ROA not before: Fri 14 Mar 2025 19:52:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211539
IP address blocks: 31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:96:37:6e:a1:98:25:ed:9c:47:95:35:6b:69:a9:2b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 14 19:52:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a8692d2464c6f2459adfbae28ab35e9d79a6c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ff:2e:00:47:ee:a9:6d:7b:d2:3f:1c:be:42:
a3:34:86:cc:69:5f:f1:ac:73:02:2d:f0:23:0a:07:
bd:ca:23:60:7e:48:5a:15:a7:e9:08:07:ae:f8:5f:
ef:e4:b1:8b:1c:d6:19:d3:f7:17:aa:81:fe:d7:f1:
d2:a9:e4:57:ac:3a:8c:c2:d4:6f:26:ad:93:31:8d:
e9:73:69:7d:07:03:ac:f7:28:d3:23:7a:91:e1:8d:
4e:94:0f:cc:f3:8c:22:c7:3e:25:c6:21:87:5b:75:
be:b0:02:93:c8:64:8f:a2:f7:f4:66:84:3b:15:69:
f1:67:04:40:a2:6c:68:85:34:d7:03:1d:6b:39:73:
a8:56:1d:f0:46:d9:d7:96:45:5d:cb:14:76:62:c1:
62:c2:f4:1e:64:b0:e0:30:87:34:b4:e1:24:09:de:
98:8e:11:6e:23:c7:7d:b9:a6:5a:fd:a1:78:46:0f:
e0:6c:84:c4:9e:ac:8f:55:76:84:2c:bb:80:df:c0:
92:63:51:7c:37:0d:3b:c1:fe:b3:be:61:9f:16:3c:
2a:9b:22:eb:e3:30:b2:f8:85:a7:19:69:f0:d8:75:
c3:10:bd:04:09:c5:c7:e5:45:a4:ea:ce:97:d1:2a:
e1:82:06:af:61:69:d3:d7:50:ec:a4:b2:11:af:61:
e1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:86:92:D2:46:4C:6F:24:59:AD:FB:AE:28:AB:35:E9:D7:9A:6C:84
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/WoaS0kZMbyRZrfuuKKs16deabIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.235.0-31.58.236.255
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
91:bd:5d:47:df:87:e3:55:89:3f:16:ef:29:6d:26:c2:08:07:
0b:1e:ef:6e:43:02:cd:5e:e8:a0:65:41:25:4d:63:f1:16:17:
32:e8:9e:7c:0e:6f:29:b8:f7:9b:01:84:90:f9:e3:9b:a4:8b:
78:1d:21:12:4a:a0:62:c6:ec:e8:b0:31:a2:e1:9d:28:93:ab:
65:a7:83:55:eb:5d:32:86:25:44:1b:2b:4a:f3:fd:bf:a2:90:
87:f6:cc:b7:52:ba:17:4f:a6:78:86:ab:1d:fe:db:f3:97:be:
f6:0e:57:87:27:0e:92:dc:32:e5:19:26:ab:25:21:cf:48:57:
d1:3b:11:99:e5:0b:d1:d2:fa:2b:15:19:e9:85:94:36:23:8c:
a7:51:50:4f:18:ef:e5:21:7c:e5:0a:82:11:8c:1b:0d:fe:50:
7c:3b:58:8e:1e:e5:cb:41:93:59:02:72:b2:e3:17:ca:b9:79:
70:ba:71:c0:cb:58:4b:84:80:e2:bb:41:71:50:2e:22:2e:b7:
e1:2f:37:86:06:07:2e:60:3d:8a:6d:45:49:c3:06:1e:6b:bc:
f6:bd:06:33:36:a9:f4:60:dd:2e:3d:1c:31:96:c7:03:1b:56:
36:60:83:89:36:0e:d7:11:24:97:25:16:4c:b8:b6:5b:48:a9:
60:2d:1d:bc
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZWWN26hmCXtnEeVNWtpqSuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzE0MTk1MjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTg2OTJkMjQ2NGM2ZjI0NTlhZGZiYWUyOGFiMzVlOWQ3OWE2Yzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkv8uAEfuqW170j8cvkKjNIbMaV/x
rHMCLfAjCge9yiNgfkhaFafpCAeu+F/v5LGLHNYZ0/cXqoH+1/HSqeRXrDqMwtRv
Jq2TMY3pc2l9BwOs9yjTI3qR4Y1OlA/M84wixz4lxiGHW3W+sAKTyGSPovf0ZoQ7
FWnxZwRAomxohTTXAx1rOXOoVh3wRtnXlkVdyxR2YsFiwvQeZLDgMIc0tOEkCd6Y
jhFuI8d9uaZa/aF4Rg/gbITEnqyPVXaELLuA38CSY1F8Nw07wf6zvmGfFjwqmyLr
4zCy+IWnGWnw2HXDEL0ECcXH5UWk6s6X0SrhggavYWnT11DspLIRr2HhCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFqGktJGTG8kWa37riirNenXmmyEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvV29hUzBrWk1ieVJacmZ1dUtLczE2ZGVhYklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAfOusD
BAAfOuwDBADZPLswDQYJKoZIhvcNAQELBQADggEBAJG9XUffh+NViT8W7yltJsII
Bwse725DAs1e6KBlQSVNY/EWFzLonnwObym495sBhJD545uki3gdIRJKoGLG7Oiw
MaLhnSiTq2Wng1XrXTKGJUQbK0rz/b+ikIf2zLdSuhdPpniGqx3+2/OXvvYOV4cn
DpLcMuUZJqslIc9IV9E7EZnlC9HS+isVGemFlDYjjKdRUE8Y7+UhfOUKghGMGw3+
UHw7WI4e5ctBk1kCcrLjF8q5eXC6ccDLWEuEgOK7QXFQLiIut+EvN4YGBy5gPYpt
RUnDBh5rvPa9BjM2qfRg3S49HDGWxwMbVjZgg4k2DtcRJJclFky4tltIqWAtHbw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:37:29 2025 by rpki-client