Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XoYaQJngzKjmXIcvApqkYTUMCwQ.roa
File: XoYaQJngzKjmXIcvApqkYTUMCwQ.roa (raw, json)
Hash identifier: SfPAIIgnYvye9GhhBWgGC1Y5LxPuA/HlJMdOKSs92SM=
Subject key identifier: 5E:86:1A:40:99:E0:CC:A8:E6:5C:87:2F:02:9A:A4:61:35:0C:0B:04
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428237B2EB737F213F47042C06698C057
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XoYaQJngzKjmXIcvApqkYTUMCwQ.roa
Signing time: Thu 02 Jan 2025 17:50:01 +0000
ROA not before: Thu 02 Jan 2025 17:50:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215071
IP address blocks: 31.57.77.0/24 maxlen: 24
31.57.103.0/24 maxlen: 24
31.57.113.0/24 maxlen: 24
31.57.114.0/24 maxlen: 24
31.57.115.0/24 maxlen: 24
31.57.116.0/24 maxlen: 24
31.57.117.0/24 maxlen: 24
31.57.118.0/24 maxlen: 24
31.57.230.0/24 maxlen: 24
31.57.249.0/24 maxlen: 24
31.57.250.0/24 maxlen: 24
31.57.251.0/24 maxlen: 24
31.59.224.0/22 maxlen: 22
31.59.232.0/22 maxlen: 22
31.59.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:7b:2e:b7:37:f2:13:f4:70:42:c0:66:98:c0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:50:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e861a4099e0cca8e65c872f029aa461350c0b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ae:3a:6c:0e:81:fb:b2:96:6b:39:3e:6a:b2:
39:f3:5f:0f:71:05:b1:ad:4d:22:ee:b6:3a:d8:45:
0c:dc:d4:57:49:aa:39:04:91:0b:e1:de:04:d5:71:
c4:4a:89:81:dd:a4:81:80:91:d6:3b:a4:cc:8a:65:
e0:5e:4e:fa:d9:cc:7c:1c:39:32:97:c6:d7:ff:9a:
97:6a:dc:01:37:4c:cc:3c:d8:87:1e:a4:da:ca:aa:
d6:92:0b:8c:f8:2b:b8:5b:f7:95:88:ef:54:d3:a8:
56:70:b8:71:bb:a4:f6:4d:34:ee:ae:22:6f:6f:42:
4b:79:b6:bf:d4:0e:24:c9:25:30:91:d2:8f:32:a5:
9c:28:47:f9:96:36:20:95:75:8e:2a:1e:82:74:d0:
04:80:9a:f3:f5:fa:82:8d:17:77:8a:8c:92:92:11:
68:f5:67:b7:f2:17:75:c5:dc:c0:63:2c:dc:a3:4f:
b4:66:09:de:2f:e6:0e:f5:4a:1d:2c:08:c5:a3:21:
ab:7e:71:9c:57:1a:1d:82:e3:1e:d7:6c:28:eb:77:
45:78:9f:96:8a:cf:ec:6e:7a:fa:78:47:34:71:80:
a4:35:d7:31:36:1a:7e:5b:e0:27:07:96:f0:40:84:
8d:72:49:bc:85:42:ff:0a:c5:68:9c:72:26:ff:c5:
fa:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:86:1A:40:99:E0:CC:A8:E6:5C:87:2F:02:9A:A4:61:35:0C:0B:04
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/XoYaQJngzKjmXIcvApqkYTUMCwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.77.0/24
31.57.103.0/24
31.57.113.0-31.57.118.255
31.57.230.0/24
31.57.249.0-31.57.251.255
31.59.224.0/22
31.59.232.0/21
Signature Algorithm: sha256WithRSAEncryption
55:07:04:7f:6a:4e:b3:87:9e:35:c3:9d:02:19:d5:42:38:86:
50:dd:5b:b9:82:d6:20:02:39:c4:d2:32:48:a2:88:76:6f:ef:
6c:c7:3c:67:0f:8e:ba:cc:49:99:0c:a2:5e:8e:18:e8:4d:05:
8e:ad:f1:20:90:ec:3d:55:06:e6:75:8e:86:9b:6d:86:df:2e:
5f:89:8b:15:42:46:58:24:41:b3:58:32:71:0f:d1:04:74:ed:
4e:fe:26:49:60:79:a0:0b:42:7a:03:88:cd:f9:c0:71:06:7c:
a9:ee:e2:73:49:42:71:d0:ad:dd:13:ca:d8:b9:6b:8c:45:07:
84:7a:48:0a:f5:da:4f:88:17:08:2f:e4:59:1e:e8:43:98:97:
5e:2d:de:e0:82:7f:41:f8:5c:42:65:d3:1a:64:12:61:dd:d7:
27:07:ec:b1:8e:30:fa:b4:17:04:f7:45:30:c6:16:c8:6d:82:
bc:bd:1e:67:85:7a:0b:68:78:21:de:a5:1d:a0:8a:21:09:ae:
05:4e:36:cd:98:de:dd:e8:39:e4:53:23:17:25:66:b9:a9:61:
f2:f7:ba:2f:25:ac:d1:28:f9:a1:d4:ca:07:ce:a7:dc:c5:bd:
bb:47:49:62:ee:20:f9:60:d9:8e:4f:08:df:11:02:4b:8a:c7:
4c:7d:f7:fc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZQoI3sutzfyE/RwQsBmmMBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc1MDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg2MWE0MDk5ZTBjY2E4ZTY1Yzg3MmYwMjlhYTQ2MTM1MGMwYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2a46bA6B+7KWazk+arI5818PcQWx
rU0i7rY62EUM3NRXSao5BJEL4d4E1XHESomB3aSBgJHWO6TMimXgXk762cx8HDky
l8bX/5qXatwBN0zMPNiHHqTayqrWkguM+Cu4W/eViO9U06hWcLhxu6T2TTTuriJv
b0JLeba/1A4kySUwkdKPMqWcKEf5ljYglXWOKh6CdNAEgJrz9fqCjRd3ioySkhFo
9We38hd1xdzAYyzco0+0ZgneL+YO9UodLAjFoyGrfnGcVxodguMe12wo63dFeJ+W
is/sbnr6eEc0cYCkNdcxNhp+W+AnB5bwQISNckm8hUL/CsVonHIm/8X6SQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFF6GGkCZ4Myo5lyHLwKapGE1DAsEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWG9ZYVFKbmd6S2ptWEljdkFwcWtZVFVNQ3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAHzlNAwQA
HzlnMAwDBAAfOXEDBAAfOXYDBAAfOeYwDAMEAB85+QMEAh85+AMEAh874AMEAx87
6DANBgkqhkiG9w0BAQsFAAOCAQEAVQcEf2pOs4eeNcOdAhnVQjiGUN1buYLWIAI5
xNIySKKIdm/vbMc8Zw+OusxJmQyiXo4Y6E0Fjq3xIJDsPVUG5nWOhpttht8uX4mL
FUJGWCRBs1gycQ/RBHTtTv4mSWB5oAtCegOIzfnAcQZ8qe7ic0lCcdCt3RPK2Llr
jEUHhHpICvXaT4gXCC/kWR7oQ5iXXi3e4IJ/QfhcQmXTGmQSYd3XJwfssY4w+rQX
BPdFMMYWyG2CvL0eZ4V6C2h4Id6lHaCKIQmuBU42zZje3eg55FMjFyVmualh8ve6
LyWs0Sj5odTKB86n3MW9u0dJYu4g+WDZjk8I3xECS4rHTH33/A==
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:09:16 2025 by rpki-client