Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_srxQkZJqnJi6_rdQd-QPV9mtUw.roa
File: _srxQkZJqnJi6_rdQd-QPV9mtUw.roa (raw, json)
Hash identifier: VMLxBq41rZir1EMwhd4xsNfyXhs2oiEgn9ybe3lFXXw=
Subject key identifier: FE:CA:F1:42:46:49:AA:72:62:EB:FA:DD:41:DF:90:3D:5F:66:B5:4C
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282353BFDAFC2BA9062CB0F234CED98E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_srxQkZJqnJi6_rdQd-QPV9mtUw.roa
Signing time: Thu 02 Jan 2025 17:49:51 +0000
ROA not before: Thu 02 Jan 2025 17:49:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134972
IP address blocks: 31.58.132.0/23 maxlen: 24
31.59.132.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:53:bf:da:fc:2b:a9:06:2c:b0:f2:34:ce:d9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fecaf1424649aa7262ebfadd41df903d5f66b54c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fd:3d:6c:2d:aa:ca:ec:4d:07:19:22:24:1d:
a5:6b:bf:21:07:46:bc:58:af:3b:9e:4f:af:6f:b6:
d6:ca:ff:47:c0:7f:22:2f:cf:8d:8a:b8:50:93:7a:
ea:13:db:f5:93:78:08:2c:c7:94:0b:5a:16:e7:42:
44:34:25:82:8e:64:23:1b:3e:e2:6b:d5:11:36:8c:
8b:e4:e0:2f:1c:d7:bd:d9:9c:44:2b:de:ab:a6:0b:
a4:84:2a:11:1f:2f:e1:24:db:c7:53:59:11:e3:a3:
75:b5:8b:28:15:09:52:5b:f5:28:d2:a5:33:81:45:
3e:6a:fb:23:56:1a:a2:22:8e:8e:7a:19:f0:fa:3d:
35:e2:d0:5c:97:fc:f9:c1:50:ec:82:2d:c3:a3:24:
c5:2a:0e:4a:b5:22:f8:af:a5:6b:e0:07:45:47:1f:
a4:24:0c:b8:a9:25:ef:7f:97:6b:75:1b:d4:dd:48:
3e:6c:17:2a:41:a2:93:a3:a1:0c:4b:b0:ac:a4:76:
2f:53:d1:94:b3:54:9b:93:9f:26:e0:b7:ec:b6:c8:
44:6a:ff:0a:7f:66:86:c2:67:bb:ae:7e:c2:84:98:
9f:f8:57:39:e3:27:89:a7:f0:28:57:34:b1:1d:af:
d5:41:ac:48:66:b1:59:9f:3d:b2:f6:d2:d3:36:86:
0d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:CA:F1:42:46:49:AA:72:62:EB:FA:DD:41:DF:90:3D:5F:66:B5:4C
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_srxQkZJqnJi6_rdQd-QPV9mtUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.132.0/23
31.59.132.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:5f:21:b4:fd:09:90:c0:07:04:57:3d:e2:fb:aa:16:58:84:
19:bd:6c:4d:a5:aa:1c:24:98:e8:4c:23:41:0f:c6:7b:44:e2:
16:0e:20:a5:d7:75:82:36:02:b1:31:d1:03:dc:5c:42:32:25:
d3:91:f8:cd:de:22:1d:24:26:48:38:53:b7:9a:89:6e:ce:a3:
a5:48:51:e6:cf:67:d6:49:e7:3b:65:12:3c:ac:a9:1e:02:64:
d6:2d:8f:d9:63:02:88:11:cf:83:f1:da:60:9f:39:6b:3e:94:
ab:60:e3:77:76:61:be:60:b4:03:df:c4:56:29:48:f4:71:b7:
2f:2e:dc:c7:79:cf:80:c5:0c:4b:3b:a8:3c:3b:c2:88:f2:0a:
91:2c:cb:04:6a:a0:00:4b:9d:46:9e:5c:f9:00:6f:18:07:c4:
86:42:91:ff:cc:c0:53:62:1b:f9:c2:67:73:b2:f0:2b:9d:64:
ba:b9:45:c5:82:d3:98:9c:46:5a:92:50:70:1a:6e:3f:70:86:
61:5e:0b:b9:e0:54:2c:36:68:3c:f8:27:e9:d9:46:a8:60:06:
ca:9d:2a:ed:b8:2f:e2:96:9c:8f:93:9c:b0:73:5a:73:7a:12:
d2:e1:34:2c:9d:79:7f:27:65:b9:9f:8f:c2:50:41:ae:17:0e:
cd:3b:58:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoI1O/2vwrqQYssPI0ztmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWNhZjE0MjQ2NDlhYTcyNjJlYmZhZGQ0MWRmOTAzZDVmNjZiNTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArf09bC2qyuxNBxkiJB2la78hB0a8
WK87nk+vb7bWyv9HwH8iL8+NirhQk3rqE9v1k3gILMeUC1oW50JENCWCjmQjGz7i
a9URNoyL5OAvHNe92ZxEK96rpgukhCoRHy/hJNvHU1kR46N1tYsoFQlSW/Uo0qUz
gUU+avsjVhqiIo6Oehnw+j014tBcl/z5wVDsgi3DoyTFKg5KtSL4r6Vr4AdFRx+k
JAy4qSXvf5drdRvU3Ug+bBcqQaKTo6EMS7CspHYvU9GUs1Sbk58m4LfstshEav8K
f2aGwme7rn7ChJif+Fc54yeJp/AoVzSxHa/VQaxIZrFZnz2y9tLTNoYNxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP7K8UJGSapyYuv63UHfkD1fZrVMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX3NyeFFrWkpxbkppNl9yZFFkLVFQVjltdFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBHzqEAwQC
HzuEMA0GCSqGSIb3DQEBCwUAA4IBAQAMXyG0/QmQwAcEVz3i+6oWWIQZvWxNpaoc
JJjoTCNBD8Z7ROIWDiCl13WCNgKxMdED3FxCMiXTkfjN3iIdJCZIOFO3moluzqOl
SFHmz2fWSec7ZRI8rKkeAmTWLY/ZYwKIEc+D8dpgnzlrPpSrYON3dmG+YLQD38RW
KUj0cbcvLtzHec+AxQxLO6g8O8KI8gqRLMsEaqAAS51Gnlz5AG8YB8SGQpH/zMBT
Yhv5wmdzsvArnWS6uUXFgtOYnEZaklBwGm4/cIZhXgu54FQsNmg8+Cfp2UaoYAbK
nSrtuC/ilpyPk5ywc1pzehLS4TQsnXl/J2W5n4/CUEGuFw7NO1gt
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:10:16 2025 by rpki-client