Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/adENHgTRDKrvWbWpOuR74IFKY9E.roa
File: adENHgTRDKrvWbWpOuR74IFKY9E.roa (raw, json)
Hash identifier: T2vBnsisFuwcRb+lxSu+uAowld6i/WPYAXnDgRzZWR4=
Subject key identifier: 69:D1:0D:1E:04:D1:0C:AA:EF:59:B5:A9:3A:E4:7B:E0:81:4A:63:D1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195F61E37DF4FA4DAA37477F2CF13D61D62
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/adENHgTRDKrvWbWpOuR74IFKY9E.roa
Signing time: Wed 02 Apr 2025 10:48:50 +0000
ROA not before: Wed 02 Apr 2025 10:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.156.0/24 maxlen: 24
31.57.92.0/22 maxlen: 22
31.57.129.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.142.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.57.208.0/22 maxlen: 22
31.58.33.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.58.224.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.58.231.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
31.59.109.0/24 maxlen: 24
31.59.110.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:1e:37:df:4f:a4:da:a3:74:77:f2:cf:13:d6:1d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 2 10:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69d10d1e04d10caaef59b5a93ae47be0814a63d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c9:f1:c1:59:a9:7b:fe:7c:97:57:49:e2:5a:
07:d3:0d:2e:6f:04:45:13:13:f2:c9:16:f6:8d:bd:
46:73:94:d7:11:58:29:e8:aa:b1:81:51:36:0f:fe:
cb:ea:ac:84:0c:da:2c:58:3f:c1:15:41:09:43:e8:
9f:03:ca:53:78:7a:23:c4:61:94:f7:e1:39:48:29:
ec:d3:fd:fe:84:2c:b3:ed:78:c0:f9:ad:69:ff:4d:
a2:72:1b:09:b7:c8:90:21:12:19:1c:ea:7c:01:58:
6b:f4:76:69:3f:6c:7c:b7:58:49:43:49:65:c6:54:
41:0d:85:12:8e:d2:1a:e2:fe:4b:1e:3e:b6:52:d8:
fb:4d:68:42:b4:c0:b4:2d:87:ca:53:df:48:c7:3a:
11:a0:85:15:4a:93:a2:20:9b:77:2d:6b:79:9c:96:
eb:98:01:1b:4b:fa:91:88:9a:15:d7:d0:5c:55:e0:
04:42:d1:59:e9:e7:b5:4d:26:76:d5:4c:51:28:76:
b4:50:18:a6:78:dd:0b:ff:82:fa:da:92:6f:ac:fe:
df:0f:76:8f:8d:34:1e:1a:26:78:44:4f:a1:f4:50:
d4:eb:ab:ca:ac:ac:8b:98:14:84:9e:65:fc:e2:71:
0b:c7:da:2c:ef:97:a3:e6:9b:ae:21:8d:2f:a0:93:
31:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:D1:0D:1E:04:D1:0C:AA:EF:59:B5:A9:3A:E4:7B:E0:81:4A:63:D1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/adENHgTRDKrvWbWpOuR74IFKY9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.156.0/24
31.57.92.0/22
31.57.129.0/24
31.57.132.0/24
31.57.142.0/24
31.57.151.0/24
31.57.191.0/24
31.57.206.0/24
31.57.208.0/22
31.58.33.0/24
31.58.90.0/24
31.58.157.0/24
31.58.160.0/24
31.58.163.0/24
31.58.168.0/24
31.58.224.0/24
31.58.230.0/23
31.59.57.0/24
31.59.108.0-31.59.110.255
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:ed:f3:0c:c8:c5:5a:e2:0c:47:17:d1:ff:82:92:eb:76:cd:
e0:20:dd:36:cd:16:cc:19:8d:b3:59:61:fd:90:15:74:cf:77:
00:32:f8:58:31:ea:8c:3d:f1:6d:e0:46:d4:21:58:a9:c5:01:
7e:d7:4d:8d:7a:b7:8d:ab:b8:4a:23:64:b4:c0:6e:b8:10:d7:
b4:42:29:a6:b5:67:25:1c:01:a5:9a:2c:59:ac:e2:13:54:3f:
95:24:81:a3:99:eb:47:ea:90:94:92:10:cd:85:2f:cd:8d:7b:
b3:4f:d2:98:f6:1a:47:b2:48:bb:54:68:35:8d:2d:9a:4a:da:
df:14:fc:e4:01:0b:93:59:f9:50:d4:ae:52:5a:8b:bf:cf:3d:
6a:45:13:31:3c:02:2c:98:56:8b:36:53:37:07:9f:3c:df:b8:
e6:25:8f:4f:d1:00:15:65:e3:65:0c:8a:aa:78:eb:64:ed:c3:
42:60:64:75:67:30:f9:3a:81:01:d7:fb:49:4d:a7:83:3a:10:
75:a2:9b:29:f7:54:19:91:df:77:d8:61:d5:1a:5a:4a:fc:e8:
9b:e8:3d:2d:c6:1e:05:f2:f8:33:33:6e:e6:dc:fc:74:93:a4:
7c:1c:a0:98:32:9c:98:4b:96:d4:fe:52:54:f8:12:2e:66:85:
a9:30:0d:09
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZX2HjffT6Tao3R38s8T1h1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDAyMTA0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWQxMGQxZTA0ZDEwY2FhZWY1OWI1YTkzYWU0N2JlMDgxNGE2M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMnxwVmpe/58l1dJ4loH0w0ubwRF
ExPyyRb2jb1Gc5TXEVgp6KqxgVE2D/7L6qyEDNosWD/BFUEJQ+ifA8pTeHojxGGU
9+E5SCns0/3+hCyz7XjA+a1p/02ichsJt8iQIRIZHOp8AVhr9HZpP2x8t1hJQ0ll
xlRBDYUSjtIa4v5LHj62Utj7TWhCtMC0LYfKU99IxzoRoIUVSpOiIJt3LWt5nJbr
mAEbS/qRiJoV19BcVeAEQtFZ6ee1TSZ21UxRKHa0UBimeN0L/4L62pJvrP7fD3aP
jTQeGiZ4RE+h9FDU66vKrKyLmBSEnmX84nELx9os75ej5puuIY0voJMxcQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFGnRDR4E0Qyq71m1qTrke+CBSmPRMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYWRFTkhnVFJES3J2V2JXcE91Ujc0SUZLWTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAAf
OJwDBAIfOVwDBAAfOYEDBAAfOYQDBAAfOY4DBAAfOZcDBAAfOb8DBAAfOc4DBAIf
OdADBAAfOiEDBAAfOloDBAAfOp0DBAAfOqADBAAfOqMDBAAfOqgDBAAfOuADBAEf
OuYDBAAfOzkwDAMEAh87bAMEAB87bgMEAh877DANBgkqhkiG9w0BAQsFAAOCAQEA
pO3zDMjFWuIMRxfR/4KS63bN4CDdNs0WzBmNs1lh/ZAVdM93ADL4WDHqjD3xbeBG
1CFYqcUBftdNjXq3jau4SiNktMBuuBDXtEIpprVnJRwBpZosWaziE1Q/lSSBo5nr
R+qQlJIQzYUvzY17s0/SmPYaR7JIu1RoNY0tmkra3xT85AELk1n5UNSuUlqLv889
akUTMTwCLJhWizZTNwefPN+45iWPT9EAFWXjZQyKqnjrZO3DQmBkdWcw+TqBAdf7
SU2ngzoQdaKbKfdUGZHfd9hh1RpaSvzom+g9LcYeBfL4MzNu5tz8dJOkfBygmDKc
mEuW1P5SVPgSLmaFqTANCQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:34:32 2025 by rpki-client