Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ahIksN7maW9PFFehptzNJZkSu4E.roa
File: ahIksN7maW9PFFehptzNJZkSu4E.roa (raw, json)
Hash identifier: ngE2r8/5Flgys/0O7W7M2WbAx5XG6W2vmB0MRz8rCHc=
Subject key identifier: 6A:12:24:B0:DE:E6:69:6F:4F:14:57:A1:A6:DC:CD:25:99:12:BB:81
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195ED28D1A0ADC3C95DB23297D4FDCF2D8B
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ahIksN7maW9PFFehptzNJZkSu4E.roa
Signing time: Mon 31 Mar 2025 17:03:50 +0000
ROA not before: Mon 31 Mar 2025 17:03:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212513
IP address blocks: 31.58.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ed:28:d1:a0:ad:c3:c9:5d:b2:32:97:d4:fd:cf:2d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 17:03:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a1224b0dee6696f4f1457a1a6dccd259912bb81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:e0:00:20:83:a8:cc:25:57:0f:21:ce:c4:
77:27:9c:8d:b0:7a:85:ad:3d:43:64:71:2b:1c:57:
51:5c:80:3f:af:b8:fa:29:63:ad:b6:4e:2b:52:43:
24:cd:19:1f:bf:42:19:37:03:b6:aa:83:77:3d:28:
16:50:b7:6c:d1:61:7f:43:67:30:30:02:fc:d8:4f:
c0:a4:84:59:1a:04:60:85:ff:4c:85:e9:d4:de:7a:
b0:12:80:85:b5:1a:8a:49:0e:9f:56:af:7d:0f:e0:
b7:ea:68:73:df:72:9b:47:94:e8:2d:9e:93:23:38:
93:b8:e2:53:c1:1e:41:61:a9:58:d0:ef:6a:48:34:
6d:80:47:2a:7b:aa:43:de:41:47:d9:b5:4e:e0:11:
83:05:e4:77:b9:b1:ba:93:11:f6:18:eb:de:0e:76:
e7:ab:ff:d4:e8:0e:7f:4a:41:60:73:57:42:a0:58:
42:d9:8f:3c:95:10:79:b9:5f:80:10:c1:ad:2f:7e:
e0:63:63:43:f5:56:5e:cd:fb:75:c4:50:cc:a4:24:
5d:e3:7e:02:f0:a1:b3:08:ea:5b:63:2d:f4:45:1a:
e7:b1:24:b6:3c:0c:84:67:d4:9b:99:1c:7b:ee:ff:
b7:44:b9:78:d8:9b:88:02:99:e5:ce:62:4b:54:e1:
d7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:12:24:B0:DE:E6:69:6F:4F:14:57:A1:A6:DC:CD:25:99:12:BB:81
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ahIksN7maW9PFFehptzNJZkSu4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.247.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:93:00:fb:17:69:07:ba:0b:ca:8d:bf:fc:88:43:29:e3:46:
71:4c:5c:27:a6:b3:cd:b9:c8:f5:ac:f5:0b:03:f4:ff:aa:d2:
c7:d4:5b:93:21:64:7a:e6:28:86:f3:e5:df:8e:c1:9f:11:97:
1e:d7:f0:63:da:80:bf:83:4e:b5:41:3f:3e:0b:44:eb:f5:4d:
c3:7a:06:69:40:15:66:c6:5a:68:0b:e0:e2:b2:06:9f:5e:1d:
2c:f4:0a:1b:55:51:b6:a9:ea:1a:f1:80:6b:24:bd:36:0a:3e:
31:00:4d:73:f9:8c:0f:fb:0b:29:c7:27:55:7c:95:bd:ae:32:
c3:e0:5a:0d:a2:06:01:f2:58:d1:e5:ac:76:e9:76:40:75:14:
2a:a7:62:e2:78:05:48:d6:9c:15:66:fc:4c:fb:04:08:2b:22:
48:6a:ab:a2:de:cb:14:82:b6:46:44:e0:35:eb:87:6d:7f:63:
e2:46:35:78:02:33:6b:f9:65:39:a0:3d:7f:9f:65:22:8f:c8:
0a:ae:bc:3a:db:6a:d9:b4:8b:3a:52:bb:0a:35:fa:ea:4c:ca:
66:b0:69:18:ac:2a:4b:a8:cb:79:44:de:21:c9:8c:12:2a:f6:
e4:72:f2:8e:0b:73:44:4d:7f:f5:e9:3f:2e:41:07:e7:d7:d2:
25:38:c3:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXtKNGgrcPJXbIyl9T9zy2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMTcwMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTEyMjRiMGRlZTY2OTZmNGYxNDU3YTFhNmRjY2QyNTk5MTJiYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoq7gACCDqMwlVw8hzsR3J5yNsHqF
rT1DZHErHFdRXIA/r7j6KWOttk4rUkMkzRkfv0IZNwO2qoN3PSgWULds0WF/Q2cw
MAL82E/ApIRZGgRghf9MhenU3nqwEoCFtRqKSQ6fVq99D+C36mhz33KbR5ToLZ6T
IziTuOJTwR5BYalY0O9qSDRtgEcqe6pD3kFH2bVO4BGDBeR3ubG6kxH2GOveDnbn
q//U6A5/SkFgc1dCoFhC2Y88lRB5uV+AEMGtL37gY2ND9VZezft1xFDMpCRd434C
8KGzCOpbYy30RRrnsSS2PAyEZ9SbmRx77v+3RLl42JuIApnlzmJLVOHXcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoSJLDe5mlvTxRXoabczSWZEruBMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYWhJa3NON21hVzlQRkZlaHB0ek5KWmtTdTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzr3MA0G
CSqGSIb3DQEBCwUAA4IBAQCzkwD7F2kHugvKjb/8iEMp40ZxTFwnprPNucj1rPUL
A/T/qtLH1FuTIWR65iiG8+XfjsGfEZce1/Bj2oC/g061QT8+C0Tr9U3DegZpQBVm
xlpoC+DisgafXh0s9AobVVG2qeoa8YBrJL02Cj4xAE1z+YwP+wspxydVfJW9rjLD
4FoNogYB8ljR5ax26XZAdRQqp2LieAVI1pwVZvxM+wQIKyJIaqui3ssUgrZGROA1
64dtf2PiRjV4AjNr+WU5oD1/n2Uij8gKrrw622rZtIs6UrsKNfrqTMpmsGkYrCpL
qMt5RN4hyYwSKvbkcvKOC3NETX/16T8uQQfn19IlOMOi
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:45 2025 by rpki-client