Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/awYJjmtVtToPThevqzj83EkXomI.roa
File: awYJjmtVtToPThevqzj83EkXomI.roa (raw, json)
Hash identifier: R0p5t4DoYOaRGKGN9EX0gWqhL6sD84Fj8qrzXUUTt68=
Subject key identifier: 6B:06:09:8E:6B:55:B5:3A:0F:4E:17:AF:AB:38:FC:DC:49:17:A2:62
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428234C92E029FA06EFE500725DC6A702
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/awYJjmtVtToPThevqzj83EkXomI.roa
Signing time: Thu 02 Jan 2025 17:49:49 +0000
ROA not before: Thu 02 Jan 2025 17:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 31.56.57.0/24 maxlen: 24
31.59.19.0/24 maxlen: 24
31.59.22.0/24 maxlen: 24
31.59.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:4c:92:e0:29:fa:06:ef:e5:00:72:5d:c6:a7:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b06098e6b55b53a0f4e17afab38fcdc4917a262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:16:39:cd:ab:7c:4d:39:99:b3:12:bb:e9:
f4:b1:ed:1e:55:fe:c3:5c:a7:a4:12:09:df:29:df:
7c:3f:b0:b4:3e:9d:47:a5:44:58:bc:cd:7a:97:ed:
63:24:dc:ba:1d:0a:37:b9:d3:fa:2b:69:d3:8b:2b:
11:f9:80:24:55:53:c8:7a:d8:6b:d7:0d:7c:27:fe:
9c:5f:e7:35:49:a1:65:59:d8:25:3a:b8:b9:2f:40:
22:b7:9e:1e:f9:c2:60:f2:73:85:14:37:63:72:c0:
33:41:d9:fd:89:e0:37:44:40:30:18:9d:71:03:b6:
4d:5f:4a:b5:8b:96:56:d2:bd:39:a0:e3:c8:2e:d8:
cd:c3:9e:b1:26:7e:99:17:b7:c3:d7:9a:b9:b4:da:
d2:d9:3a:11:9b:19:b4:6e:7f:95:38:41:3f:a1:25:
2a:17:44:bf:f7:13:58:50:1f:cf:14:d4:67:28:6a:
f4:b4:8c:89:10:b1:95:ab:fb:0d:e7:2e:6d:db:73:
72:cd:24:81:db:e6:c3:0b:5f:7f:bf:c1:7e:15:6d:
b2:da:a0:70:4b:53:2c:ec:57:ba:af:93:95:28:3b:
c2:ea:4b:cf:78:e4:4b:ea:31:d2:47:ef:b2:c4:e7:
d3:54:0e:e8:e4:28:c6:57:8e:99:6d:c6:7e:00:a5:
37:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:06:09:8E:6B:55:B5:3A:0F:4E:17:AF:AB:38:FC:DC:49:17:A2:62
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/awYJjmtVtToPThevqzj83EkXomI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.57.0/24
31.59.19.0/24
31.59.22.0/24
31.59.25.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:73:e7:45:9f:5d:e0:df:43:16:96:4b:3b:2b:7d:06:f6:db:
ee:eb:d1:60:3f:e6:93:c2:68:4d:bc:cb:55:0f:b5:b2:8e:63:
12:4c:6f:b4:7e:71:fa:c8:d9:32:99:79:f9:ef:41:23:64:f3:
45:e5:6c:c4:91:d9:03:b2:5c:35:c1:64:18:fe:9e:3a:14:3e:
0a:1a:77:6e:24:53:f4:60:4b:df:81:dd:80:01:70:b1:81:5a:
f0:a4:01:44:36:3a:4e:0d:97:ab:c4:40:bf:8e:dc:15:b6:22:
ec:6a:93:b9:9d:98:04:6b:f2:e3:4b:b5:d5:da:e8:73:c9:bb:
1c:e6:6c:17:95:30:c6:a9:f4:06:4e:56:eb:6a:b9:0a:59:c2:
ef:2d:8a:af:be:e6:e5:0b:06:49:6f:c2:8c:2e:52:cd:9b:c2:
c8:57:4f:00:8c:c4:4a:20:ce:18:71:e3:da:3d:9d:91:9f:bd:
54:3f:ab:5a:33:d8:07:52:6f:53:32:ec:97:34:d4:6d:15:36:
92:ce:d3:43:e6:56:e0:3c:34:06:24:d8:61:65:09:6d:42:6c:
b0:f2:a0:51:a7:13:36:7e:54:0a:c9:06:83:c0:3a:85:4f:3a:
61:6b:b2:7f:04:7a:6b:b9:74:6a:f4:e8:0d:07:53:6f:62:b1:
98:77:c1:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoI0yS4Cn6Bu/lAHJdxqcCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjA2MDk4ZTZiNTViNTNhMGY0ZTE3YWZhYjM4ZmNkYzQ5MTdhMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWYWOc2rfE05mbMSu+n0se0eVf7D
XKekEgnfKd98P7C0Pp1HpURYvM16l+1jJNy6HQo3udP6K2nTiysR+YAkVVPIethr
1w18J/6cX+c1SaFlWdglOri5L0Ait54e+cJg8nOFFDdjcsAzQdn9ieA3REAwGJ1x
A7ZNX0q1i5ZW0r05oOPILtjNw56xJn6ZF7fD15q5tNrS2ToRmxm0bn+VOEE/oSUq
F0S/9xNYUB/PFNRnKGr0tIyJELGVq/sN5y5t23NyzSSB2+bDC19/v8F+FW2y2qBw
S1Ms7Fe6r5OVKDvC6kvPeORL6jHSR++yxOfTVA7o5CjGV46ZbcZ+AKU3nQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGsGCY5rVbU6D04Xr6s4/NxJF6JiMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvYXdZSmptdFZ0VG9QVGhldnF6ajgzRWtYb21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzg5AwQA
HzsTAwQAHzsWAwQAHzsZMA0GCSqGSIb3DQEBCwUAA4IBAQA+c+dFn13g30MWlks7
K30G9tvu69FgP+aTwmhNvMtVD7WyjmMSTG+0fnH6yNkymXn570EjZPNF5WzEkdkD
slw1wWQY/p46FD4KGnduJFP0YEvfgd2AAXCxgVrwpAFENjpODZerxEC/jtwVtiLs
apO5nZgEa/LjS7XV2uhzybsc5mwXlTDGqfQGTlbrarkKWcLvLYqvvublCwZJb8KM
LlLNm8LIV08AjMRKIM4YcePaPZ2Rn71UP6taM9gHUm9TMuyXNNRtFTaSztND5lbg
PDQGJNhhZQltQmyw8qBRpxM2flQKyQaDwDqFTzpha7J/BHpruXRq9OgNB1NvYrGY
d8ER
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:58:29 2025 by rpki-client