Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dmqfod0qAUwU4AcVeuDt72DiQFQ.roa
File: dmqfod0qAUwU4AcVeuDt72DiQFQ.roa (raw, json)
Hash identifier: gE2N+FNmTBWoFSTt0IyNH7QFNVJElcqBmt2CRajP5mE=
Subject key identifier: 76:6A:9F:A1:DD:2A:01:4C:14:E0:07:15:7A:E0:ED:EF:60:E2:40:54
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946EE45CCF7D9A089BD48A5C745E00BFC2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dmqfod0qAUwU4AcVeuDt72DiQFQ.roa
Signing time: Thu 16 Jan 2025 11:34:07 +0000
ROA not before: Thu 16 Jan 2025 11:34:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:e4:5c:cf:7d:9a:08:9b:d4:8a:5c:74:5e:00:bf:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 16 11:34:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=766a9fa1dd2a014c14e007157ae0edef60e24054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:68:df:66:51:0e:50:18:2e:ec:ae:91:27:
7b:e3:ef:01:f7:43:92:31:6a:78:c1:79:f7:1d:0b:
99:fa:c1:86:b5:15:f7:69:0d:51:21:c3:7d:30:8f:
b3:2c:1b:07:3f:93:35:b1:67:f9:33:74:42:c6:bb:
22:c1:35:6d:5e:15:08:87:8d:84:cb:bb:36:5f:c4:
10:45:36:8a:3e:42:3a:11:08:94:d5:dc:e5:95:8d:
1e:6c:5f:29:db:ef:c0:0a:91:66:12:75:d3:08:c8:
8f:cb:26:90:32:8f:f3:8c:32:48:43:f7:eb:82:44:
c5:68:21:4f:c9:ad:5b:a3:d2:5c:85:3b:69:ec:60:
6a:ef:39:01:a1:6b:aa:ec:74:91:9e:17:86:bc:81:
3e:88:b2:26:ec:2d:14:4c:fe:b2:06:66:61:92:88:
05:d0:d6:b6:d6:8b:b9:94:38:65:27:b5:c4:8e:4c:
a7:c0:25:4b:aa:d0:3c:5f:45:d2:15:8a:34:6d:75:
64:66:6e:55:49:55:34:9c:eb:1a:bc:da:06:8c:e3:
47:5c:0f:0d:74:44:b1:c7:6d:fd:e0:0c:ef:c8:12:
06:9f:a4:7b:50:11:bb:c2:01:97:40:0d:df:f8:f8:
64:c7:65:39:c7:48:b8:fa:69:d3:4b:22:58:36:5e:
66:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6A:9F:A1:DD:2A:01:4C:14:E0:07:15:7A:E0:ED:EF:60:E2:40:54
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dmqfod0qAUwU4AcVeuDt72DiQFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.200.0/24
31.56.202.0/24
31.57.104.0/24
31.57.132.0/24
31.57.181.0/24
31.57.215.0/24
31.57.219.0/24
31.57.221.0/24
31.57.252.0/23
31.57.255.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:9f:b6:ca:d6:a4:0a:98:13:32:2f:f6:ca:94:b6:05:88:e0:
c2:33:5b:fa:ab:c4:6b:d2:de:53:1f:df:8f:20:30:f6:dd:3f:
6c:1c:c3:2b:e8:f3:c4:0a:bb:e6:9e:f7:16:6a:ef:74:45:d0:
93:e4:ea:60:25:d2:75:b7:73:50:0a:e3:5b:90:a8:b1:c6:81:
af:d8:69:36:c5:b1:13:b8:fe:8a:23:c9:78:4f:4c:fb:28:b3:
63:b1:2e:7a:4a:f5:4f:83:4c:34:98:18:53:66:c9:13:e6:2c:
72:88:c8:9a:0c:8c:73:64:01:8f:fd:b7:4b:c2:45:44:89:34:
11:33:76:a2:67:23:22:59:75:e8:cd:38:3e:89:02:d1:83:cb:
7f:38:21:f4:70:cf:1b:48:e8:bb:bf:9f:90:c0:ea:12:3b:80:
ad:5d:75:a6:f0:fa:d1:b1:52:1c:de:3f:5c:94:bf:d0:02:ed:
bd:be:ef:ba:a3:1a:6b:2e:d6:17:9a:57:67:52:0e:b7:5f:b4:
9c:b6:1a:ea:a1:b6:55:63:6c:5c:7d:12:96:bd:86:85:8a:d4:
f9:09:c0:2c:30:a2:86:83:d8:f9:c4:44:c3:0b:ba:ef:05:28:
38:c2:8a:b4:31:08:db:7f:4c:e9:b8:e8:90:7c:41:3b:46:1f:
74:dc:87:44
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZRu5FzPfZoIm9SKXHReAL/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE2MTEzNDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjZhOWZhMWRkMmEwMTRjMTRlMDA3MTU3YWUwZWRlZjYwZTI0MDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7Zo32ZRDlAYLuyukSd74+8B90OS
MWp4wXn3HQuZ+sGGtRX3aQ1RIcN9MI+zLBsHP5M1sWf5M3RCxrsiwTVtXhUIh42E
y7s2X8QQRTaKPkI6EQiU1dzllY0ebF8p2+/ACpFmEnXTCMiPyyaQMo/zjDJIQ/fr
gkTFaCFPya1bo9JchTtp7GBq7zkBoWuq7HSRnheGvIE+iLIm7C0UTP6yBmZhkogF
0Na21ou5lDhlJ7XEjkynwCVLqtA8X0XSFYo0bXVkZm5VSVU0nOsavNoGjONHXA8N
dESxx2394AzvyBIGn6R7UBG7wgGXQA3f+Phkx2U5x0i4+mnTSyJYNl5mZQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHZqn6HdKgFMFOAHFXrg7e9g4kBUMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZG1xZm9kMHFBVXdVNEFjVmV1RHQ3MkRpUUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjIAwQAHzjKAwQAHzloAwQAHzmEAwQAHzm1AwQAHznXAwQA
HznbAwQAHzndAwQBHzn8AwQAHzn/AwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQCM
n7bK1qQKmBMyL/bKlLYFiODCM1v6q8Rr0t5TH9+PIDD23T9sHMMr6PPECrvmnvcW
au90RdCT5OpgJdJ1t3NQCuNbkKixxoGv2Gk2xbETuP6KI8l4T0z7KLNjsS56SvVP
g0w0mBhTZskT5ixyiMiaDIxzZAGP/bdLwkVEiTQRM3aiZyMiWXXozTg+iQLRg8t/
OCH0cM8bSOi7v5+QwOoSO4CtXXWm8PrRsVIc3j9clL/QAu29vu+6oxprLtYXmldn
Ug63X7ScthrqobZVY2xcfRKWvYaFitT5CcAsMKKGg9j5xETDC7rvBSg4woq0MQjb
f0zpuOiQfEE7Rh903IdE
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:51:19 2025 by rpki-client