Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dz9E4hce-F2l6vBK37CznHyK5MQ.roa
File: dz9E4hce-F2l6vBK37CznHyK5MQ.roa (raw, json)
Hash identifier: zr8CLYjsQB1jSbhtdgqOQPTA6+G9C5e8eBfabT1cY7M=
Subject key identifier: 77:3F:44:E2:17:1E:F8:5D:A5:EA:F0:4A:DF:B0:B3:9C:7C:8A:E4:C4
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195F6EC356BBF0D9C74187F076522931014
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dz9E4hce-F2l6vBK37CznHyK5MQ.roa
Signing time: Wed 02 Apr 2025 14:33:50 +0000
ROA not before: Wed 02 Apr 2025 14:33:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.56.16.0/22 maxlen: 24
31.57.16.0/21 maxlen: 24
31.57.135.0/24 maxlen: 24
31.58.176.0/22 maxlen: 24
31.58.200.0/22 maxlen: 24
31.58.216.0/22 maxlen: 24
31.58.235.0/24 maxlen: 24
31.58.236.0/24 maxlen: 24
31.58.240.0/22 maxlen: 24
31.58.244.0/24 maxlen: 24
31.58.247.0/24 maxlen: 24
31.58.251.0/24 maxlen: 24
31.58.252.0/22 maxlen: 24
31.59.64.0/22 maxlen: 24
31.59.80.0/22 maxlen: 24
31.59.124.0/22 maxlen: 24
31.59.176.0/21 maxlen: 24
31.59.188.0/22 maxlen: 24
31.59.192.0/22 maxlen: 24
31.59.216.0/22 maxlen: 24
217.60.64.0/18 maxlen: 24
217.60.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:ec:35:6b:bf:0d:9c:74:18:7f:07:65:22:93:10:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 2 14:33:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=773f44e2171ef85da5eaf04adfb0b39c7c8ae4c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:14:e9:78:b0:2c:c1:09:b6:de:5f:98:97:25:
05:68:47:fd:fa:5d:34:b6:59:fb:f3:9b:d2:0d:59:
51:de:1a:1d:10:05:fe:43:1f:7a:ea:df:e1:3d:84:
24:35:f2:99:83:4b:bc:5c:7a:d5:05:e6:9d:31:b1:
f4:79:2f:c9:d6:47:7e:2c:b5:d4:bd:c6:62:00:11:
38:61:5c:b2:b2:16:38:76:22:75:38:92:e1:83:dd:
de:64:51:4f:4f:d9:1b:75:90:58:05:6a:7b:6a:2c:
36:49:71:c3:3f:76:b7:d7:cc:7b:70:36:39:79:49:
69:02:6e:45:43:92:5d:65:15:37:11:ce:22:4c:27:
59:18:42:c2:6f:a2:8a:68:17:e2:18:31:fe:99:b1:
5c:22:28:83:d1:84:51:ae:8e:bf:2b:c7:eb:f5:5a:
b8:10:61:f5:41:cb:be:a8:a8:ed:c3:68:e5:2a:3b:
43:dd:d1:4a:c3:cb:02:68:4b:99:61:81:7a:32:c3:
c3:b1:ab:11:e8:a2:6b:08:c8:57:c5:e2:87:69:28:
6a:30:93:5f:7e:48:97:6e:7c:88:82:cf:d9:5b:fe:
4d:9e:1f:41:f2:3e:1b:8c:0e:22:15:0e:2d:41:c8:
ff:d8:d9:50:44:07:e6:3a:20:0d:8c:03:cc:5a:a4:
99:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3F:44:E2:17:1E:F8:5D:A5:EA:F0:4A:DF:B0:B3:9C:7C:8A:E4:C4
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dz9E4hce-F2l6vBK37CznHyK5MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.16.0/22
31.57.16.0/21
31.57.135.0/24
31.58.176.0/22
31.58.200.0/22
31.58.216.0/22
31.58.235.0-31.58.236.255
31.58.240.0-31.58.244.255
31.58.247.0/24
31.58.251.0-31.58.255.255
31.59.64.0/22
31.59.80.0/22
31.59.124.0/22
31.59.176.0/21
31.59.188.0-31.59.195.255
31.59.216.0/22
217.60.64.0/18
217.60.187.0/24
Signature Algorithm: sha256WithRSAEncryption
03:69:fd:a2:02:b9:2f:b6:86:04:fa:fd:79:65:07:2c:0a:29:
0d:f1:22:68:b0:28:04:44:f1:c7:3c:da:4d:3f:97:ca:15:d3:
bf:a5:b5:bb:f4:bd:a3:30:49:22:9f:1f:35:67:88:1a:50:7d:
1e:a2:9b:d4:c8:68:bb:a8:c2:89:84:4f:b6:71:90:ce:ba:a9:
1f:b0:e5:1e:dc:d0:1c:8a:42:18:18:28:cb:d7:6e:e4:6d:13:
d3:7b:c6:84:8a:cd:9a:da:30:23:d7:4d:5d:11:e9:f0:85:5f:
1f:9b:75:16:ec:9b:96:99:77:54:86:48:54:e0:bd:8d:08:c8:
78:c2:69:c8:6f:81:95:45:00:1a:51:f9:de:05:cb:fb:2f:ef:
f4:84:46:bd:b2:96:ec:60:7c:ef:35:16:94:c9:34:f4:30:1d:
0d:09:b0:aa:67:fc:df:c2:ee:51:17:c2:3c:82:f9:93:43:7c:
13:71:32:77:13:5d:0f:8a:d3:fa:18:d8:3e:60:eb:d6:a1:a0:
4c:ae:1e:07:8b:3e:01:49:82:fa:da:49:40:11:8b:8c:65:94:
c0:ac:fd:52:6e:60:8b:b6:52:7d:f5:90:45:db:01:7a:b2:39:
46:db:da:f7:4c:ff:35:d8:e1:04:ec:50:8f:28:8d:98:8b:b0:
88:45:ca:35
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZX27DVrvw2cdBh/B2UikxAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDAyMTQzMzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNmNDRlMjE3MWVmODVkYTVlYWYwNGFkZmIwYjM5YzdjOGFlNGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthTpeLAswQm23l+YlyUFaEf9+l00
tln785vSDVlR3hodEAX+Qx966t/hPYQkNfKZg0u8XHrVBeadMbH0eS/J1kd+LLXU
vcZiABE4YVyyshY4diJ1OJLhg93eZFFPT9kbdZBYBWp7aiw2SXHDP3a318x7cDY5
eUlpAm5FQ5JdZRU3Ec4iTCdZGELCb6KKaBfiGDH+mbFcIiiD0YRRro6/K8fr9Vq4
EGH1Qcu+qKjtw2jlKjtD3dFKw8sCaEuZYYF6MsPDsasR6KJrCMhXxeKHaShqMJNf
fkiXbnyIgs/ZW/5Nnh9B8j4bjA4iFQ4tQcj/2NlQRAfmOiANjAPMWqSZCwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFHc/ROIXHvhdperwSt+ws5x8iuTEMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZHo5RTRoY2UtRjJsNnZCSzM3Q3puSHlLNU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTCBkgQCAAEwgYsDBAIf
OBADBAMfORADBAAfOYcDBAIfOrADBAIfOsgDBAIfOtgwDAMEAB866wMEAB867DAM
AwQEHzrwAwQAHzr0AwQAHzr3MAsDBAAfOvsDAwAfOgMEAh87QAMEAh87UAMEAh87
fAMEAx87sDAMAwQCHzu8AwQCHzvAAwQCHzvYAwQG2TxAAwQA2Ty7MA0GCSqGSIb3
DQEBCwUAA4IBAQADaf2iArkvtoYE+v15ZQcsCikN8SJosCgERPHHPNpNP5fKFdO/
pbW79L2jMEkinx81Z4gaUH0eopvUyGi7qMKJhE+2cZDOuqkfsOUe3NAcikIYGCjL
127kbRPTe8aEis2a2jAj101dEenwhV8fm3UW7JuWmXdUhkhU4L2NCMh4wmnIb4GV
RQAaUfneBcv7L+/0hEa9spbsYHzvNRaUyTT0MB0NCbCqZ/zfwu5RF8I8gvmTQ3wT
cTJ3E10PitP6GNg+YOvWoaBMrh4Hiz4BSYL62klAEYuMZZTArP1SbmCLtlJ99ZBF
2wF6sjlG29r3TP812OEE7FCPKI2Yi7CIRco1
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:03:47 2025 by rpki-client