Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e8QjQXMVhXs7cd2G3pG-NI3mG20.roa
File: e8QjQXMVhXs7cd2G3pG-NI3mG20.roa (raw, json)
Hash identifier: PK44AbCNinyEx/Au3MjG5FqJ0GRFpWDnVvJ47Oj2gII=
Subject key identifier: 7B:C4:23:41:73:15:85:7B:3B:71:DD:86:DE:91:BE:34:8D:E6:1B:6D
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194282337793B9E11ECDF758B31769A33A7
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e8QjQXMVhXs7cd2G3pG-NI3mG20.roa
Signing time: Thu 02 Jan 2025 17:49:44 +0000
ROA not before: Thu 02 Jan 2025 17:49:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.57.89.0/24 maxlen: 24
31.58.11.0/24 maxlen: 24
31.58.17.0/24 maxlen: 24
31.58.25.0/24 maxlen: 24
31.58.27.0/24 maxlen: 24
31.58.31.0/24 maxlen: 24
31.59.12.0/24 maxlen: 24
31.59.16.0/24 maxlen: 24
31.59.17.0/24 maxlen: 24
31.59.23.0/24 maxlen: 24
31.59.26.0/24 maxlen: 24
31.59.31.0/24 maxlen: 24
31.59.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:37:79:3b:9e:11:ec:df:75:8b:31:76:9a:33:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bc423417315857b3b71dd86de91be348de61b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:23:21:9a:5d:78:3d:7f:88:b2:e4:9b:e4:3f:
f4:89:c9:ef:a6:22:0c:c4:66:02:f2:f2:a1:bc:86:
6a:96:47:fc:94:19:6c:b9:b6:9c:48:6f:7a:bd:85:
0a:ff:f6:95:64:10:d7:8f:f4:b5:d5:41:a4:0b:a8:
ff:a6:40:c3:69:7e:e5:d0:cc:94:9d:59:9e:67:da:
d6:db:0f:58:fd:4a:5b:3b:35:73:39:b6:f9:a5:bb:
bc:4d:31:8e:73:43:54:da:66:42:b8:ca:a0:d9:ad:
fa:67:40:47:de:ea:df:3a:f1:4a:a5:ce:6a:e4:02:
8d:b1:ce:bb:57:a6:52:6a:a3:e1:20:59:26:36:c2:
f9:b9:c5:81:33:81:31:a2:50:89:63:58:ef:05:14:
39:96:18:94:6d:ae:41:be:a9:49:37:59:a7:c5:e1:
91:6e:71:df:6d:cd:98:0e:22:e4:df:b5:7c:ed:1c:
27:88:22:53:b8:fa:ea:5e:11:76:1f:2c:d3:1a:f1:
a8:78:bf:cf:5c:1e:0d:ca:72:14:f6:65:2a:00:2a:
95:5e:03:34:17:6d:77:b4:b0:c4:bb:18:f5:f7:2d:
5f:cd:35:28:5d:42:7b:09:65:8a:68:d0:c1:08:60:
dd:8c:48:f9:a5:74:43:c6:43:6b:24:65:bc:b8:e5:
48:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C4:23:41:73:15:85:7B:3B:71:DD:86:DE:91:BE:34:8D:E6:1B:6D
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/e8QjQXMVhXs7cd2G3pG-NI3mG20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.89.0/24
31.58.11.0/24
31.58.17.0/24
31.58.25.0/24
31.58.27.0/24
31.58.31.0/24
31.59.12.0/24
31.59.16.0/23
31.59.23.0/24
31.59.26.0/24
31.59.31.0-31.59.32.255
Signature Algorithm: sha256WithRSAEncryption
0f:ef:29:e9:c6:b8:56:ff:7a:be:99:ec:fa:92:7c:44:b7:06:
ba:d4:f6:9b:14:8c:7b:c2:a4:dc:cb:b4:55:b4:c5:a8:92:a5:
7b:c4:51:f6:73:10:32:65:29:07:80:7e:c0:9c:95:f8:eb:05:
d6:ec:de:8d:3b:af:c8:4b:0e:4a:25:df:9f:81:d0:e9:be:d9:
62:98:69:05:95:14:be:dd:49:97:05:d7:71:61:b3:2c:f3:3f:
c4:dd:7f:ac:2b:4f:c6:ce:f3:76:1b:0d:51:a7:a5:99:91:25:
bf:dd:6a:18:1a:14:62:e2:24:d0:4b:97:be:d1:b0:d9:cc:36:
5b:dd:cb:b9:fd:2d:8e:0d:d2:df:b7:25:d5:ff:b1:51:f9:70:
f6:6c:e4:36:e9:f1:9b:58:0c:11:53:5a:76:aa:5c:21:88:c4:
b1:18:5b:6a:d4:8a:02:00:09:d3:75:bb:2f:a8:9f:b0:17:50:
a1:3e:45:6f:64:d0:9d:2c:0c:f7:51:85:f0:3c:bf:c8:9d:9a:
4f:32:2b:f2:3f:21:e9:3c:66:c0:7a:8e:8f:30:f9:8d:b9:c5:
fc:6b:5e:7c:3d:7a:5e:65:f4:fd:e7:d9:25:4f:da:5d:9e:d1:
51:03:24:da:5a:55:ae:94:d8:c4:9a:42:56:05:55:1d:82:2d:
b4:9a:63:4c
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZQoIzd5O54R7N91izF2mjOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmM0MjM0MTczMTU4NTdiM2I3MWRkODZkZTkxYmUzNDhkZTYxYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSMhml14PX+IsuSb5D/0icnvpiIM
xGYC8vKhvIZqlkf8lBlsubacSG96vYUK//aVZBDXj/S11UGkC6j/pkDDaX7l0MyU
nVmeZ9rW2w9Y/UpbOzVzObb5pbu8TTGOc0NU2mZCuMqg2a36Z0BH3urfOvFKpc5q
5AKNsc67V6ZSaqPhIFkmNsL5ucWBM4ExolCJY1jvBRQ5lhiUba5BvqlJN1mnxeGR
bnHfbc2YDiLk37V87RwniCJTuPrqXhF2HyzTGvGoeL/PXB4NynIU9mUqACqVXgM0
F213tLDEuxj19y1fzTUoXUJ7CWWKaNDBCGDdjEj5pXRDxkNrJGW8uOVITwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFHvEI0FzFYV7O3Hdht6RvjSN5httMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZThRalFYTVZoWHM3Y2QyRzNwRy1OSTNtRzIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAHzlZAwQA
HzoLAwQAHzoRAwQAHzoZAwQAHzobAwQAHzofAwQAHzsMAwQBHzsQAwQAHzsXAwQA
HzsaMAwDBAAfOx8DBAAfOyAwDQYJKoZIhvcNAQELBQADggEBAA/vKenGuFb/er6Z
7PqSfES3BrrU9psUjHvCpNzLtFW0xaiSpXvEUfZzEDJlKQeAfsCclfjrBdbs3o07
r8hLDkol35+B0Om+2WKYaQWVFL7dSZcF13FhsyzzP8Tdf6wrT8bO83YbDVGnpZmR
Jb/dahgaFGLiJNBLl77RsNnMNlvdy7n9LY4N0t+3JdX/sVH5cPZs5Dbp8ZtYDBFT
WnaqXCGIxLEYW2rUigIACdN1uy+on7AXUKE+RW9k0J0sDPdRhfA8v8idmk8yK/I/
Iek8ZsB6jo8w+Y25xfxrXnw9el5l9P3n2SVP2l2e0VEDJNpaVa6U2MSaQlYFVR2C
LbSaY0w=
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:10:59 2025 by rpki-client