Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f4cRXGz2DLOvMMtNy61w9ZG9pko.roa
File: f4cRXGz2DLOvMMtNy61w9ZG9pko.roa (raw, json)
Hash identifier: SirQVtcsBx2IL9yiMh72oy5js3+z798Nj+FZtDQTW4o=
Subject key identifier: 7F:87:11:5C:6C:F6:0C:B3:AF:30:CB:4D:CB:AD:70:F5:91:BD:A6:4A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01946EF87ED66C9DB715EC85D45238883A03
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f4cRXGz2DLOvMMtNy61w9ZG9pko.roa
Signing time: Thu 16 Jan 2025 11:56:06 +0000
ROA not before: Thu 16 Jan 2025 11:56:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.57.104.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.181.0/24 maxlen: 24
31.57.215.0/24 maxlen: 24
31.57.219.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.57.253.0/24 maxlen: 24
31.57.255.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:f8:7e:d6:6c:9d:b7:15:ec:85:d4:52:38:88:3a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 16 11:56:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f87115c6cf60cb3af30cb4dcbad70f591bda64a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:08:4e:2c:2e:35:6b:80:fa:62:e2:bf:ec:cc:
17:2b:37:e2:ad:cb:2b:4a:1f:24:8b:22:69:d6:d6:
34:5b:e6:19:54:93:9d:52:aa:b1:ec:2f:e5:7f:dc:
9b:a3:55:31:2b:7b:e7:f7:34:51:30:7e:d1:fc:35:
f0:98:85:c2:83:c5:aa:69:67:78:1c:d0:b8:af:63:
52:48:88:f9:5a:c2:da:85:47:04:cf:1e:e8:37:6c:
64:99:9e:b4:cb:16:a4:63:8a:0f:e2:aa:43:1b:58:
b5:fb:0b:61:37:4c:40:c2:b2:a1:5c:3c:fc:f1:ef:
3d:b4:8d:83:65:2d:88:54:72:cd:86:65:9b:c6:08:
9f:f1:90:2d:68:18:bd:0d:04:42:bf:fe:20:7d:b6:
fb:65:81:44:ea:46:b8:85:c9:2b:f6:25:60:f4:77:
3f:55:99:1e:80:08:1d:6e:5a:d1:3e:ca:e6:ec:44:
5d:db:1b:c7:cf:ab:65:db:37:74:cd:7d:8b:cb:1f:
22:02:ea:2e:ef:88:7f:da:65:f6:50:1d:c2:33:ed:
28:57:9f:da:83:20:dc:79:42:4e:13:00:42:d9:74:
ed:17:d3:bb:2e:89:48:0b:18:19:9b:df:25:3e:4d:
b5:b6:53:01:09:13:a7:a1:6d:64:f8:31:82:47:09:
7e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:87:11:5C:6C:F6:0C:B3:AF:30:CB:4D:CB:AD:70:F5:91:BD:A6:4A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/f4cRXGz2DLOvMMtNy61w9ZG9pko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.200.0/24
31.56.202.0/24
31.57.104.0/24
31.57.132.0/24
31.57.181.0/24
31.57.215.0/24
31.57.219.0/24
31.57.221.0/24
31.57.252.0/23
31.57.255.0/24
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
86:06:b2:53:0d:90:1c:fc:56:75:ed:b7:86:d1:a5:ac:b5:46:
48:1c:b8:56:be:dd:53:a8:fc:a0:6f:ef:bd:67:04:bf:4d:74:
f6:8f:d8:25:b7:a3:4e:a8:58:db:72:8e:7c:6c:cb:6f:89:b2:
f3:21:81:dc:46:86:10:4d:f4:ff:e4:91:cb:72:88:b7:1f:7a:
d3:49:1e:0e:5c:f0:d9:df:e5:9b:be:8c:2b:01:2f:0f:6d:71:
70:54:e7:dc:ad:48:78:25:32:24:4e:42:cb:5d:8f:e6:b7:8d:
39:18:e6:22:c1:b2:09:ff:73:79:f9:c6:58:6d:0d:71:f6:f4:
45:3a:a7:09:31:33:28:45:7a:b2:a1:11:a5:3d:b6:fd:5f:eb:
a3:36:85:79:f7:d7:34:df:63:cf:f7:ec:6c:6d:49:ce:a0:b5:
ed:6c:e3:7c:fc:38:76:60:21:6d:03:52:fa:c4:46:28:8f:77:
ae:76:63:b6:45:8d:9b:47:bd:f5:f7:38:0b:ed:a6:ff:bb:58:
96:32:51:1b:98:61:64:96:29:12:a3:3e:71:fb:95:69:be:8c:
fb:2e:80:9e:be:c3:c8:5b:12:4d:bf:65:b9:39:4e:c4:a1:42:
85:21:31:98:e3:bf:0b:4e:77:ca:6b:80:12:4b:dc:ac:89:41:
be:05:3a:15
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZRu+H7WbJ23FeyF1FI4iDoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTE2MTE1NjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjg3MTE1YzZjZjYwY2IzYWYzMGNiNGRjYmFkNzBmNTkxYmRhNjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwhOLC41a4D6YuK/7MwXKzfircsr
Sh8kiyJp1tY0W+YZVJOdUqqx7C/lf9ybo1UxK3vn9zRRMH7R/DXwmIXCg8WqaWd4
HNC4r2NSSIj5WsLahUcEzx7oN2xkmZ60yxakY4oP4qpDG1i1+wthN0xAwrKhXDz8
8e89tI2DZS2IVHLNhmWbxgif8ZAtaBi9DQRCv/4gfbb7ZYFE6ka4hckr9iVg9Hc/
VZkegAgdblrRPsrm7ERd2xvHz6tl2zd0zX2Lyx8iAuou74h/2mX2UB3CM+0oV5/a
gyDceUJOEwBC2XTtF9O7LolICxgZm98lPk21tlMBCROnoW1k+DGCRwl+SwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFH+HEVxs9gyzrzDLTcutcPWRvaZKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZjRjUlhHejJETE92TU10Tnk2MXc5Wkc5cGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAHzhFAwQA
HzhIAwQAHzhUAwQAHzjIAwQAHzjKAwQAHzloAwQAHzmEAwQAHzm1AwQAHznXAwQA
HznbAwQAHzndAwQBHzn8AwQAHzn/AwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQCG
BrJTDZAc/FZ17beG0aWstUZIHLhWvt1TqPygb++9ZwS/TXT2j9glt6NOqFjbco58
bMtvibLzIYHcRoYQTfT/5JHLcoi3H3rTSR4OXPDZ3+WbvowrAS8PbXFwVOfcrUh4
JTIkTkLLXY/mt405GOYiwbIJ/3N5+cZYbQ1x9vRFOqcJMTMoRXqyoRGlPbb9X+uj
NoV599c032PP9+xsbUnOoLXtbON8/Dh2YCFtA1L6xEYoj3eudmO2RY2bR7319zgL
7ab/u1iWMlEbmGFklikSoz5x+5Vpvoz7LoCevsPIWxJNv2W5OU7EoUKFITGY478L
TnfKa4ASS9ysiUG+BToV
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:05:46 2025 by rpki-client