Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fEUSnfovARpDHQKGMmOsKXa9uCM.roa
File: fEUSnfovARpDHQKGMmOsKXa9uCM.roa (raw, json)
Hash identifier: fbJfpgJ+z7nRuONkwj8KQsejw4bG3e3C/JNwqy9mdPI=
Subject key identifier: 7C:45:12:9D:FA:2F:01:1A:43:1D:02:86:32:63:AC:29:76:BD:B8:23
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0193406EB11F8CD3A7F963AA9E1ACB2E1EF8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fEUSnfovARpDHQKGMmOsKXa9uCM.roa
Signing time: Mon 18 Nov 2024 18:00:16 +0000
ROA not before: Mon 18 Nov 2024 18:00:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 31.56.57.0/24 maxlen: 24
31.59.19.0/24 maxlen: 24
31.59.22.0/24 maxlen: 24
31.59.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:40:6e:b1:1f:8c:d3:a7:f9:63:aa:9e:1a:cb:2e:1e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 18 18:00:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c45129dfa2f011a431d02863263ac2976bdb823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:db:72:a8:54:26:00:db:b3:90:ee:2b:c9:78:
bb:c3:ac:e4:69:b5:eb:6d:b9:89:39:9d:a0:47:66:
c9:d6:4d:6a:c4:77:cd:ed:a2:0a:d4:75:a4:a8:fa:
c3:29:22:a0:e6:13:63:81:8d:ec:da:5d:82:07:6c:
d6:2e:37:f9:9f:0a:80:90:91:15:34:ae:70:23:a4:
63:9f:31:fb:da:d7:01:5b:31:a4:d5:8a:74:47:01:
35:53:25:da:c1:44:f1:60:2b:b6:cf:67:f3:83:18:
47:fb:34:9a:d4:5c:c8:5a:d3:54:71:86:2a:7b:92:
1a:4f:0d:6b:8c:66:e3:02:55:3b:cb:56:36:8b:08:
17:8d:25:97:6a:2e:d8:66:6f:a2:88:70:0a:a1:15:
e2:e7:9a:9f:89:26:6c:f0:c3:f8:8f:4f:cb:df:f6:
2b:dc:8d:0f:28:ac:88:79:be:91:6b:e5:76:c1:2e:
47:f6:5b:01:b4:d5:3a:55:83:64:58:18:2c:fc:a8:
c1:3f:55:9a:ad:f3:ad:dd:1b:c9:b4:64:79:a7:a1:
32:fe:eb:19:54:96:9b:a0:43:50:26:1a:cb:a4:73:
e5:93:56:14:a4:33:99:e1:e0:6d:f5:93:28:e0:d0:
7f:11:0f:a1:f4:a4:ef:3d:be:15:03:3d:0b:16:d4:
c3:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:45:12:9D:FA:2F:01:1A:43:1D:02:86:32:63:AC:29:76:BD:B8:23
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fEUSnfovARpDHQKGMmOsKXa9uCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.57.0/24
31.59.19.0/24
31.59.22.0/24
31.59.25.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:be:ca:c0:0b:10:e0:c6:3d:06:ed:9d:6a:21:84:e2:45:df:
d4:e3:62:14:87:38:0c:42:5c:a8:fa:67:bc:36:e9:c4:12:9d:
04:2e:32:4f:59:b3:95:95:f0:a0:80:40:55:a2:17:81:21:46:
03:d4:03:13:44:a4:36:e8:29:70:99:fa:de:23:0a:65:a5:8a:
e6:14:7b:61:6f:d7:9f:97:95:61:bd:05:d6:cb:9c:c6:b1:67:
c5:b6:72:ee:4b:c7:ce:3b:dc:74:4f:fc:6b:1d:f0:14:99:8c:
65:c1:21:46:05:65:3c:b7:32:64:1f:3f:17:b7:77:ab:46:24:
1b:bb:e5:71:da:23:69:ca:b6:d1:19:02:e3:54:36:30:0f:64:
99:75:e8:6d:bb:a0:d7:99:f4:aa:30:5f:3a:7e:0a:1f:eb:24:
4d:ef:c8:f2:bd:ec:bf:17:3d:57:77:d1:bd:f3:dd:2b:cc:c5:
7f:78:89:60:37:53:dd:72:09:65:01:01:c9:32:b1:31:c4:27:
94:64:ac:06:2e:8c:71:1c:13:6b:a3:0e:00:5a:fa:85:10:24:
e4:5d:08:d1:33:f0:8e:fd:dd:ae:8d:c9:b8:6a:9f:c0:03:6d:
52:cc:7a:c7:24:43:98:d4:10:96:1f:4e:f6:ba:62:62:3c:5b:
f9:f1:87:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZNAbrEfjNOn+WOqnhrLLh74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE4MTgwMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQ1MTI5ZGZhMmYwMTFhNDMxZDAyODYzMjYzYWMyOTc2YmRiODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgttyqFQmANuzkO4ryXi7w6zkabXr
bbmJOZ2gR2bJ1k1qxHfN7aIK1HWkqPrDKSKg5hNjgY3s2l2CB2zWLjf5nwqAkJEV
NK5wI6RjnzH72tcBWzGk1Yp0RwE1UyXawUTxYCu2z2fzgxhH+zSa1FzIWtNUcYYq
e5IaTw1rjGbjAlU7y1Y2iwgXjSWXai7YZm+iiHAKoRXi55qfiSZs8MP4j0/L3/Yr
3I0PKKyIeb6Ra+V2wS5H9lsBtNU6VYNkWBgs/KjBP1WarfOt3RvJtGR5p6Ey/usZ
VJaboENQJhrLpHPlk1YUpDOZ4eBt9ZMo4NB/EQ+h9KTvPb4VAz0LFtTDzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHxFEp36LwEaQx0ChjJjrCl2vbgjMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZkVVU25mb3ZBUnBESFFLR01tT3NLWGE5dUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzg5AwQA
HzsTAwQAHzsWAwQAHzsZMA0GCSqGSIb3DQEBCwUAA4IBAQBbvsrACxDgxj0G7Z1q
IYTiRd/U42IUhzgMQlyo+me8NunEEp0ELjJPWbOVlfCggEBVoheBIUYD1AMTRKQ2
6ClwmfreIwplpYrmFHthb9efl5VhvQXWy5zGsWfFtnLuS8fOO9x0T/xrHfAUmYxl
wSFGBWU8tzJkHz8Xt3erRiQbu+Vx2iNpyrbRGQLjVDYwD2SZdehtu6DXmfSqMF86
fgof6yRN78jyvey/Fz1Xd9G9890rzMV/eIlgN1PdcgllAQHJMrExxCeUZKwGLoxx
HBNrow4AWvqFECTkXQjRM/CO/d2ujcm4ap/AA21SzHrHJEOY1BCWH072umJiPFv5
8Ycc
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:15 2024 by rpki-client on console-ams.rpki-client.org