Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fSkigwBBxXCzkQBlidAEhiR3nvc.roa
File: fSkigwBBxXCzkQBlidAEhiR3nvc.roa (raw, json)
Hash identifier: q8TWh8jIYjvi3DxKqCBC+kzKWH06sEcX4jbXI3Z5cRA=
Subject key identifier: 7D:29:22:83:00:41:C5:70:B3:91:00:65:89:D0:04:86:24:77:9E:F7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194461EA0205A75864749EFBF0F10D912D5
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fSkigwBBxXCzkQBlidAEhiR3nvc.roa
Signing time: Wed 08 Jan 2025 13:33:19 +0000
ROA not before: Wed 08 Jan 2025 13:33:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211407
IP address blocks: 31.56.78.0/24 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.58.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:46:1e:a0:20:5a:75:86:47:49:ef:bf:0f:10:d9:12:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 8 13:33:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d2922830041c570b391006589d0048624779ef7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f6:f3:71:72:e0:07:ff:4d:ab:3a:04:90:88:
48:7c:83:56:a3:f7:e0:47:7b:8d:bf:81:cc:c9:f2:
6f:44:bd:38:eb:60:4d:e7:33:a8:87:15:9f:67:6a:
99:1c:9f:cf:59:47:a7:5c:16:3f:06:7d:66:9c:b6:
f4:a3:e7:f0:0f:ea:56:b6:87:0d:01:07:90:5a:e4:
0d:7f:3a:39:57:6e:f0:b4:80:15:b6:9d:fd:f0:38:
6c:cf:78:9b:49:eb:f6:bb:72:09:a4:bb:2e:5b:36:
98:01:ad:c9:86:f0:3b:c3:53:0d:c1:bc:6b:24:b2:
78:44:60:12:ba:b0:5a:34:6c:5c:7a:d5:60:61:96:
2c:ca:7c:8b:f9:37:c0:1b:8b:c0:9a:b7:3b:c5:bb:
a3:bb:0b:89:f7:9e:75:b9:aa:c0:61:69:98:7e:ca:
f8:6b:08:d0:e4:fc:9c:10:e3:91:e0:2f:34:a2:db:
97:f8:b9:4d:53:77:c9:0c:b8:fa:34:a6:19:51:3a:
85:40:0e:a2:7c:c1:48:b8:65:85:a0:c5:0d:43:5b:
06:3e:f9:de:c9:24:3b:b7:e2:44:ad:43:3b:4f:60:
f6:0c:c5:6b:c5:9d:26:ef:c8:50:83:ff:7a:e6:79:
5c:45:77:cb:8a:44:28:bc:0a:97:6c:f4:7c:f9:b8:
2b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:29:22:83:00:41:C5:70:B3:91:00:65:89:D0:04:86:24:77:9E:F7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/fSkigwBBxXCzkQBlidAEhiR3nvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.78.0/24
31.57.178.0/24
31.57.183.0/24
31.58.158.0/24
Signature Algorithm: sha256WithRSAEncryption
65:e1:82:97:16:0b:c0:36:93:d6:2c:e6:53:7b:02:ab:c4:83:
a5:21:20:35:89:11:9b:07:f3:cc:50:51:4c:16:e6:89:03:60:
85:71:b8:3e:b1:1b:bb:26:ca:4a:10:9c:d7:8b:a2:01:06:4d:
fb:88:d9:a2:0e:5c:85:a2:fe:72:d5:1e:11:f1:bb:83:69:b5:
f0:42:96:12:00:7e:98:32:02:f7:34:c5:33:26:63:8d:8c:c3:
ec:89:fe:2c:d7:b2:ce:2c:88:00:a3:2e:21:d1:d5:c5:52:3e:
27:35:2e:23:40:25:b1:43:64:be:3a:50:1b:02:81:13:3b:04:
4a:1f:87:4b:c0:9f:be:a4:de:99:c9:ed:ae:ea:ee:d4:28:b4:
19:f0:16:74:11:f6:61:da:6e:4f:a8:3a:f6:d1:24:e8:61:79:
ab:1b:14:6b:12:71:e3:17:9f:50:83:64:48:21:20:9b:f7:69:
fa:cb:28:b7:b4:a9:a9:ec:1b:50:ac:76:63:27:07:07:11:98:
21:d9:e3:f9:e6:a7:7d:a2:58:6f:a7:48:21:57:7b:fb:ee:f1:
36:ac:59:bf:f4:9d:2f:7c:66:d9:d7:71:71:38:77:eb:cd:61:
48:8c:f1:ee:44:12:44:72:30:42:02:b6:53:ce:ff:52:69:2e:
87:b4:b0:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRGHqAgWnWGR0nvvw8Q2RLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTA4MTMzMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDI5MjI4MzAwNDFjNTcwYjM5MTAwNjU4OWQwMDQ4NjI0Nzc5ZWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvbzcXLgB/9NqzoEkIhIfINWo/fg
R3uNv4HMyfJvRL0462BN5zOohxWfZ2qZHJ/PWUenXBY/Bn1mnLb0o+fwD+pWtocN
AQeQWuQNfzo5V27wtIAVtp398Dhsz3ibSev2u3IJpLsuWzaYAa3JhvA7w1MNwbxr
JLJ4RGASurBaNGxcetVgYZYsynyL+TfAG4vAmrc7xbujuwuJ9551uarAYWmYfsr4
awjQ5PycEOOR4C80otuX+LlNU3fJDLj6NKYZUTqFQA6ifMFIuGWFoMUNQ1sGPvne
ySQ7t+JErUM7T2D2DMVrxZ0m78hQg/965nlcRXfLikQovAqXbPR8+bgrywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH0pIoMAQcVws5EAZYnQBIYkd573MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZlNraWd3QkJ4WEN6a1FCbGlkQUVoaVIzbnZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhOAwQA
HzmyAwQAHzm3AwQAHzqeMA0GCSqGSIb3DQEBCwUAA4IBAQBl4YKXFgvANpPWLOZT
ewKrxIOlISA1iRGbB/PMUFFMFuaJA2CFcbg+sRu7JspKEJzXi6IBBk37iNmiDlyF
ov5y1R4R8buDabXwQpYSAH6YMgL3NMUzJmONjMPsif4s17LOLIgAoy4h0dXFUj4n
NS4jQCWxQ2S+OlAbAoETOwRKH4dLwJ++pN6Zye2u6u7UKLQZ8BZ0EfZh2m5PqDr2
0SToYXmrGxRrEnHjF59Qg2RIISCb92n6yyi3tKmp7BtQrHZjJwcHEZgh2eP55qd9
olhvp0ghV3v77vE2rFm/9J0vfGbZ13FxOHfrzWFIjPHuRBJEcjBCArZTzv9SaS6H
tLBy
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:50:39 2025 by rpki-client