Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h0LF_gze9DWl1pPz5G4LJYARgb0.roa
File: h0LF_gze9DWl1pPz5G4LJYARgb0.roa (raw, json)
Hash identifier: RFMWQsJZBPI4L0dPCzEJnwKche2LiZ+bOcWobBLACrk=
Subject key identifier: 87:42:C5:FE:0C:DE:F4:35:A5:D6:93:F3:E4:6E:0B:25:80:11:81:BD
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195F25CE952B1E75C441BF6AA3E6856DA5C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h0LF_gze9DWl1pPz5G4LJYARgb0.roa
Signing time: Tue 01 Apr 2025 17:18:50 +0000
ROA not before: Tue 01 Apr 2025 17:18:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 31.56.40.0/24 maxlen: 24
31.57.159.0/24 maxlen: 24
31.57.201.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.220.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f2:5c:e9:52:b1:e7:5c:44:1b:f6:aa:3e:68:56:da:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 1 17:18:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8742c5fe0cdef435a5d693f3e46e0b25801181bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:df:64:45:1a:ab:52:fa:e9:ad:5e:72:a9:73:
00:37:d6:e6:ed:ef:f2:b0:58:d9:d2:82:e7:26:2a:
82:7f:c5:6d:ec:0c:62:33:4d:a3:fa:b7:16:cf:41:
e5:11:4b:9c:4f:64:58:7e:43:31:9a:f5:d6:de:bb:
c6:54:e5:eb:f6:8f:0a:f6:15:98:03:c0:a6:b3:ec:
67:8f:df:d6:8a:8d:96:41:f3:29:9e:aa:97:67:5f:
6a:48:48:85:63:5d:c0:98:3f:53:78:ae:33:57:d6:
d3:99:08:b7:fe:9f:44:24:da:a8:8e:58:38:f8:2d:
57:39:93:9a:d1:68:02:2d:5e:a2:c6:c0:61:25:d2:
d1:d0:b7:04:7c:5a:f1:3c:d3:4f:a4:06:30:c5:2e:
5f:4d:a5:f2:92:dd:12:06:62:d7:7c:e4:73:9c:1b:
98:e6:b1:78:5b:d4:de:dc:48:7d:bc:c4:c8:26:a2:
13:27:ae:d9:16:d7:36:78:10:9d:77:8d:06:1e:b0:
36:eb:b8:91:ef:1e:a3:f9:8b:49:44:b0:75:8a:28:
b6:3e:e9:5e:22:1e:55:3c:c6:6c:1f:35:ae:0d:6c:
f8:f2:af:41:34:3e:ad:37:67:90:e5:8a:84:38:9d:
86:05:99:91:fa:00:f2:c7:f4:f3:bd:9f:81:eb:9f:
d2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:42:C5:FE:0C:DE:F4:35:A5:D6:93:F3:E4:6E:0B:25:80:11:81:BD
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/h0LF_gze9DWl1pPz5G4LJYARgb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.40.0/24
31.57.159.0/24
31.57.201.0/24
31.57.207.0/24
31.57.220.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ee:69:68:0b:49:4f:27:34:58:38:70:6a:13:5d:a0:ba:5c:
ec:cf:46:f3:8c:e5:ab:f8:e1:79:29:aa:97:5d:69:88:cc:72:
55:16:aa:92:f6:ac:13:53:ca:44:2a:c7:85:04:f9:d1:c5:47:
4e:64:30:7d:38:49:1d:c9:86:d2:87:0a:1f:ab:25:55:61:9e:
e4:ac:32:d7:6e:7d:27:af:a1:3c:28:a7:82:2b:fc:e4:d1:44:
67:0a:ce:e1:35:4f:d4:a7:c8:5e:a6:b3:6e:e7:99:0f:05:bc:
83:60:82:44:a0:97:3d:8b:0e:7f:30:0f:99:cd:9b:44:3e:94:
19:e5:db:64:d8:be:a2:e5:d5:e8:d7:bf:03:1c:7c:b8:9b:3b:
0d:0e:b7:fa:5d:55:1c:82:aa:a0:81:ce:1b:b4:df:7a:ba:e6:
79:38:22:2d:8f:ba:70:14:6a:9e:aa:06:45:4f:ec:5e:9a:ea:
1e:22:2f:76:1f:4d:38:c4:6f:40:15:c3:4e:30:55:22:f1:98:
d0:17:9e:2a:f9:9a:18:08:5c:c8:23:91:64:ff:63:42:3f:55:
75:7e:d7:93:2f:31:06:69:20:4c:5d:01:3f:a1:dc:33:29:f9:
ad:86:e3:8f:7c:81:ed:8f:4e:d4:93:6b:0c:d1:e2:29:a3:dd:
86:b2:56:08
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXyXOlSsedcRBv2qj5oVtpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDAxMTcxODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQyYzVmZTBjZGVmNDM1YTVkNjkzZjNlNDZlMGIyNTgwMTE4MWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwN9kRRqrUvrprV5yqXMAN9bm7e/y
sFjZ0oLnJiqCf8Vt7AxiM02j+rcWz0HlEUucT2RYfkMxmvXW3rvGVOXr9o8K9hWY
A8Cms+xnj9/Wio2WQfMpnqqXZ19qSEiFY13AmD9TeK4zV9bTmQi3/p9EJNqojlg4
+C1XOZOa0WgCLV6ixsBhJdLR0LcEfFrxPNNPpAYwxS5fTaXykt0SBmLXfORznBuY
5rF4W9Te3Eh9vMTIJqITJ67ZFtc2eBCdd40GHrA267iR7x6j+YtJRLB1iii2Pule
Ih5VPMZsHzWuDWz48q9BND6tN2eQ5YqEOJ2GBZmR+gDyx/TzvZ+B65/SCwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIdCxf4M3vQ1pdaT8+RuCyWAEYG9MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaDBMRl9nemU5RFdsMXBQejVHNExKWUFSZ2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzgoAwQA
HzmfAwQAHznJAwQAHznPAwQAHzncAwQAHztiMA0GCSqGSIb3DQEBCwUAA4IBAQA1
7mloC0lPJzRYOHBqE12gulzsz0bzjOWr+OF5KaqXXWmIzHJVFqqS9qwTU8pEKseF
BPnRxUdOZDB9OEkdyYbShwofqyVVYZ7krDLXbn0nr6E8KKeCK/zk0URnCs7hNU/U
p8heprNu55kPBbyDYIJEoJc9iw5/MA+ZzZtEPpQZ5dtk2L6i5dXo178DHHy4mzsN
Drf6XVUcgqqggc4btN96uuZ5OCItj7pwFGqeqgZFT+xemuoeIi92H004xG9AFcNO
MFUi8ZjQF54q+ZoYCFzII5Fk/2NCP1V1fteTLzEGaSBMXQE/odwzKfmthuOPfIHt
j07Uk2sM0eIpo92GslYI
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:51:00 2025 by rpki-client