Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hEYVXMY_9tlpe3hFybD0SZgDWGs.roa
File: hEYVXMY_9tlpe3hFybD0SZgDWGs.roa (raw, json)
Hash identifier: dLxLKuRu34MkINTihBd88qhRJN2EKlZY9i4RsgBypzg=
Subject key identifier: 84:46:15:5C:C6:3F:F6:D9:69:7B:78:45:C9:B0:F4:49:98:03:58:6B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196CFD3424521FFFD5ECFAE1AA2F06DA606
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hEYVXMY_9tlpe3hFybD0SZgDWGs.roa
Signing time: Wed 14 May 2025 17:24:10 +0000
ROA not before: Wed 14 May 2025 17:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213724
IP address blocks: 31.57.103.0/24 maxlen: 24
31.57.111.0/24 maxlen: 24
31.57.230.0/24 maxlen: 24
31.58.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:d3:42:45:21:ff:fd:5e:cf:ae:1a:a2:f0:6d:a6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 14 17:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8446155cc63ff6d9697b7845c9b0f4499803586b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:14:a2:d7:d9:a6:c2:60:53:76:a9:cb:25:
b7:53:26:26:64:06:65:7e:cf:ba:3c:f2:08:ea:5c:
7e:19:73:0b:54:d2:6d:36:68:26:b7:80:99:fe:de:
e4:6d:b0:5e:f1:7b:3d:b4:73:bc:f8:ee:61:2e:ad:
ad:58:da:36:16:19:00:71:04:47:55:44:9c:26:e3:
7c:33:13:8a:79:db:ce:ff:62:1b:4f:e9:c3:11:68:
11:59:43:d2:ee:1c:82:5a:4d:10:1d:bf:25:38:07:
9b:06:04:68:39:fc:21:dd:87:7c:06:20:da:f2:a8:
c4:09:95:18:4d:8f:d7:fb:1a:6e:99:b1:7c:58:2e:
1a:aa:b3:96:8e:95:5b:ba:18:2c:e4:1d:a4:83:c9:
c2:9e:9f:0b:d0:63:2e:88:e8:91:09:dd:a3:57:64:
12:8e:f4:23:c4:d5:d8:4e:0a:ca:9a:79:3d:1b:96:
96:af:16:4e:86:58:4e:d0:dd:3d:3f:e6:24:7c:d0:
5f:60:f8:ef:96:99:dd:99:8d:97:0b:d3:3a:8f:3f:
2f:be:b8:73:73:ee:0d:b6:ed:51:e2:63:e3:a0:87:
07:d0:59:b0:b6:80:56:c7:10:0d:ce:7b:a1:2c:ae:
20:3c:5e:97:b6:e1:d1:2e:18:a5:02:0b:93:fe:ad:
56:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:46:15:5C:C6:3F:F6:D9:69:7B:78:45:C9:B0:F4:49:98:03:58:6B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hEYVXMY_9tlpe3hFybD0SZgDWGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.103.0/24
31.57.111.0/24
31.57.230.0/24
31.58.40.0/24
Signature Algorithm: sha256WithRSAEncryption
73:34:4c:f7:63:c0:8f:31:d2:02:9e:24:99:b9:ee:86:14:21:
38:06:02:62:57:83:8f:b1:cb:84:b7:93:ce:b2:70:4a:29:9f:
04:52:c3:98:90:28:77:49:29:02:fe:d2:ec:28:60:3b:43:9d:
ec:ef:e5:7f:a9:68:18:29:1d:33:36:af:9f:81:b0:17:40:6d:
0a:48:5f:a0:56:b9:93:cd:c3:9e:c6:3e:29:3b:51:4e:24:56:
b3:9b:b9:03:af:28:f0:67:5c:36:cd:2c:a7:c9:00:42:e6:62:
86:15:7b:7e:30:b5:58:14:a6:f0:2c:88:1f:84:d4:e0:c2:7b:
88:eb:e8:02:e0:a5:ce:63:c2:ee:c0:cb:54:06:cf:b0:bb:1d:
22:22:22:af:1c:7a:98:c4:f7:37:13:e0:f9:af:1c:5b:b7:00:
29:2b:1e:8f:b3:f8:df:83:f2:df:b6:d9:67:d0:d5:0b:49:09:
41:20:fb:a3:2d:21:f3:a8:7f:1f:a4:bf:26:35:8b:72:dc:28:
10:e7:dc:3d:9f:0e:63:48:f0:a2:db:e5:73:69:23:ed:06:3a:
1c:ec:ab:83:32:f8:a3:87:d3:ea:61:35:4b:e2:f7:a0:59:5d:
9d:87:53:8f:12:a6:7c:dd:66:a4:29:09:21:6d:3e:46:31:90:
6f:e7:83:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbP00JFIf/9Xs+uGqLwbaYGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTE0MTcyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ2MTU1Y2M2M2ZmNmQ5Njk3Yjc4NDVjOWIwZjQ0OTk4MDM1ODZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXIUotfZpsJgU3apyyW3UyYmZAZl
fs+6PPII6lx+GXMLVNJtNmgmt4CZ/t7kbbBe8Xs9tHO8+O5hLq2tWNo2FhkAcQRH
VUScJuN8MxOKedvO/2IbT+nDEWgRWUPS7hyCWk0QHb8lOAebBgRoOfwh3Yd8BiDa
8qjECZUYTY/X+xpumbF8WC4aqrOWjpVbuhgs5B2kg8nCnp8L0GMuiOiRCd2jV2QS
jvQjxNXYTgrKmnk9G5aWrxZOhlhO0N09P+YkfNBfYPjvlpndmY2XC9M6jz8vvrhz
c+4Ntu1R4mPjoIcH0FmwtoBWxxANznuhLK4gPF6XtuHRLhilAguT/q1WKwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIRGFVzGP/bZaXt4Rcmw9EmYA1hrMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaEVZVlhNWV85dGxwZTNoRnliRDBTWmdEV0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzlnAwQA
HzlvAwQAHznmAwQAHzooMA0GCSqGSIb3DQEBCwUAA4IBAQBzNEz3Y8CPMdICniSZ
ue6GFCE4BgJiV4OPscuEt5POsnBKKZ8EUsOYkCh3SSkC/tLsKGA7Q53s7+V/qWgY
KR0zNq+fgbAXQG0KSF+gVrmTzcOexj4pO1FOJFazm7kDryjwZ1w2zSynyQBC5mKG
FXt+MLVYFKbwLIgfhNTgwnuI6+gC4KXOY8LuwMtUBs+wux0iIiKvHHqYxPc3E+D5
rxxbtwApKx6Ps/jfg/Lfttln0NULSQlBIPujLSHzqH8fpL8mNYty3CgQ59w9nw5j
SPCi2+VzaSPtBjoc7KuDMvijh9PqYTVL4vegWV2dh1OPEqZ83WakKQkhbT5GMZBv
54NW
-----END CERTIFICATE-----
Generated at Thu Jun 5 04:06:16 2025 by rpki-client