Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hN4Hr9jxlQF0yxpXphKxVRlJWAs.roa
File: hN4Hr9jxlQF0yxpXphKxVRlJWAs.roa (raw, json)
Hash identifier: W11N69XNt7Om+2tO5GwsXG3/2MnE+elNze7wjmWYtI0=
Subject key identifier: 84:DE:07:AF:D8:F1:95:01:74:CB:1A:57:A6:12:B1:55:19:49:58:0B
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192F11694494AA98529FBFB64EEDD1DA70D
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hN4Hr9jxlQF0yxpXphKxVRlJWAs.roa
Signing time: Sun 03 Nov 2024 08:14:01 +0000
ROA not before: Sun 03 Nov 2024 08:14:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.56.112.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
31.58.50.0/23 maxlen: 24
31.58.56.0/23 maxlen: 24
31.58.64.0/23 maxlen: 24
31.58.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 14:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f1:16:94:49:4a:a9:85:29:fb:fb:64:ee:dd:1d:a7:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 3 08:14:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84de07afd8f1950174cb1a57a612b1551949580b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c9:2a:1e:5f:d6:b9:e3:72:e0:7f:a4:e3:98:
9f:c8:48:10:88:d9:a9:72:19:3e:b2:37:09:01:a9:
78:29:dd:9b:12:b3:28:49:f6:ce:8d:34:84:98:fd:
d7:4e:cf:bb:79:4d:1e:c4:0f:af:cb:20:7d:4e:ac:
1f:bd:eb:88:d1:85:a1:df:59:73:77:80:b3:f0:69:
22:68:c9:33:7d:ce:ba:d9:1d:69:c1:24:97:15:8a:
56:8a:69:65:e3:2a:d1:a0:8f:29:ea:cb:30:84:ef:
ec:d4:6e:c8:e1:4e:06:6f:41:e8:20:a8:b8:b1:d2:
56:58:6c:3c:41:79:17:b5:a7:a7:bb:10:2d:72:47:
e8:6c:84:05:db:2f:09:b1:e5:40:fd:72:27:f5:91:
f0:9a:2f:dd:ee:68:a1:6f:e0:ef:28:d4:e3:25:b3:
ee:8c:90:57:34:64:f8:ec:74:9c:85:e7:62:74:af:
13:2d:ae:d5:c8:d1:a2:07:29:27:4e:fb:11:da:53:
52:ad:1f:29:29:e0:2b:eb:b5:11:e3:6e:78:c7:1b:
27:23:f0:ed:b3:a4:95:6c:57:c5:25:d5:08:9b:d7:
65:ab:30:f5:09:23:e0:ae:e9:25:8e:eb:54:56:f8:
bd:27:90:c1:d7:20:98:63:96:93:79:c0:7c:4a:24:
4c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DE:07:AF:D8:F1:95:01:74:CB:1A:57:A6:12:B1:55:19:49:58:0B
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/hN4Hr9jxlQF0yxpXphKxVRlJWAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.56.112.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
31.58.50.0/23
31.58.56.0/23
31.58.64.0/23
31.58.136.0/24
Signature Algorithm: sha256WithRSAEncryption
05:a9:42:fc:3b:d9:3b:c3:ea:cf:e8:40:f6:e4:76:82:ae:dc:
96:37:be:9c:51:9a:0d:07:ed:55:e6:55:43:d5:1e:48:d0:9a:
b8:ef:80:3c:d4:4b:40:2e:1b:76:7e:1f:c3:18:49:ce:63:34:
ed:78:66:f4:e9:c6:be:10:08:98:82:44:e9:64:08:b3:9e:40:
05:3b:f2:3f:67:be:2d:d3:62:4f:d0:4e:fa:90:7a:4f:ed:32:
d8:d2:a7:c4:bc:4e:38:c6:4c:f1:a5:0c:09:6c:19:cd:b1:2a:
b8:ad:fc:2a:5e:71:52:5d:1d:e5:87:9f:b1:0d:41:de:c0:2d:
36:8c:9d:9a:53:51:3e:73:5a:82:7e:57:d6:36:25:8d:03:e8:
38:45:91:e5:8f:b8:d9:9f:21:81:57:a9:c5:72:63:05:27:4f:
a9:52:01:55:9d:92:d6:a3:8c:ed:4d:03:11:ca:e3:5f:7a:6f:
08:75:13:2f:3d:6b:bc:52:c2:31:44:10:9a:bb:2e:20:dc:df:
d1:5b:69:96:8c:13:fe:bf:00:a6:e0:b6:70:01:92:cd:f5:ed:
b6:79:0c:65:a2:d1:66:bc:56:f5:50:ec:16:50:48:07:c1:93:
d6:62:f1:46:e7:07:c4:40:7b:e1:01:db:94:7f:a6:31:7a:47:
97:6d:82:6d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZLxFpRJSqmFKfv7ZO7dHacNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTAzMDgxNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRlMDdhZmQ4ZjE5NTAxNzRjYjFhNTdhNjEyYjE1NTE5NDk1ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8kqHl/WueNy4H+k45ifyEgQiNmp
chk+sjcJAal4Kd2bErMoSfbOjTSEmP3XTs+7eU0exA+vyyB9TqwfveuI0YWh31lz
d4Cz8GkiaMkzfc662R1pwSSXFYpWimll4yrRoI8p6sswhO/s1G7I4U4Gb0HoIKi4
sdJWWGw8QXkXtaenuxAtckfobIQF2y8JseVA/XIn9ZHwmi/d7mihb+DvKNTjJbPu
jJBXNGT47HSchedidK8TLa7VyNGiByknTvsR2lNSrR8pKeAr67UR4254xxsnI/Dt
s6SVbFfFJdUIm9dlqzD1CSPgrukljutUVvi9J5DB1yCYY5aTecB8SiRMKwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFITeB6/Y8ZUBdMsaV6YSsVUZSVgLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaE40SHI5anhsUUYweXhwWHBoS3hWUmxKV0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAHzhWAwQA
HzhwMAwDBAEfOaIDBAEfOaQDBAAfObQwDAMEAB86KQMEAB86KgMEAB86MAMEAR86
MgMEAR86OAMEAR86QAMEAB86iDANBgkqhkiG9w0BAQsFAAOCAQEABalC/DvZO8Pq
z+hA9uR2gq7clje+nFGaDQftVeZVQ9UeSNCauO+APNRLQC4bdn4fwxhJzmM07Xhm
9OnGvhAImIJE6WQIs55ABTvyP2e+LdNiT9BO+pB6T+0y2NKnxLxOOMZM8aUMCWwZ
zbEquK38Kl5xUl0d5YefsQ1B3sAtNoydmlNRPnNagn5X1jYljQPoOEWR5Y+42Z8h
gVepxXJjBSdPqVIBVZ2S1qOM7U0DEcrjX3pvCHUTLz1rvFLCMUQQmrsuINzf0Vtp
lowT/r8ApuC2cAGSzfXttnkMZaLRZrxW9VDsFlBIB8GT1mLxRucHxEB74QHblH+m
MXpHl22CbQ==
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:26:32 2024 by rpki-client on console-ams.rpki-client.org