Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iwu2G9YqzWiyeFaBd8kgSQGJhvg.roa
File: iwu2G9YqzWiyeFaBd8kgSQGJhvg.roa (raw, json)
Hash identifier: uMTKs+r7VNBUMoTeA9y8OKgRIj//xPiZJsJgmkcbQHE=
Subject key identifier: 8B:0B:B6:1B:D6:2A:CD:68:B2:78:56:81:77:C9:20:49:01:89:86:F8
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019555EBA171470D664FC62B0D923901F1D2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iwu2G9YqzWiyeFaBd8kgSQGJhvg.roa
Signing time: Sun 02 Mar 2025 08:14:20 +0000
ROA not before: Sun 02 Mar 2025 08:14:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 31.56.146.0/24 maxlen: 24
31.58.227.0/24 maxlen: 24
31.58.229.0/24 maxlen: 24
31.59.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:55:eb:a1:71:47:0d:66:4f:c6:2b:0d:92:39:01:f1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 2 08:14:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b0bb61bd62acd68b278568177c92049018986f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:0e:66:6a:2c:0a:33:52:2b:03:ff:f8:06:
b5:c4:1c:f1:83:d6:d0:a7:c8:27:fe:35:2d:74:1d:
1d:9e:83:94:b3:f1:f8:d4:d9:5c:5b:a7:6a:04:ed:
e0:ea:04:8d:1c:0c:01:b8:f9:71:92:13:86:cb:09:
ee:44:c6:06:69:ee:1a:38:ea:c5:81:45:0d:97:3f:
31:58:fe:74:ca:dc:66:d0:85:f4:25:81:60:a0:d8:
dc:b3:fe:4d:dd:8c:89:51:56:22:70:e7:bc:8c:14:
98:93:90:44:6d:61:df:cf:4c:5f:22:a0:82:ed:47:
e5:cb:f7:46:36:35:7d:29:bc:ef:e2:53:a4:52:5b:
77:06:85:cf:3b:00:2b:90:39:06:59:54:78:67:bc:
cb:cb:7f:03:ca:bb:a4:26:2f:31:ec:90:09:48:aa:
ad:32:50:eb:60:c5:68:b7:c4:68:9c:50:29:67:53:
40:1d:b9:9a:13:01:61:7c:9a:6a:39:25:0d:b2:a3:
27:3a:e1:48:55:1e:b1:19:5e:59:7e:32:73:18:50:
a3:19:f8:27:69:b9:ac:26:32:07:ce:fe:02:42:f9:
36:6f:76:27:a0:f7:d0:9d:b2:a4:2f:cb:71:df:21:
8b:34:1f:aa:25:18:5f:52:e7:82:fb:d2:e1:f3:b6:
8b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0B:B6:1B:D6:2A:CD:68:B2:78:56:81:77:C9:20:49:01:89:86:F8
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/iwu2G9YqzWiyeFaBd8kgSQGJhvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.146.0/24
31.58.227.0/24
31.58.229.0/24
31.59.35.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e4:3e:01:d2:35:8c:00:c0:c7:ad:d1:a4:c0:37:c4:c8:31:
7c:8a:4c:da:f9:54:57:df:98:d4:4f:ce:34:2d:cb:95:3e:3b:
b6:e6:0a:db:fd:b5:2d:2f:43:f5:41:31:f2:f7:e1:72:4f:57:
d4:17:b0:2c:b0:c0:68:54:05:b0:39:bb:9d:c8:a9:d2:8f:12:
16:c9:42:2f:02:6d:4c:cb:f7:86:69:2a:b8:b2:70:d0:01:ed:
a5:75:05:90:16:ae:dd:a6:1b:19:fc:4f:d7:36:dc:39:9e:e9:
a3:c8:8b:e9:6c:81:91:45:73:a1:4b:07:77:19:43:7d:1c:6b:
31:94:ac:a3:ce:92:40:a3:01:09:4d:37:4b:54:df:72:df:cf:
c8:98:74:69:96:54:0f:2d:3b:a3:12:89:e4:22:81:5f:a0:b8:
de:96:04:f2:f6:0f:51:2b:91:3d:74:2a:a7:c5:95:27:8c:e2:
b9:fc:94:b6:4d:1d:2c:26:23:1c:7d:1c:fc:ac:d8:35:d4:ac:
d8:83:18:f7:41:cf:7f:aa:2c:ee:00:75:4a:a5:88:0f:c9:1c:
28:7b:ef:26:da:51:a1:62:36:f0:33:ec:af:4f:da:62:26:94:
e6:4f:18:1a:d6:44:94:2a:04:75:14:68:8d:36:ed:d1:be:6b:
bd:49:86:21
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVV66FxRw1mT8YrDZI5AfHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzAyMDgxNDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBiYjYxYmQ2MmFjZDY4YjI3ODU2ODE3N2M5MjA0OTAxODk4NmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYwOZmosCjNSKwP/+Aa1xBzxg9bQ
p8gn/jUtdB0dnoOUs/H41NlcW6dqBO3g6gSNHAwBuPlxkhOGywnuRMYGae4aOOrF
gUUNlz8xWP50ytxm0IX0JYFgoNjcs/5N3YyJUVYicOe8jBSYk5BEbWHfz0xfIqCC
7Ufly/dGNjV9Kbzv4lOkUlt3BoXPOwArkDkGWVR4Z7zLy38DyrukJi8x7JAJSKqt
MlDrYMVot8RonFApZ1NAHbmaEwFhfJpqOSUNsqMnOuFIVR6xGV5ZfjJzGFCjGfgn
abmsJjIHzv4CQvk2b3YnoPfQnbKkL8tx3yGLNB+qJRhfUueC+9Lh87aLiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIsLthvWKs1osnhWgXfJIEkBiYb4MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvaXd1Mkc5WXF6V2l5ZUZhQmQ4a2dTUUdKaHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHziSAwQA
HzrjAwQAHzrlAwQAHzsjMA0GCSqGSIb3DQEBCwUAA4IBAQCD5D4B0jWMAMDHrdGk
wDfEyDF8ikza+VRX35jUT840LcuVPju25grb/bUtL0P1QTHy9+FyT1fUF7AssMBo
VAWwObudyKnSjxIWyUIvAm1My/eGaSq4snDQAe2ldQWQFq7dphsZ/E/XNtw5numj
yIvpbIGRRXOhSwd3GUN9HGsxlKyjzpJAowEJTTdLVN9y38/ImHRpllQPLTujEonk
IoFfoLjelgTy9g9RK5E9dCqnxZUnjOK5/JS2TR0sJiMcfRz8rNg11KzYgxj3Qc9/
qizuAHVKpYgPyRwoe+8m2lGhYjbwM+yvT9piJpTmTxga1kSUKgR1FGiNNu3Rvmu9
SYYh
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:56:10 2025 by rpki-client