Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k93tRHNgeBC7lJmp1DBioNdGF_4.roa
File: k93tRHNgeBC7lJmp1DBioNdGF_4.roa (raw, json)
Hash identifier: prPu+VWARe6HgOkbruofh9eJ7mm6diS6WHWEfVIjN3g=
Subject key identifier: 93:DD:ED:44:73:60:78:10:BB:94:99:A9:D4:30:62:A0:D7:46:17:FE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0194880B453AE13D1E6731B8741A18BD321E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k93tRHNgeBC7lJmp1DBioNdGF_4.roa
Signing time: Tue 21 Jan 2025 08:47:07 +0000
ROA not before: Tue 21 Jan 2025 08:47:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 31.57.159.0/24 maxlen: 24
31.57.201.0/24 maxlen: 24
31.57.207.0/24 maxlen: 24
31.57.220.0/24 maxlen: 24
31.59.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 03:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:0b:45:3a:e1:3d:1e:67:31:b8:74:1a:18:bd:32:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 21 08:47:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93dded4473607810bb9499a9d43062a0d74617fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:8c:bf:12:98:da:61:fc:b7:46:ce:88:93:
44:2f:e7:1a:10:a4:9a:bd:5e:25:7c:3b:81:aa:80:
e8:e1:33:c0:3e:28:32:27:2b:c0:83:d3:f9:33:8f:
19:d7:e3:f4:8e:7c:6a:f2:77:6f:57:24:eb:d7:c0:
da:b1:e0:02:5d:42:ac:f9:8c:70:b1:13:1f:b0:fe:
e9:52:7e:68:fa:8b:d2:a2:06:1f:01:35:d8:a4:ca:
9b:35:09:04:b6:1c:40:50:9c:54:67:46:62:05:36:
ff:6c:17:cd:37:46:67:0d:0d:8c:c9:88:37:22:f1:
b9:b0:aa:5d:9f:ec:d2:ed:4f:88:f5:07:f9:4c:11:
59:44:af:95:df:3e:68:1a:d3:8d:94:34:69:9b:dd:
8a:ca:94:c9:d8:0c:b5:19:6f:4b:61:02:f7:06:ca:
5c:d7:c5:de:a4:fc:13:a8:91:c5:bd:aa:9b:db:a2:
79:ee:29:56:58:04:38:72:ee:a0:37:ed:dd:5d:49:
57:43:2f:21:f1:74:2e:35:b7:eb:6f:1e:5a:f1:45:
e1:e7:a0:c0:89:d1:26:f0:25:c5:6c:1f:3b:e2:33:
02:82:91:58:84:c0:8d:73:b7:d0:10:c2:e4:41:3a:
c4:11:22:e7:45:b2:c1:3b:77:70:34:74:6a:03:75:
e6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DD:ED:44:73:60:78:10:BB:94:99:A9:D4:30:62:A0:D7:46:17:FE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/k93tRHNgeBC7lJmp1DBioNdGF_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.159.0/24
31.57.201.0/24
31.57.207.0/24
31.57.220.0/24
31.59.98.0/24
Signature Algorithm: sha256WithRSAEncryption
03:d2:45:0b:61:23:25:e4:45:33:5b:35:bd:68:ec:04:16:59:
3f:30:f6:31:0a:29:bc:49:2e:f3:86:25:e9:fd:68:a7:4e:af:
fe:12:72:61:83:24:93:5b:04:04:35:b4:19:17:31:ff:8b:2b:
17:10:bb:f9:e6:11:22:5c:fd:72:6a:61:f5:a2:b7:b7:5e:58:
f4:4b:fc:03:ec:fd:21:e7:71:49:46:d9:79:49:81:4e:45:d8:
40:89:fc:7f:9e:c5:ff:92:99:bb:92:ce:aa:79:1c:66:d7:80:
ab:bd:9f:15:df:a0:04:e6:c8:9a:f2:4b:2d:d0:15:2b:8d:ab:
5f:2a:5a:34:85:9e:0c:76:26:5b:7f:26:3a:5c:4f:e9:0f:ed:
9e:ce:81:ee:bb:d0:02:cf:37:ff:16:e6:11:a0:67:dd:a5:ba:
03:62:0b:c4:80:fa:7b:69:55:45:d2:76:5c:45:ad:3b:15:43:
ad:6e:3e:64:b1:aa:e1:78:8c:21:54:7d:59:1f:05:2a:22:8b:
4c:48:05:c3:f8:bc:4f:8d:6b:b5:6f:0f:ba:d0:0e:3e:e4:0c:
dd:fe:a8:2d:12:dd:0b:e2:2c:74:15:46:24:06:99:20:87:a8:
d2:5c:cb:5c:06:65:c1:0f:e7:42:06:e1:3e:af:c3:d0:5b:32:
f1:47:ba:f0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSIC0U64T0eZzG4dBoYvTIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTIxMDg0NzA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2RkZWQ0NDczNjA3ODEwYmI5NDk5YTlkNDMwNjJhMGQ3NDYxN2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulKMvxKY2mH8t0bOiJNEL+caEKSa
vV4lfDuBqoDo4TPAPigyJyvAg9P5M48Z1+P0jnxq8ndvVyTr18DaseACXUKs+Yxw
sRMfsP7pUn5o+ovSogYfATXYpMqbNQkEthxAUJxUZ0ZiBTb/bBfNN0ZnDQ2MyYg3
IvG5sKpdn+zS7U+I9Qf5TBFZRK+V3z5oGtONlDRpm92KypTJ2Ay1GW9LYQL3Bspc
18XepPwTqJHFvaqb26J57ilWWAQ4cu6gN+3dXUlXQy8h8XQuNbfrbx5a8UXh56DA
idEm8CXFbB874jMCgpFYhMCNc7fQEMLkQTrEESLnRbLBO3dwNHRqA3XmgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJPd7URzYHgQu5SZqdQwYqDXRhf+MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvazkzdFJITmdlQkM3bEptcDFEQmlvTmRHRl80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzmfAwQA
HznJAwQAHznPAwQAHzncAwQAHztiMA0GCSqGSIb3DQEBCwUAA4IBAQAD0kULYSMl
5EUzWzW9aOwEFlk/MPYxCim8SS7zhiXp/WinTq/+EnJhgySTWwQENbQZFzH/iysX
ELv55hEiXP1yamH1ore3Xlj0S/wD7P0h53FJRtl5SYFORdhAifx/nsX/kpm7ks6q
eRxm14CrvZ8V36AE5sia8kst0BUrjatfKlo0hZ4MdiZbfyY6XE/pD+2ezoHuu9AC
zzf/FuYRoGfdpboDYgvEgPp7aVVF0nZcRa07FUOtbj5ksarheIwhVH1ZHwUqIotM
SAXD+LxPjWu1bw+60A4+5Azd/qgtEt0L4ix0FUYkBpkgh6jSXMtcBmXBD+dCBuE+
r8PQWzLxR7rw
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:48:52 2025 by rpki-client