Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kyQoDM7bAnJ2f7CJ1yl_8xGM8Ms.roa
File: kyQoDM7bAnJ2f7CJ1yl_8xGM8Ms.roa (raw, json)
Hash identifier: /Vy2GHzg/gJPrsB+a6InYLgAG23enQmdKK2sF4PdiaI=
Subject key identifier: 93:24:28:0C:CE:DB:02:72:76:7F:B0:89:D7:29:7F:F3:11:8C:F0:CB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01945E6A98995E4EA1A6D0A3BDD08DE3ED9E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kyQoDM7bAnJ2f7CJ1yl_8xGM8Ms.roa
Signing time: Mon 13 Jan 2025 06:47:11 +0000
ROA not before: Mon 13 Jan 2025 06:47:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 31.56.4.0/24 maxlen: 24
31.56.63.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.147.0/24 maxlen: 24
31.58.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5e:6a:98:99:5e:4e:a1:a6:d0:a3:bd:d0:8d:e3:ed:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 13 06:47:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9324280ccedb0272767fb089d7297ff3118cf0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:39:ad:1b:b6:6a:7f:f3:f8:32:f0:79:1f:
ca:d3:f2:37:10:d9:33:d5:81:f3:07:bd:3d:9c:e2:
df:e6:32:08:00:3f:90:4a:4b:e3:4d:a5:68:87:f4:
90:cf:e9:98:cd:70:2d:b2:9c:06:59:e3:43:80:75:
b4:bc:54:c6:b9:95:45:53:4e:60:e7:e7:86:5d:40:
a4:03:d9:20:8b:33:f3:91:9e:a5:6b:9c:47:55:47:
4a:81:b7:c7:7d:3f:0e:e4:70:f4:96:42:cc:d0:29:
12:0c:b7:a6:00:17:77:bd:71:3b:09:d9:b7:70:71:
e4:a7:96:85:96:03:69:9d:7c:f5:f4:5d:01:ec:21:
87:89:f0:f3:e7:3e:fe:a7:f9:d2:15:13:d0:8a:e4:
bb:bb:ab:d7:ed:cb:ca:59:8d:1b:8c:42:2b:d9:b6:
11:e4:24:bd:53:88:50:99:e9:a2:d8:2a:96:72:88:
11:32:ee:9b:4b:80:74:b6:14:ee:51:7b:cd:64:03:
61:2b:b5:c8:b0:21:fb:7e:da:16:de:fb:20:81:53:
e4:91:8a:b2:81:9d:fc:8e:4f:0e:1a:75:fd:d3:98:
11:29:af:d7:5b:af:70:20:3b:2a:38:91:21:95:e2:
dd:83:56:7e:88:83:ae:65:68:7d:5f:f1:54:4e:34:
14:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:24:28:0C:CE:DB:02:72:76:7F:B0:89:D7:29:7F:F3:11:8C:F0:CB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/kyQoDM7bAnJ2f7CJ1yl_8xGM8Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.4.0/24
31.56.63.0/24
31.57.140.0/24
31.57.147.0/24
31.58.66.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:5d:72:dd:74:19:4c:dd:a9:e0:9b:26:0b:0b:bc:1c:f7:f7:
6f:bc:29:0b:b0:99:26:78:6a:e5:1e:02:ac:7c:30:fe:86:58:
b0:bf:14:90:ab:2e:5e:10:35:14:1f:cc:a7:72:cd:57:8d:33:
3b:37:0a:45:9e:eb:4d:38:9c:e9:98:82:0e:aa:39:65:c8:96:
55:32:26:54:7b:1b:84:6e:d3:87:b7:16:d2:f0:66:8d:e4:bc:
e8:bd:18:2f:9a:04:1d:96:3e:05:d5:2e:c5:49:a3:ad:fd:dc:
b1:56:86:47:82:d2:ff:d1:c0:d6:b5:7e:5b:ca:4f:e8:3b:39:
b1:c4:f7:50:77:18:1a:a1:6d:31:3b:94:cf:5c:7f:77:10:49:
3a:de:a4:48:43:4e:d7:aa:79:ee:68:13:2a:86:ae:45:aa:1e:
48:d5:59:17:3a:f9:b3:7f:0f:e1:41:e8:85:02:36:28:a0:ed:
66:65:3c:ba:c4:db:1a:6d:e9:03:6b:ce:15:fe:a7:00:4a:4a:
19:6b:66:a7:e7:43:07:fe:ab:81:c0:a6:41:61:64:aa:ae:c8:
f4:17:0b:28:2c:3d:c7:d2:69:e7:82:39:c9:6b:f9:fe:bd:da:
3b:9e:03:0d:6b:ed:e2:6c:e6:f1:8b:74:f4:a7:2c:6e:fe:04:
84:95:47:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZReapiZXk6hptCjvdCN4+2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTEzMDY0NzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzI0MjgwY2NlZGIwMjcyNzY3ZmIwODlkNzI5N2ZmMzExOGNmMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSE5rRu2an/z+DLweR/K0/I3ENkz
1YHzB709nOLf5jIIAD+QSkvjTaVoh/SQz+mYzXAtspwGWeNDgHW0vFTGuZVFU05g
5+eGXUCkA9kgizPzkZ6la5xHVUdKgbfHfT8O5HD0lkLM0CkSDLemABd3vXE7Cdm3
cHHkp5aFlgNpnXz19F0B7CGHifDz5z7+p/nSFRPQiuS7u6vX7cvKWY0bjEIr2bYR
5CS9U4hQmemi2CqWcogRMu6bS4B0thTuUXvNZANhK7XIsCH7ftoW3vsggVPkkYqy
gZ38jk8OGnX905gRKa/XW69wIDsqOJEhleLdg1Z+iIOuZWh9X/FUTjQUUQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJMkKAzO2wJydn+widcpf/MRjPDLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEva3lRb0RNN2JBbkoyZjdDSjF5bF84eEdNOE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzgEAwQA
Hzg/AwQAHzmMAwQAHzmTAwQAHzpCMA0GCSqGSIb3DQEBCwUAA4IBAQC0XXLddBlM
3angmyYLC7wc9/dvvCkLsJkmeGrlHgKsfDD+hliwvxSQqy5eEDUUH8yncs1XjTM7
NwpFnutNOJzpmIIOqjllyJZVMiZUexuEbtOHtxbS8GaN5LzovRgvmgQdlj4F1S7F
SaOt/dyxVoZHgtL/0cDWtX5byk/oOzmxxPdQdxgaoW0xO5TPXH93EEk63qRIQ07X
qnnuaBMqhq5Fqh5I1VkXOvmzfw/hQeiFAjYooO1mZTy6xNsabekDa84V/qcASkoZ
a2an50MH/quBwKZBYWSqrsj0FwsoLD3H0mnngjnJa/n+vdo7ngMNa+3ibObxi3T0
pyxu/gSElUeU
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:07:57 2025 by rpki-client