Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mfq5_GDBxjStLqcUCDGXHNHd4vI.roa
File: mfq5_GDBxjStLqcUCDGXHNHd4vI.roa (raw, json)
Hash identifier: BKW+YJxIYCR6f9g11EljDVQui0EVosVN6ZOzfIe+BYo=
Subject key identifier: 99:FA:B9:FC:60:C1:C6:34:AD:2E:A7:14:08:31:97:1C:D1:DD:E2:F2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195FF60863CF01407C13F87528E0D14BAFB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mfq5_GDBxjStLqcUCDGXHNHd4vI.roa
Signing time: Fri 04 Apr 2025 05:57:50 +0000
ROA not before: Fri 04 Apr 2025 05:57:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 31.56.69.0/24 maxlen: 24
31.56.72.0/24 maxlen: 24
31.56.84.0/24 maxlen: 24
31.56.90.0/24 maxlen: 24
31.56.91.0/24 maxlen: 24
31.58.88.0/24 maxlen: 24
31.58.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:60:86:3c:f0:14:07:c1:3f:87:52:8e:0d:14:ba:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 4 05:57:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99fab9fc60c1c634ad2ea7140831971cd1dde2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b6:99:25:aa:b7:0c:5a:5a:43:61:bf:18:28:
c4:d5:09:43:92:c0:0f:aa:bb:c5:98:c6:43:61:c7:
d2:f3:6b:e1:f2:2b:22:c3:e8:79:ca:e5:aa:de:95:
7b:56:c6:07:d9:00:f8:49:db:02:d0:cf:f0:1a:a5:
47:af:cd:64:3a:ff:9b:e4:f1:a7:52:6a:9e:cc:c1:
af:0e:28:b3:47:64:ae:5f:99:74:39:43:22:2d:09:
cb:51:f3:f6:f9:af:04:70:fc:93:b2:74:c4:c6:ed:
89:cf:dc:c1:af:6f:15:53:36:77:45:66:2f:5b:ee:
21:f4:c7:57:3a:5b:c9:f1:1c:eb:82:2b:5c:40:8e:
fc:b5:3f:4f:5e:96:d9:6b:ce:86:e7:66:13:ba:be:
89:6a:ed:8a:e9:81:83:3a:c8:76:55:e1:6c:00:a6:
00:40:46:07:a3:5e:8b:b9:d5:82:4f:f5:c8:8b:2b:
51:cf:d8:13:ec:3e:bf:e6:24:3a:5b:3b:7e:97:7b:
ac:96:44:27:be:12:61:44:49:f9:47:f4:76:91:ec:
9b:7b:29:86:4d:f9:07:1a:b7:94:81:3d:65:2e:c6:
5f:be:1c:9b:d2:b7:42:3a:59:27:e6:47:9d:46:35:
ac:7a:b7:f1:64:00:ba:08:5b:66:b1:c9:a3:99:73:
45:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FA:B9:FC:60:C1:C6:34:AD:2E:A7:14:08:31:97:1C:D1:DD:E2:F2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/mfq5_GDBxjStLqcUCDGXHNHd4vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.69.0/24
31.56.72.0/24
31.56.84.0/24
31.56.90.0/23
31.58.88.0/23
Signature Algorithm: sha256WithRSAEncryption
11:11:5c:b5:27:3c:d7:42:c0:b1:6e:97:20:83:6b:b3:a8:c1:
6b:6c:60:8b:e9:d2:ce:97:52:18:2e:62:54:f6:11:34:fb:69:
fa:3e:74:22:7e:04:e5:95:fd:6b:87:23:55:f0:36:7f:d7:7e:
a2:a2:70:aa:05:44:a9:95:36:f0:24:94:80:e1:96:65:b5:f8:
f9:91:21:68:74:b2:2a:5c:6d:e2:dd:07:a8:46:36:82:e9:ad:
81:67:1f:b2:f9:24:16:d1:c5:80:c8:c6:8f:8c:e6:f6:f9:17:
4a:31:19:b6:f6:ed:46:48:7c:41:aa:2d:40:d4:2d:b9:2b:53:
5a:32:f3:9d:19:8d:e2:c3:3d:98:f2:16:e7:ee:1f:f1:02:5e:
41:db:0e:6b:92:c2:0f:7b:87:b7:09:62:5a:50:c7:61:a8:b3:
7a:9f:eb:5b:ef:06:99:34:08:f5:30:82:5b:0c:85:b6:a7:38:
62:27:74:bd:40:cf:fa:0a:ea:e6:89:bd:12:c4:b2:4f:27:2f:
64:91:27:5f:54:f1:51:b9:b8:83:9c:c2:83:ea:b2:53:34:8d:
49:63:b0:d0:6a:67:8f:9b:88:e0:08:90:0e:ad:eb:b1:7e:70:
ea:4d:82:4e:dd:8a:2b:29:f6:b6:ed:c6:c4:7b:c8:cb:64:20:
67:40:b2:02
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZX/YIY88BQHwT+HUo4NFLr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA0MDU1NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZhYjlmYzYwYzFjNjM0YWQyZWE3MTQwODMxOTcxY2QxZGRlMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubaZJaq3DFpaQ2G/GCjE1QlDksAP
qrvFmMZDYcfS82vh8isiw+h5yuWq3pV7VsYH2QD4SdsC0M/wGqVHr81kOv+b5PGn
UmqezMGvDiizR2SuX5l0OUMiLQnLUfP2+a8EcPyTsnTExu2Jz9zBr28VUzZ3RWYv
W+4h9MdXOlvJ8RzrgitcQI78tT9PXpbZa86G52YTur6Jau2K6YGDOsh2VeFsAKYA
QEYHo16LudWCT/XIiytRz9gT7D6/5iQ6Wzt+l3uslkQnvhJhREn5R/R2keybeymG
TfkHGreUgT1lLsZfvhyb0rdCOlkn5kedRjWserfxZAC6CFtmscmjmXNFLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJn6ufxgwcY0rS6nFAgxlxzR3eLyMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvbWZxNV9HREJ4alN0THFjVUNER1hITkhkNHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAHzhFAwQA
HzhIAwQAHzhUAwQBHzhaAwQBHzpYMA0GCSqGSIb3DQEBCwUAA4IBAQAREVy1JzzX
QsCxbpcgg2uzqMFrbGCL6dLOl1IYLmJU9hE0+2n6PnQifgTllf1rhyNV8DZ/136i
onCqBUSplTbwJJSA4ZZltfj5kSFodLIqXG3i3QeoRjaC6a2BZx+y+SQW0cWAyMaP
jOb2+RdKMRm29u1GSHxBqi1A1C25K1NaMvOdGY3iwz2Y8hbn7h/xAl5B2w5rksIP
e4e3CWJaUMdhqLN6n+tb7waZNAj1MIJbDIW2pzhiJ3S9QM/6Curmib0SxLJPJy9k
kSdfVPFRubiDnMKD6rJTNI1JY7DQamePm4jgCJAOreuxfnDqTYJO3YorKfa27cbE
e8jLZCBnQLIC
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:47 2025 by rpki-client