Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qn7ZfqV2V3W4gk13V-Sks05uDbc.roa
File: qn7ZfqV2V3W4gk13V-Sks05uDbc.roa (raw, json)
Hash identifier: 27toDtXrTmaGWbwVEHE2ILofzueJzogg1dffCoL1ppo=
Subject key identifier: AA:7E:D9:7E:A5:76:57:75:B8:82:4D:77:57:E4:A4:B3:4E:6E:0D:B7
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0195EB3F03761BC120B0EE634115FD12E605
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qn7ZfqV2V3W4gk13V-Sks05uDbc.roa
Signing time: Mon 31 Mar 2025 08:08:50 +0000
ROA not before: Mon 31 Mar 2025 08:08:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 31.57.11.0/24 maxlen: 24
31.57.99.0/24 maxlen: 24
31.57.131.0/24 maxlen: 24
31.57.150.0/24 maxlen: 24
31.57.200.0/24 maxlen: 24
31.57.217.0/24 maxlen: 24
31.58.147.0/24 maxlen: 24
31.58.226.0/24 maxlen: 24
31.59.120.0/24 maxlen: 24
31.59.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:3f:03:76:1b:c1:20:b0:ee:63:41:15:fd:12:e6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Mar 31 08:08:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa7ed97ea5765775b8824d7757e4a4b34e6e0db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:02:5c:9e:1b:3b:2c:b9:56:65:49:fb:5e:e5:
b7:96:00:31:25:68:20:e4:b8:c3:ab:29:34:1b:c5:
1b:af:fd:ce:f3:d2:d0:e2:d7:d2:59:dd:3a:9d:c1:
b1:23:11:ae:8c:13:d0:91:f9:4a:20:04:a9:9f:e0:
bb:08:cb:8d:1c:a9:c0:03:2d:e6:b3:db:7c:47:74:
51:53:e2:ea:e4:cd:0a:a5:8f:4b:28:fd:61:f6:9e:
f7:8d:94:fb:0b:4b:a7:25:9e:48:86:a2:55:cb:86:
f0:03:45:88:fd:86:63:71:55:b1:45:6f:bc:82:84:
e8:22:10:20:94:e6:a1:b5:5e:c9:99:ea:e2:1a:c8:
07:8b:be:b7:da:ae:a5:82:6a:56:b7:56:0b:d5:cd:
20:7a:6d:aa:4a:23:00:dc:79:60:2c:ae:23:e8:5b:
d8:9e:4c:06:ad:79:72:ed:66:1b:a9:e3:ce:66:44:
b5:09:29:36:05:a5:a4:64:95:bf:b6:01:94:89:fd:
97:39:2d:03:cb:2e:50:62:d2:87:fc:49:e7:0f:2b:
81:00:42:d7:56:83:e5:04:a1:80:ad:bd:3e:aa:77:
92:7e:93:4a:22:17:84:04:e7:72:fd:14:b7:5e:97:
cd:46:8e:c7:31:5e:e4:ed:d0:0a:c4:5b:ef:9c:d5:
fd:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7E:D9:7E:A5:76:57:75:B8:82:4D:77:57:E4:A4:B3:4E:6E:0D:B7
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/qn7ZfqV2V3W4gk13V-Sks05uDbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.11.0/24
31.57.99.0/24
31.57.131.0/24
31.57.150.0/24
31.57.200.0/24
31.57.217.0/24
31.58.147.0/24
31.58.226.0/24
31.59.120.0/24
31.59.136.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5a:f2:f7:3f:5f:bd:54:e3:93:02:b8:13:72:71:15:93:b6:
36:46:58:7f:a0:7a:29:d1:08:1b:1c:49:e1:bf:18:f0:6c:b5:
53:9e:57:2c:c9:12:b4:70:16:3f:fc:e4:b3:70:84:e0:51:b0:
33:78:74:e8:de:93:8e:42:80:97:a0:f0:e3:93:c9:6d:96:41:
70:e7:4c:d1:2b:92:bd:af:1c:07:08:82:6d:1d:22:b0:c1:f3:
6d:f0:b3:3b:51:ff:3f:81:9b:84:8d:3c:ff:6a:2a:52:8b:ec:
31:6f:be:b3:de:d5:c1:8b:04:10:7c:5d:dc:20:86:8f:31:52:
8d:7f:aa:90:6f:fb:e3:11:17:e7:96:71:2c:3f:4b:1c:7e:bf:
cd:1b:e7:27:74:1f:d9:50:1e:dc:b0:e0:ce:24:9e:0a:45:67:
61:09:75:8d:f0:23:fb:1b:06:78:6b:d9:e4:f1:6d:c6:61:79:
a2:5d:29:ba:36:9d:d8:21:a6:8a:58:05:7d:d1:cb:5d:23:1c:
a9:31:0d:df:cf:60:8f:09:08:56:f6:a9:40:9d:cd:68:ea:d4:
a5:89:4c:4f:7b:d7:40:07:78:c2:ef:12:56:50:cd:eb:d7:5d:
cf:38:94:c3:30:2a:96:8b:7e:45:a6:c4:54:db:5d:ef:29:a2:
45:e2:7f:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZXrPwN2G8EgsO5jQRX9EuYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMzMxMDgwODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTdlZDk3ZWE1NzY1Nzc1Yjg4MjRkNzc1N2U0YTRiMzRlNmUwZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gJcnhs7LLlWZUn7XuW3lgAxJWgg
5LjDqyk0G8Ubr/3O89LQ4tfSWd06ncGxIxGujBPQkflKIASpn+C7CMuNHKnAAy3m
s9t8R3RRU+Lq5M0KpY9LKP1h9p73jZT7C0unJZ5IhqJVy4bwA0WI/YZjcVWxRW+8
goToIhAglOahtV7JmeriGsgHi7632q6lgmpWt1YL1c0gem2qSiMA3HlgLK4j6FvY
nkwGrXly7WYbqePOZkS1CSk2BaWkZJW/tgGUif2XOS0Dyy5QYtKH/EnnDyuBAELX
VoPlBKGArb0+qneSfpNKIheEBOdy/RS3XpfNRo7HMV7k7dAKxFvvnNX9VwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKp+2X6ldld1uIJNd1fkpLNObg23MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvcW43WmZxVjJWM1c0Z2sxM1YtU2tzMDV1RGJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAHzkLAwQA
HzljAwQAHzmDAwQAHzmWAwQAHznIAwQAHznZAwQAHzqTAwQAHzriAwQAHzt4AwQA
HzuIMA0GCSqGSIb3DQEBCwUAA4IBAQBKWvL3P1+9VOOTArgTcnEVk7Y2Rlh/oHop
0QgbHEnhvxjwbLVTnlcsyRK0cBY//OSzcITgUbAzeHTo3pOOQoCXoPDjk8ltlkFw
50zRK5K9rxwHCIJtHSKwwfNt8LM7Uf8/gZuEjTz/aipSi+wxb76z3tXBiwQQfF3c
IIaPMVKNf6qQb/vjERfnlnEsP0scfr/NG+cndB/ZUB7csODOJJ4KRWdhCXWN8CP7
GwZ4a9nk8W3GYXmiXSm6Np3YIaaKWAV90ctdIxypMQ3fz2CPCQhW9qlAnc1o6tSl
iUxPe9dAB3jC7xJWUM3r113POJTDMCqWi35FpsRU213vKaJF4n+G
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:36:52 2025 by rpki-client