Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rVrrv1JMNtTae5U14uz99zIVprs.roa
File: rVrrv1JMNtTae5U14uz99zIVprs.roa (raw, json)
Hash identifier: oa6GFgr/MjUJH7ROLJzjrNgMWGdeZXAcf2fY8bstjIc=
Subject key identifier: AD:5A:EB:BF:52:4C:36:D4:DA:7B:95:35:E2:EC:FD:F7:32:15:A6:BB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019428233E2D7C28E04860617E440FE345A2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rVrrv1JMNtTae5U14uz99zIVprs.roa
Signing time: Thu 02 Jan 2025 17:49:45 +0000
ROA not before: Thu 02 Jan 2025 17:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 31.56.138.0/24 maxlen: 24
31.57.43.0/24 maxlen: 24
31.57.76.0/24 maxlen: 24
31.57.83.0/24 maxlen: 24
31.57.84.0/24 maxlen: 24
31.57.88.0/24 maxlen: 24
31.57.91.0/24 maxlen: 24
31.58.9.0/24 maxlen: 24
31.58.23.0/24 maxlen: 24
31.58.24.0/24 maxlen: 24
31.59.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:3e:2d:7c:28:e0:48:60:61:7e:44:0f:e3:45:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jan 2 17:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad5aebbf524c36d4da7b9535e2ecfdf73215a6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:11:4d:1b:f1:3b:f0:1a:f0:b8:3a:8a:df:09:
d8:1e:e8:dd:73:db:9a:b1:7a:48:c3:fa:27:05:45:
df:7a:38:5a:5f:f5:28:50:b2:46:50:fe:7d:3a:65:
e5:a1:ce:44:7c:64:a8:f0:fb:84:63:8a:34:9d:36:
38:06:8f:33:a7:a0:4c:7b:17:e3:66:e1:38:8b:bc:
0c:f9:42:9b:43:b0:54:25:26:9d:1c:0b:0c:ef:22:
df:cf:83:fe:65:13:ef:c0:b1:97:09:a1:ca:86:51:
1f:74:3f:c7:81:6a:b9:89:8a:4d:37:1d:65:54:c1:
9a:9e:aa:6c:2c:43:bd:f1:16:63:23:47:b0:fa:51:
8b:8e:15:6d:7e:91:00:44:89:75:da:74:78:f7:5a:
a1:aa:2b:b7:91:59:3e:43:6b:14:5c:2c:08:1c:f9:
a2:61:4b:3b:53:70:52:00:74:d1:14:53:0c:3c:17:
9f:fa:3b:3f:c7:ce:cb:76:e3:df:cd:d7:e9:4c:d0:
ec:d0:66:04:b5:15:43:aa:f4:f5:95:4d:2c:f2:a8:
07:05:bd:30:45:80:00:79:54:13:7e:a7:d3:b7:d6:
68:f9:2e:97:fc:43:23:82:a3:ab:83:36:63:1e:9d:
c6:23:db:db:f1:a8:ab:a1:53:44:c8:70:43:52:84:
92:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:5A:EB:BF:52:4C:36:D4:DA:7B:95:35:E2:EC:FD:F7:32:15:A6:BB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/rVrrv1JMNtTae5U14uz99zIVprs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.138.0/24
31.57.43.0/24
31.57.76.0/24
31.57.83.0-31.57.84.255
31.57.88.0/24
31.57.91.0/24
31.58.9.0/24
31.58.23.0-31.58.24.255
31.59.10.0/24
Signature Algorithm: sha256WithRSAEncryption
31:39:aa:72:4c:a5:16:31:92:4e:9e:02:92:b2:75:c4:24:b9:
af:6e:4c:a6:1f:f4:21:0a:4c:4e:c1:b7:7d:fb:c4:e3:38:15:
f2:03:df:0c:83:de:96:0c:f5:74:a2:83:ee:c9:af:dd:92:b5:
6b:8c:25:f8:26:48:b5:48:58:41:27:f5:85:82:e6:18:95:73:
15:4a:e6:8a:a7:73:3e:3d:5b:02:08:26:99:26:a3:e4:a1:41:
3d:d6:2d:59:29:c1:aa:52:c2:d3:f4:8e:61:24:8f:9b:9f:98:
d8:3e:15:ea:52:f5:7e:90:42:32:2d:22:d4:8d:b3:c1:e6:e2:
35:99:4c:75:9d:ad:32:b1:e0:79:97:d8:ae:3a:84:73:cd:0f:
60:a1:ab:81:52:57:bb:31:9c:ee:d3:b1:5e:36:78:ae:7a:4b:
8d:cd:c0:7f:07:80:92:3c:da:e8:15:74:ec:50:92:4e:09:f7:
da:c4:09:91:90:e2:9a:1a:5c:11:0d:82:18:8c:38:79:ba:76:
c6:ca:41:1c:49:0f:19:a4:20:69:eb:f3:f8:10:ce:43:14:bb:
ea:8f:83:bf:ff:d0:bb:ee:ae:89:78:a2:0c:c9:6f:ea:a2:45:
bd:2f:cd:9f:37:1c:e4:1a:b4:d2:e3:5b:fd:9c:93:b0:04:0c:
7d:3f:e3:23
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQoIz4tfCjgSGBhfkQP40WiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwMTAyMTc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDVhZWJiZjUyNGMzNmQ0ZGE3Yjk1MzVlMmVjZmRmNzMyMTVhNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRFNG/E78BrwuDqK3wnYHujdc9ua
sXpIw/onBUXfejhaX/UoULJGUP59OmXloc5EfGSo8PuEY4o0nTY4Bo8zp6BMexfj
ZuE4i7wM+UKbQ7BUJSadHAsM7yLfz4P+ZRPvwLGXCaHKhlEfdD/HgWq5iYpNNx1l
VMGanqpsLEO98RZjI0ew+lGLjhVtfpEARIl12nR491qhqiu3kVk+Q2sUXCwIHPmi
YUs7U3BSAHTRFFMMPBef+js/x87LduPfzdfpTNDs0GYEtRVDqvT1lU0s8qgHBb0w
RYAAeVQTfqfTt9Zo+S6X/EMjgqOrgzZjHp3GI9vb8airoVNEyHBDUoSShwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFK1a679STDbU2nuVNeLs/fcyFaa7MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvclZycnYxSk1OdFRhZTVVMTR1ejk5eklWcHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAHziKAwQA
HzkrAwQAHzlMMAwDBAAfOVMDBAAfOVQDBAAfOVgDBAAfOVsDBAAfOgkwDAMEAB86
FwMEAB86GAMEAB87CjANBgkqhkiG9w0BAQsFAAOCAQEAMTmqckylFjGSTp4CkrJ1
xCS5r25Mph/0IQpMTsG3ffvE4zgV8gPfDIPelgz1dKKD7smv3ZK1a4wl+CZItUhY
QSf1hYLmGJVzFUrmiqdzPj1bAggmmSaj5KFBPdYtWSnBqlLC0/SOYSSPm5+Y2D4V
6lL1fpBCMi0i1I2zwebiNZlMdZ2tMrHgeZfYrjqEc80PYKGrgVJXuzGc7tOxXjZ4
rnpLjc3AfweAkjza6BV07FCSTgn32sQJkZDimhpcEQ2CGIw4ebp2xspBHEkPGaQg
aevz+BDOQxS76o+Dv//Qu+6uiXiiDMlv6qJFvS/Nnzcc5Bq00uNb/ZyTsAQMfT/j
Iw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 13:51:06 2025 by rpki-client