Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vQIk9lynHdvsdZhg6gDgRa76soM.roa
File: vQIk9lynHdvsdZhg6gDgRa76soM.roa (raw, json)
Hash identifier: FnU3uJdPZD8RAfx2eIKEqEjBTkJsVOrmDp3shly/xFc=
Subject key identifier: BD:02:24:F6:5C:A7:1D:DB:EC:75:98:60:EA:00:E0:45:AE:FA:B2:83
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0192D2C5E33286C6FD7E700B844F094C0B79
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vQIk9lynHdvsdZhg6gDgRa76soM.roa
Signing time: Mon 28 Oct 2024 10:57:17 +0000
ROA not before: Mon 28 Oct 2024 10:57:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 31.56.176.0/22 maxlen: 24
31.56.180.0/22 maxlen: 24
31.56.184.0/22 maxlen: 24
31.56.188.0/22 maxlen: 24
31.56.192.0/22 maxlen: 24
31.56.196.0/22 maxlen: 24
31.56.200.0/22 maxlen: 24
31.56.204.0/22 maxlen: 24
31.56.208.0/22 maxlen: 24
31.56.212.0/22 maxlen: 24
31.56.216.0/22 maxlen: 24
31.56.220.0/22 maxlen: 24
31.56.224.0/22 maxlen: 24
31.56.228.0/22 maxlen: 24
31.56.232.0/22 maxlen: 24
31.56.236.0/22 maxlen: 24
31.58.36.0/22 maxlen: 24
31.58.44.0/22 maxlen: 24
31.58.52.0/22 maxlen: 24
31.58.60.0/22 maxlen: 24
31.59.36.0/22 maxlen: 24
31.59.44.0/22 maxlen: 24
31.59.196.0/22 maxlen: 24
31.59.200.0/22 maxlen: 24
31.59.204.0/22 maxlen: 24
31.59.208.0/22 maxlen: 24
31.59.212.0/22 maxlen: 24
31.59.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:c5:e3:32:86:c6:fd:7e:70:0b:84:4f:09:4c:0b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 28 10:57:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd0224f65ca71ddbec759860ea00e045aefab283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:b9:5f:61:e4:72:8a:2f:5a:80:f7:c9:15:
32:8f:e7:2e:d4:92:2a:84:10:bb:00:2b:63:d5:ac:
dd:41:b9:b1:f4:08:75:17:9b:67:bb:b3:62:22:5f:
32:58:94:63:6f:2d:b1:e7:04:cb:47:28:c3:50:da:
4d:81:00:7f:14:5e:0e:7b:2c:27:c9:2d:d7:80:76:
3d:4f:3e:8a:95:99:66:6b:50:43:31:8d:cf:47:da:
33:b2:f0:54:c4:33:a7:ee:52:da:86:24:43:64:10:
76:b7:b2:d7:eb:e0:a4:73:de:0d:be:f0:6a:78:89:
31:50:4d:51:4a:1f:f4:42:fb:3f:55:7f:d6:c7:5b:
c0:c4:a3:7f:e3:37:29:df:18:ad:fd:e8:c9:4e:cc:
fe:42:27:0a:d6:6c:a9:64:7b:1f:95:92:22:f9:a5:
02:9a:0f:32:fe:ca:9f:a3:98:25:28:9e:41:8a:83:
3b:ab:0f:40:e7:54:6a:e0:15:68:4a:f8:bf:26:d7:
53:22:62:02:6d:c2:5c:15:f1:ff:40:37:24:51:81:
4a:84:fa:6b:3e:c0:78:d2:f7:5f:07:13:9e:a8:54:
98:0a:8e:7d:e3:52:b0:84:45:2a:da:e6:b2:76:43:
b4:6b:df:e8:7c:a3:8a:bd:a9:a5:35:df:54:5b:97:
e4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:02:24:F6:5C:A7:1D:DB:EC:75:98:60:EA:00:E0:45:AE:FA:B2:83
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/vQIk9lynHdvsdZhg6gDgRa76soM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.176.0-31.56.239.255
31.58.36.0/22
31.58.44.0/22
31.58.52.0/22
31.58.60.0/22
31.59.36.0/22
31.59.44.0/22
31.59.196.0-31.59.215.255
31.59.220.0/22
Signature Algorithm: sha256WithRSAEncryption
69:ce:68:65:87:8c:d5:68:af:b3:d9:5c:86:87:0c:4f:14:3c:
69:69:3f:9c:90:7d:92:1a:af:10:d9:ea:3c:cb:84:f1:96:63:
7e:bb:05:e6:f7:f7:83:4d:85:72:ac:77:8e:56:f7:20:fc:8e:
ac:77:af:1b:1f:2a:01:39:27:30:b2:63:29:f6:f0:b4:49:90:
1e:85:08:e2:e7:15:03:9d:f6:a3:6b:7b:8d:59:73:6e:6f:f3:
6d:53:3e:ac:a3:5a:ba:1f:54:25:50:b0:7c:12:31:60:f1:28:
87:a5:6a:ef:6d:f5:47:cb:2c:f0:23:27:9a:7e:ca:bb:2e:99:
0f:af:0c:64:47:14:9b:49:75:91:b6:e3:d6:cb:ea:2b:2a:e7:
ba:74:f3:07:41:b5:e6:c5:87:d7:82:ad:cf:42:05:7f:69:2f:
ab:3a:9e:6c:ac:48:7d:1d:cf:11:f9:49:a3:ca:5f:d2:69:de:
b9:75:4a:71:36:b9:15:6d:4c:56:ca:de:8f:09:f6:5b:dd:dc:
0f:bd:c6:50:78:ac:5a:1e:79:d8:d8:db:7d:8f:0e:84:d6:39:
fa:95:5d:df:50:ca:f7:73:93:ef:7c:d9:b6:8d:8d:bd:c6:c9:
47:f0:c0:25:31:69:3c:d3:f7:fd:1b:92:99:fa:18:6b:b0:66:
b9:10:61:4b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZLSxeMyhsb9fnALhE8JTAt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDI4MTA1NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDAyMjRmNjVjYTcxZGRiZWM3NTk4NjBlYTAwZTA0NWFlZmFiMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruW5X2HkcoovWoD3yRUyj+cu1JIq
hBC7ACtj1azdQbmx9Ah1F5tnu7NiIl8yWJRjby2x5wTLRyjDUNpNgQB/FF4Oeywn
yS3XgHY9Tz6KlZlma1BDMY3PR9ozsvBUxDOn7lLahiRDZBB2t7LX6+Ckc94NvvBq
eIkxUE1RSh/0Qvs/VX/Wx1vAxKN/4zcp3xit/ejJTsz+QicK1mypZHsflZIi+aUC
mg8y/sqfo5glKJ5BioM7qw9A51Rq4BVoSvi/JtdTImICbcJcFfH/QDckUYFKhPpr
PsB40vdfBxOeqFSYCo5941KwhEUq2uaydkO0a9/ofKOKvamlNd9UW5fkZwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFL0CJPZcpx3b7HWYYOoA4EWu+rKDMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdlFJazlseW5IZHZzZFpoZzZnRGdSYTc2c29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAQfOLAD
BAQfOOADBAIfOiQDBAIfOiwDBAIfOjQDBAIfOjwDBAIfOyQDBAIfOywwDAMEAh87
xAMEAx870AMEAh873DANBgkqhkiG9w0BAQsFAAOCAQEAac5oZYeM1Wivs9lchocM
TxQ8aWk/nJB9khqvENnqPMuE8ZZjfrsF5vf3g02Fcqx3jlb3IPyOrHevGx8qATkn
MLJjKfbwtEmQHoUI4ucVA532o2t7jVlzbm/zbVM+rKNauh9UJVCwfBIxYPEoh6Vq
7231R8ss8CMnmn7Kuy6ZD68MZEcUm0l1kbbj1svqKyrnunTzB0G15sWH14Ktz0IF
f2kvqzqebKxIfR3PEflJo8pf0mneuXVKcTa5FW1MVsrejwn2W93cD73GUHisWh55
2NjbfY8OhNY5+pVd31DK93OT73zZto2NvcbJR/DAJTFpPNP3/RuSmfoYa7BmuRBh
Sw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:15 2024 by rpki-client on console-ams.rpki-client.org