Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ws7paC4eeM5UFfeLKO-N9iCCHTQ.roa
File: ws7paC4eeM5UFfeLKO-N9iCCHTQ.roa (raw, json)
Hash identifier: I1o+k9qPHkhzXXqCAUBCubThFnnqlBBw+aa40E2Sh6Q=
Subject key identifier: C2:CE:E9:68:2E:1E:78:CE:54:15:F7:8B:28:EF:8D:F6:20:82:1D:34
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01932EE96DFF95F11C0BA0186A4953ACFEAD
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ws7paC4eeM5UFfeLKO-N9iCCHTQ.roa
Signing time: Fri 15 Nov 2024 08:21:10 +0000
ROA not before: Fri 15 Nov 2024 08:21:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 31.56.8.0/21 maxlen: 24
31.56.142.0/23 maxlen: 24
31.56.148.0/22 maxlen: 24
31.58.208.0/24 maxlen: 24
31.58.209.0/24 maxlen: 24
31.58.210.0/24 maxlen: 24
31.58.211.0/24 maxlen: 24
31.59.136.0/21 maxlen: 24
31.59.144.0/21 maxlen: 24
31.59.152.0/21 maxlen: 24
31.59.160.0/21 maxlen: 24
31.59.168.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:2e:e9:6d:ff:95:f1:1c:0b:a0:18:6a:49:53:ac:fe:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 15 08:21:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c2cee9682e1e78ce5415f78b28ef8df620821d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dc:36:5a:ef:86:bb:c8:27:c3:bb:a9:11:16:
e2:c1:34:49:fd:ad:1b:d2:4f:fb:e9:70:8e:4d:e6:
00:56:fe:f5:68:85:f8:5a:74:ba:23:7a:ef:e6:17:
55:c2:fa:90:3e:ef:7a:48:ef:43:39:3f:1b:f9:8a:
e3:0b:6b:af:98:a2:36:77:87:52:72:5f:f7:07:da:
9e:53:1d:4e:84:2a:7c:8e:e5:ac:9e:55:ad:0c:2d:
2e:9a:e5:2e:b8:e0:b1:e6:9e:1b:6b:e7:9e:39:fc:
e2:a5:35:90:26:bd:c7:87:50:d3:45:bd:31:55:71:
2b:f6:75:e7:77:36:e5:2a:0b:18:4a:17:ea:77:6f:
aa:f4:97:b2:39:ad:d0:b2:8c:73:cd:42:8b:4d:70:
08:05:c3:98:46:7c:a5:5f:7c:8c:2b:59:7c:7a:02:
38:af:a0:49:3b:4b:0c:aa:8f:64:f5:3a:a4:89:43:
3f:ad:cd:c3:ca:7b:57:fd:0f:88:19:58:4b:58:7b:
d5:32:cd:7d:ec:bf:0b:b4:bb:be:ac:64:09:c6:03:
6f:2b:12:31:98:2d:ad:4e:79:f7:fe:21:11:c7:1a:
8d:da:1b:23:b0:e2:c0:9a:33:1d:05:d3:ba:b6:1f:
32:c7:88:61:7b:8e:7f:c3:58:80:3c:11:d4:9c:8c:
91:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CE:E9:68:2E:1E:78:CE:54:15:F7:8B:28:EF:8D:F6:20:82:1D:34
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ws7paC4eeM5UFfeLKO-N9iCCHTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.8.0/21
31.56.142.0/23
31.56.148.0/22
31.58.208.0/22
31.59.136.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
7f:d3:ef:2f:8f:68:04:5f:5b:4b:95:6a:d2:f9:6e:da:b6:51:
1f:4f:9c:b9:75:c8:f9:8d:c8:12:aa:c7:28:e9:95:14:6d:7e:
cf:43:89:3b:3f:d3:6f:60:04:7b:4f:d2:1f:89:a7:1c:22:77:
0c:94:86:9c:f9:4c:45:61:4a:e1:c4:b9:58:13:52:bc:35:73:
20:97:27:e7:51:76:b4:e0:be:6f:92:fa:f4:09:07:18:e5:e3:
28:2d:b9:c7:bb:10:5a:9e:b7:25:9c:ff:99:8c:a7:e1:dd:0c:
e7:fe:80:94:24:81:5e:70:cf:1b:e7:56:f9:6f:be:4f:34:eb:
ac:ee:b7:00:bc:02:39:ea:bc:6d:28:fe:2a:7b:32:ed:40:74:
32:a1:32:7f:c8:e0:d0:b5:4b:21:c5:6d:e4:e3:34:ef:42:7a:
f2:e9:d9:8e:61:f0:66:dd:ab:aa:6f:17:39:4e:98:5a:d0:1b:
a5:e7:55:bc:9c:b3:e8:85:08:65:46:d8:b9:5a:92:15:9f:a0:
f5:1c:ce:d7:e5:18:9e:f8:7b:71:3f:97:23:37:2b:75:9b:8f:
78:da:59:8d:6b:16:6b:10:52:84:16:ac:52:3e:f8:94:cd:eb:
3e:2d:ed:e0:91:bf:50:eb:d2:57:bd:bd:3f:f0:43:70:82:4b:
a8:c3:58:8b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMu6W3/lfEcC6AYaklTrP6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMTE1MDgyMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmNlZTk2ODJlMWU3OGNlNTQxNWY3OGIyOGVmOGRmNjIwODIxZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstw2Wu+Gu8gnw7upERbiwTRJ/a0b
0k/76XCOTeYAVv71aIX4WnS6I3rv5hdVwvqQPu96SO9DOT8b+YrjC2uvmKI2d4dS
cl/3B9qeUx1OhCp8juWsnlWtDC0umuUuuOCx5p4ba+eeOfzipTWQJr3Hh1DTRb0x
VXEr9nXndzblKgsYShfqd2+q9JeyOa3QsoxzzUKLTXAIBcOYRnylX3yMK1l8egI4
r6BJO0sMqo9k9TqkiUM/rc3DyntX/Q+IGVhLWHvVMs197L8LtLu+rGQJxgNvKxIx
mC2tTnn3/iERxxqN2hsjsOLAmjMdBdO6th8yx4hhe45/w1iAPBHUnIyRWwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMLO6WguHnjOVBX3iyjvjfYggh00MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvd3M3cGFDNGVlTTVVRmZlTEtPLU45aUNDSFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDHzgIAwQB
HziOAwQCHziUAwQCHzrQMAwDBAMfO4gDBAQfO6AwDQYJKoZIhvcNAQELBQADggEB
AH/T7y+PaARfW0uVatL5btq2UR9PnLl1yPmNyBKqxyjplRRtfs9DiTs/029gBHtP
0h+JpxwidwyUhpz5TEVhSuHEuVgTUrw1cyCXJ+dRdrTgvm+S+vQJBxjl4ygtuce7
EFqetyWc/5mMp+HdDOf+gJQkgV5wzxvnVvlvvk8066zutwC8AjnqvG0o/ip7Mu1A
dDKhMn/I4NC1SyHFbeTjNO9CevLp2Y5h8Gbdq6pvFzlOmFrQG6XnVbycs+iFCGVG
2LlakhWfoPUcztflGJ74e3E/lyM3K3Wbj3jaWY1rFmsQUoQWrFI++JTN6z4t7eCR
v1Dr0le9vT/wQ3CCS6jDWIs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:18:15 2024 by rpki-client on console-ams.rpki-client.org