Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/x40YF7xlZjadptWcuzTCVJp5iAY.roa
File: x40YF7xlZjadptWcuzTCVJp5iAY.roa (raw, json)
Hash identifier: ycyXNVifOCJD9xSnjcHwB6ty5cBmCuXDr0tAuAzS7pU=
Subject key identifier: C7:8D:18:17:BC:65:66:36:9D:A6:D5:9C:BB:34:C2:54:9A:79:88:06
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01928F9BE78569B2A9102D35CB9137DA59B8
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/x40YF7xlZjadptWcuzTCVJp5iAY.roa
Signing time: Tue 15 Oct 2024 09:56:52 +0000
ROA not before: Tue 15 Oct 2024 09:56:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 31.56.138.0/24 maxlen: 24
31.57.43.0/24 maxlen: 24
31.57.76.0/24 maxlen: 24
31.57.83.0/24 maxlen: 24
31.57.84.0/24 maxlen: 24
31.57.88.0/24 maxlen: 24
31.57.91.0/24 maxlen: 24
31.58.9.0/24 maxlen: 24
31.58.23.0/24 maxlen: 24
31.58.24.0/24 maxlen: 24
31.59.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:9b:e7:85:69:b2:a9:10:2d:35:cb:91:37:da:59:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Oct 15 09:56:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c78d1817bc6566369da6d59cbb34c2549a798806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a4:60:a3:29:c8:72:aa:5f:a4:ac:7e:50:d4:
fc:7d:e9:6d:48:cc:9b:03:bc:c8:ac:f3:4d:84:29:
36:42:c8:f7:07:c4:07:a6:07:b7:cd:73:53:c1:0b:
e9:d7:57:7b:ea:7a:fa:b4:2a:8d:a8:03:7f:fc:aa:
1e:25:10:96:1a:72:ba:33:e2:27:7f:a7:22:0e:f8:
5e:3e:94:e6:ce:95:74:4a:3e:82:29:9d:25:df:fb:
2c:b8:32:8c:5a:5b:a5:41:af:27:01:73:96:1e:fe:
95:dc:c2:45:ad:03:b2:11:16:c1:28:41:ab:ca:42:
b4:08:d6:9e:25:df:9f:5b:da:d0:8f:22:68:52:2e:
10:94:18:81:a0:98:f8:ec:40:e6:13:5a:fe:08:61:
90:c9:a8:7a:17:4a:9f:ea:29:ba:97:d2:4e:c6:b0:
2b:b5:0d:c1:e6:37:fb:2f:d6:ec:b9:d8:d7:64:e2:
4c:54:b0:d1:31:77:e1:04:77:aa:d7:94:f7:5b:05:
07:e8:27:e7:60:db:b6:3a:d2:e7:6b:59:a5:f6:f9:
ac:ae:b3:4e:73:df:30:89:6f:a0:3d:c7:ac:04:37:
b2:a0:68:42:2f:90:98:40:90:1d:65:ff:b1:31:a5:
67:60:15:32:2d:f2:b0:ff:44:32:fb:fc:47:e2:5c:
fa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8D:18:17:BC:65:66:36:9D:A6:D5:9C:BB:34:C2:54:9A:79:88:06
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/x40YF7xlZjadptWcuzTCVJp5iAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.138.0/24
31.57.43.0/24
31.57.76.0/24
31.57.83.0-31.57.84.255
31.57.88.0/24
31.57.91.0/24
31.58.9.0/24
31.58.23.0-31.58.24.255
31.59.10.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:8f:6e:75:80:94:92:02:58:c2:3e:3c:e5:34:5b:ad:d3:67:
16:7b:d9:22:20:e7:eb:d2:ff:fa:23:08:e0:89:bf:fe:66:d1:
9d:c5:55:47:3c:cc:54:ba:11:03:73:aa:cb:bd:fd:14:57:de:
ed:30:fe:b7:cf:20:e9:ed:3c:ee:01:56:1c:44:cc:df:11:96:
82:ef:a2:70:46:9c:04:c5:3c:18:ee:21:30:7e:c8:90:62:aa:
85:8b:74:da:0d:98:36:de:21:1b:0b:36:12:37:16:ec:dc:22:
5d:3f:6b:45:be:0b:d7:f4:93:7d:46:b3:73:e5:85:1c:12:60:
21:24:27:62:73:1f:d3:2d:5e:ef:b6:72:bb:b3:25:7e:12:66:
d5:7e:37:c2:a8:0e:0f:ed:33:0d:60:d8:1a:c3:50:52:80:ab:
47:59:f9:69:f8:49:19:7b:7c:06:9d:3b:14:50:a3:42:06:15:
05:f2:c1:33:65:33:f6:a5:03:90:ff:a5:90:14:1a:f1:fd:16:
92:a3:fa:8b:55:19:63:18:ba:19:fc:31:d3:ed:be:4d:fd:5d:
5c:f6:f2:69:af:c8:e1:f3:da:43:2f:a6:b0:44:8b:71:f3:a8:
50:f6:58:0a:0d:e5:fe:b2:2e:fe:ab:8a:44:36:8a:7a:22:96:
95:67:3d:69
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZKPm+eFabKpEC01y5E32lm4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjQxMDE1MDk1NjUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzhkMTgxN2JjNjU2NjM2OWRhNmQ1OWNiYjM0YzI1NDlhNzk4ODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2aRgoynIcqpfpKx+UNT8feltSMyb
A7zIrPNNhCk2Qsj3B8QHpge3zXNTwQvp11d76nr6tCqNqAN//KoeJRCWGnK6M+In
f6ciDvhePpTmzpV0Sj6CKZ0l3/ssuDKMWlulQa8nAXOWHv6V3MJFrQOyERbBKEGr
ykK0CNaeJd+fW9rQjyJoUi4QlBiBoJj47EDmE1r+CGGQyah6F0qf6im6l9JOxrAr
tQ3B5jf7L9bsudjXZOJMVLDRMXfhBHeq15T3WwUH6CfnYNu2OtLna1ml9vmsrrNO
c98wiW+gPcesBDeyoGhCL5CYQJAdZf+xMaVnYBUyLfKw/0Qy+/xH4lz6UwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMeNGBe8ZWY2nabVnLs0wlSaeYgGMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEveDQwWUY3eGxaamFkcHRXY3V6VENWSnA1aUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAHziKAwQA
HzkrAwQAHzlMMAwDBAAfOVMDBAAfOVQDBAAfOVgDBAAfOVsDBAAfOgkwDAMEAB86
FwMEAB86GAMEAB87CjANBgkqhkiG9w0BAQsFAAOCAQEAu49udYCUkgJYwj485TRb
rdNnFnvZIiDn69L/+iMI4Im//mbRncVVRzzMVLoRA3Oqy739FFfe7TD+t88g6e08
7gFWHETM3xGWgu+icEacBMU8GO4hMH7IkGKqhYt02g2YNt4hGws2EjcW7NwiXT9r
Rb4L1/STfUazc+WFHBJgISQnYnMf0y1e77Zyu7MlfhJm1X43wqgOD+0zDWDYGsNQ
UoCrR1n5afhJGXt8Bp07FFCjQgYVBfLBM2Uz9qUDkP+lkBQa8f0WkqP6i1UZYxi6
Gfwx0+2+Tf1dXPbyaa/I4fPaQy+msESLcfOoUPZYCg3l/rIu/quKRDaKeiKWlWc9
aQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:55 2024 by rpki-client on console-ams.rpki-client.org