Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/vOuw-thqqsBDOxSUXEaJasEA7qM.roa
File: vOuw-thqqsBDOxSUXEaJasEA7qM.roa (raw, json)
Hash identifier: 5FoG4V28mx1fz8vugdFd18SYEUDw3t0Z7vgkJvX8GgU=
Subject key identifier: BC:EB:B0:FA:D8:6A:AA:C0:43:3B:14:94:5C:46:89:6A:C1:00:EE:A3
Certificate issuer: /CN=8e1179f0a35cf07c1629672662866ca001f75bd3
Certificate serial: 019488DEBF5D15286997257D1F673C40A198
Authority key identifier: 8E:11:79:F0:A3:5C:F0:7C:16:29:67:26:62:86:6C:A0:01:F7:5B:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhF58KNc8HwWKWcmYoZsoAH3W9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/vOuw-thqqsBDOxSUXEaJasEA7qM.roa
Signing time: Tue 21 Jan 2025 12:38:06 +0000
ROA not before: Tue 21 Jan 2025 12:38:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48595
IP address blocks: 31.131.128.0/21 maxlen: 24
31.131.128.0/24 maxlen: 24
31.131.129.0/24 maxlen: 24
31.131.130.0/24 maxlen: 24
31.131.130.128/26 maxlen: 26
31.131.131.0/24 maxlen: 24
31.131.132.0/24 maxlen: 24
31.131.133.0/24 maxlen: 24
31.131.134.0/24 maxlen: 24
31.131.134.128/25 maxlen: 25
31.131.135.0/24 maxlen: 24
31.131.136.0/22 maxlen: 24
31.131.136.0/24 maxlen: 24
31.131.136.128/25 maxlen: 25
31.131.137.0/24 maxlen: 24
31.131.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/jhF58KNc8HwWKWcmYoZsoAH3W9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/jhF58KNc8HwWKWcmYoZsoAH3W9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhF58KNc8HwWKWcmYoZsoAH3W9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:88:de:bf:5d:15:28:69:97:25:7d:1f:67:3c:40:a1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1179f0a35cf07c1629672662866ca001f75bd3
Validity
Not Before: Jan 21 12:38:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcebb0fad86aaac0433b14945c46896ac100eea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:85:2b:1c:77:d6:62:86:5d:9d:3b:0a:e3:
71:cf:b0:18:59:e9:62:7e:07:18:e7:e5:b2:76:17:
3d:34:d6:a8:ce:f6:df:50:58:13:af:6d:77:5a:82:
99:3d:df:9d:2d:b5:b6:73:e1:b5:4b:9a:9c:06:ac:
83:53:3c:39:27:5d:53:a3:a9:70:7a:d8:9f:37:38:
ce:8c:0a:4e:5c:24:16:ea:d6:64:6b:1b:35:40:02:
62:36:63:5e:15:2e:7c:14:7b:e8:31:03:f3:c4:b7:
5a:a7:c2:aa:f7:7a:a3:f5:c4:09:1e:ae:16:40:0a:
84:fd:a3:1d:11:46:6d:9d:df:29:ef:be:97:ac:08:
7a:68:3b:35:df:b5:3b:c2:19:69:f3:ac:99:1f:2c:
27:57:8a:3a:9b:c8:6d:bf:2a:4f:8d:1a:45:d1:5d:
fb:41:20:7c:f1:4b:46:62:78:a6:57:28:e4:97:e7:
8e:82:fe:f8:86:f0:f6:7b:ff:a3:af:45:c6:87:17:
b8:1a:c3:4f:29:67:f6:80:c7:7f:03:33:13:a0:3e:
78:d6:f2:48:0d:c7:9d:2d:3a:7e:c8:39:be:c7:d3:
aa:ea:ef:0d:9a:84:e3:b8:13:ab:d5:13:f7:92:7d:
0d:2c:a3:41:42:38:38:12:a5:0c:01:f6:e6:25:62:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EB:B0:FA:D8:6A:AA:C0:43:3B:14:94:5C:46:89:6A:C1:00:EE:A3
X509v3 Authority Key Identifier:
keyid:8E:11:79:F0:A3:5C:F0:7C:16:29:67:26:62:86:6C:A0:01:F7:5B:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhF58KNc8HwWKWcmYoZsoAH3W9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/vOuw-thqqsBDOxSUXEaJasEA7qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ee8f90-ef2b-43c0-b0c0-4cbc67219b4a/1/jhF58KNc8HwWKWcmYoZsoAH3W9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.128.0-31.131.139.255
Signature Algorithm: sha256WithRSAEncryption
8d:9f:ca:f0:ac:cc:1b:0b:13:5f:a2:ff:38:a5:61:03:0e:a5:
e2:f0:7b:10:55:bc:9d:e7:6e:85:2a:f4:91:06:2a:8d:2b:eb:
b1:08:cc:5b:b8:b2:1c:d6:c6:b6:80:68:62:ed:70:73:09:48:
e7:12:11:51:fd:b7:f4:bb:8e:12:df:21:6c:3e:ed:08:a8:30:
72:04:7f:90:3e:35:68:ca:05:01:bf:27:ec:4e:98:35:15:5b:
61:9b:fb:c1:24:2b:19:37:22:83:e3:b2:81:bb:3e:28:34:c0:
25:37:0c:35:93:04:62:df:6e:33:ab:cf:1a:00:8f:36:37:01:
1f:cf:72:92:8e:ba:fb:58:2d:e1:75:fc:03:58:e5:60:cd:fa:
2e:13:23:62:37:45:7d:da:5d:57:7e:7d:ab:11:36:fa:99:ff:
c8:dd:b1:f9:6a:5f:45:45:a9:93:df:c0:7b:7b:7a:9b:38:6d:
7d:f5:11:6e:f7:8c:39:d3:a7:10:e4:9b:5d:1b:56:13:7d:d4:
6a:2a:aa:85:64:02:f2:87:9d:76:14:2d:90:75:8c:5d:14:06:
bc:e6:ea:bc:57:f6:af:6b:bd:83:95:1a:3c:94:8b:10:e2:6f:
79:f9:8a:13:62:7c:9c:09:a5:b0:a7:b6:21:2b:f2:68:a4:c0:
35:53:90:36
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSI3r9dFShplyV9H2c8QKGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMTE3OWYwYTM1Y2YwN2MxNjI5NjcyNjYyODY2Y2EwMDFm
NzViZDMwHhcNMjUwMTIxMTIzODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2ViYjBmYWQ4NmFhYWMwNDMzYjE0OTQ1YzQ2ODk2YWMxMDBlZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0KFKxx31mKGXZ07CuNxz7AYWeli
fgcY5+Wydhc9NNaozvbfUFgTr213WoKZPd+dLbW2c+G1S5qcBqyDUzw5J11To6lw
etifNzjOjApOXCQW6tZkaxs1QAJiNmNeFS58FHvoMQPzxLdap8Kq93qj9cQJHq4W
QAqE/aMdEUZtnd8p776XrAh6aDs137U7whlp86yZHywnV4o6m8htvypPjRpF0V37
QSB88UtGYnimVyjkl+eOgv74hvD2e/+jr0XGhxe4GsNPKWf2gMd/AzMToD541vJI
DcedLTp+yDm+x9Oq6u8NmoTjuBOr1RP3kn0NLKNBQjg4EqUMAfbmJWJF5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLzrsPrYaqrAQzsUlFxGiWrBAO6jMB8GA1UdIwQY
MBaAFI4RefCjXPB8FilnJmKGbKAB91vTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamhGNThLTmM4SHdXS1djbVlvWnNvQUgzVzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9lZThmOTAtZWYyYi00M2MwLWIwYzAt
NGNiYzY3MjE5YjRhLzEvdk91dy10aHFxc0JET3hTVVhFYUphc0VBN3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9lZThmOTAtZWYyYi00M2MwLWIwYzAtNGNiYzY3MjE5YjRh
LzEvamhGNThLTmM4SHdXS1djbVlvWnNvQUgzVzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAcfg4AD
BAIfg4gwDQYJKoZIhvcNAQELBQADggEBAI2fyvCszBsLE1+i/zilYQMOpeLwexBV
vJ3nboUq9JEGKo0r67EIzFu4shzWxraAaGLtcHMJSOcSEVH9t/S7jhLfIWw+7Qio
MHIEf5A+NWjKBQG/J+xOmDUVW2Gb+8EkKxk3IoPjsoG7Pig0wCU3DDWTBGLfbjOr
zxoAjzY3AR/PcpKOuvtYLeF1/ANY5WDN+i4TI2I3RX3aXVd+fasRNvqZ/8jdsflq
X0VFqZPfwHt7eps4bX31EW73jDnTpxDkm10bVhN91GoqqoVkAvKHnXYULZB1jF0U
Brzm6rxX9q9rvYOVGjyUixDib3n5ihNifJwJpbCntiEr8mikwDVTkDY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:03:48 2025 by rpki-client