Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/31A6_ehvBKsfGVDtFooQhLXH0iM.roa
File: 31A6_ehvBKsfGVDtFooQhLXH0iM.roa (raw, json)
Hash identifier: dsMXP7FTcH0rSBZ7d/sBuVAuPoqLFB5tU5E0bIntVYg=
Subject key identifier: DF:50:3A:FD:E8:6F:04:AB:1F:19:50:ED:16:8A:10:84:B5:C7:D2:23
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019427B570129DC242BC6A1517E20A70AF8D
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/31A6_ehvBKsfGVDtFooQhLXH0iM.roa
Signing time: Thu 02 Jan 2025 15:49:49 +0000
ROA not before: Thu 02 Jan 2025 15:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210546
IP address blocks: 194.28.224.0/24 maxlen: 24
194.28.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:70:12:9d:c2:42:bc:6a:15:17:e2:0a:70:af:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 2 15:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df503afde86f04ab1f1950ed168a1084b5c7d223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:78:84:fd:5b:1d:bc:5d:4d:0d:56:e7:d9:26:
05:ce:8a:52:5e:5a:81:01:e6:cd:8d:99:88:23:30:
d8:06:d3:5e:c4:52:f2:43:72:82:8a:54:b0:99:06:
4d:06:f8:85:6c:ec:af:35:3a:8c:fd:53:0a:3c:5d:
67:3c:e0:ce:01:63:bc:48:c1:d3:68:a0:b7:a2:ab:
19:84:fa:36:9e:67:f9:1a:19:dd:e6:05:dc:e1:67:
27:c4:33:11:d7:02:0f:eb:d6:da:82:f8:65:a2:53:
46:0a:54:f5:96:8f:64:74:23:01:46:9f:ec:39:48:
6a:67:cf:88:d8:d3:7e:ca:98:62:3e:c7:60:bf:bd:
18:37:d1:3b:55:98:a2:39:c3:bc:4f:5c:5b:c9:03:
47:90:91:68:ea:ee:07:35:9f:e2:f8:be:b4:8d:15:
ac:ec:a9:49:f8:ae:b0:32:24:a1:9b:28:f1:9f:99:
b7:7f:bc:8c:9a:54:5f:89:95:bc:21:a9:2e:81:ca:
69:23:a7:29:a4:1c:0b:24:b8:d1:3b:94:a1:14:30:
21:07:30:57:31:a5:97:a7:91:34:1e:75:f3:c2:03:
ee:33:f8:a3:89:0e:d8:11:a8:8b:09:36:f0:df:67:
19:69:47:10:68:d8:fd:69:03:f3:b4:a3:38:46:bb:
e0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:50:3A:FD:E8:6F:04:AB:1F:19:50:ED:16:8A:10:84:B5:C7:D2:23
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/31A6_ehvBKsfGVDtFooQhLXH0iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.224.0/23
Signature Algorithm: sha256WithRSAEncryption
91:63:cf:ba:3e:3c:28:e9:67:29:91:fc:59:ee:84:5c:44:33:
38:58:2c:ce:ce:d2:a8:01:44:05:d6:b4:39:5b:a3:1d:62:49:
06:06:7b:f7:53:64:80:a9:dd:b1:83:78:42:f8:eb:e7:36:56:
fc:18:95:b7:d6:4b:34:f9:ad:11:cb:8d:eb:31:99:b7:e7:31:
ed:80:9b:35:9d:6b:3d:9a:ff:fa:e4:a6:42:03:fb:4d:0b:d1:
29:68:ad:16:09:d4:ea:b6:f7:67:ab:bd:0b:e0:84:65:42:88:
9b:4c:ae:6e:3a:c6:5b:09:27:31:12:46:95:08:dc:ae:11:b0:
a5:c9:6c:ac:75:9a:f2:76:a2:d9:47:7c:2f:84:9a:98:97:a9:
72:2f:32:da:18:fe:3a:95:57:3f:a8:6c:2a:1b:c0:2e:08:0e:
75:e1:6d:67:ca:85:e6:64:7e:52:76:c1:c6:81:5a:95:c0:18:
6a:53:e8:3c:1a:66:ad:9a:09:ab:1c:fb:9a:99:c8:e3:1b:ae:
47:90:0d:8c:74:bf:c6:e8:4e:9a:2c:d9:d3:68:b9:7a:cd:60:
a7:20:e1:fc:c7:e4:a7:98:bc:60:6a:0a:ed:b5:fe:ef:59:23:
ac:88:d9:7a:46:f5:cf:71:16:a2:24:fb:45:7f:0b:1a:c5:bc:
e3:a9:63:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntXASncJCvGoVF+IKcK+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMTAyMTU0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjUwM2FmZGU4NmYwNGFiMWYxOTUwZWQxNjhhMTA4NGI1YzdkMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3iE/VsdvF1NDVbn2SYFzopSXlqB
AebNjZmIIzDYBtNexFLyQ3KCilSwmQZNBviFbOyvNTqM/VMKPF1nPODOAWO8SMHT
aKC3oqsZhPo2nmf5Ghnd5gXc4WcnxDMR1wIP69bagvhlolNGClT1lo9kdCMBRp/s
OUhqZ8+I2NN+yphiPsdgv70YN9E7VZiiOcO8T1xbyQNHkJFo6u4HNZ/i+L60jRWs
7KlJ+K6wMiShmyjxn5m3f7yMmlRfiZW8IakugcppI6cppBwLJLjRO5ShFDAhBzBX
MaWXp5E0HnXzwgPuM/ijiQ7YEaiLCTbw32cZaUcQaNj9aQPztKM4RrvgcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN9QOv3obwSrHxlQ7RaKEIS1x9IjMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMzFBNl9laHZCS3NmR1ZEdEZvb1FoTFhIMGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwhzgMA0G
CSqGSIb3DQEBCwUAA4IBAQCRY8+6Pjwo6WcpkfxZ7oRcRDM4WCzOztKoAUQF1rQ5
W6MdYkkGBnv3U2SAqd2xg3hC+OvnNlb8GJW31ks0+a0Ry43rMZm35zHtgJs1nWs9
mv/65KZCA/tNC9EpaK0WCdTqtvdnq70L4IRlQoibTK5uOsZbCScxEkaVCNyuEbCl
yWysdZrydqLZR3wvhJqYl6lyLzLaGP46lVc/qGwqG8AuCA514W1nyoXmZH5SdsHG
gVqVwBhqU+g8GmatmgmrHPuamcjjG65HkA2MdL/G6E6aLNnTaLl6zWCnIOH8x+Sn
mLxgagrttf7vWSOsiNl6RvXPcRaiJPtFfwsaxbzjqWOn
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:35:41 2025 by rpki-client