Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/F37E473uxcn3BSFfvlhJUExhfoE.roa
File: F37E473uxcn3BSFfvlhJUExhfoE.roa (raw, json)
Hash identifier: Cc1QOailJ6Jgj0X0uzmut4tLajBvPuHuz+Wr/3WgcT8=
Subject key identifier: 17:7E:C4:E3:BD:EE:C5:C9:F7:05:21:5F:BE:58:49:50:4C:61:7E:81
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01964A23EEF6649667994B2BB923B4577F21
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/F37E473uxcn3BSFfvlhJUExhfoE.roa
Signing time: Fri 18 Apr 2025 18:23:10 +0000
ROA not before: Fri 18 Apr 2025 18:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 31.56.86.0/24 maxlen: 24
31.56.107.0/24 maxlen: 24
31.57.122.0/24 maxlen: 24
31.57.124.0/24 maxlen: 24
31.57.125.0/24 maxlen: 24
31.57.140.0/24 maxlen: 24
31.57.162.0/23 maxlen: 23
31.57.164.0/23 maxlen: 23
31.57.180.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.58.41.0/24 maxlen: 24
31.58.42.0/24 maxlen: 24
31.58.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4a:23:ee:f6:64:96:67:99:4b:2b:b9:23:b4:57:7f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 18 18:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=177ec4e3bdeec5c9f705215fbe5849504c617e81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e9:80:c1:99:44:ad:22:ae:2d:af:38:0b:bc:
3f:35:41:52:67:99:5b:f0:4d:eb:0e:0b:57:7d:19:
c6:1c:bb:b5:f4:9f:bb:1f:49:f8:7f:f4:91:6b:86:
d6:34:44:14:cd:04:7d:a4:29:f3:9b:7a:7f:7d:13:
e4:df:66:d8:2f:84:d9:50:99:35:0b:20:1f:f7:3f:
3f:64:be:09:21:4d:d0:8d:72:bc:ce:08:f3:d2:d6:
8d:a1:ad:dd:02:82:3d:69:f3:da:17:5f:7e:d9:db:
2e:99:7f:93:bb:c4:81:b1:d0:27:e7:e3:d0:93:22:
92:ae:fd:10:65:4a:7f:69:61:12:e0:78:6f:60:9c:
2b:ca:37:ad:32:1d:20:51:23:66:fa:c9:60:e6:15:
49:84:d2:d2:31:27:dc:ca:71:d5:9d:62:86:30:b5:
9e:4b:0b:97:9a:fb:f9:31:ae:d8:c0:c0:49:c9:21:
b1:b0:d4:db:54:8a:e8:82:b9:a9:eb:b8:00:48:60:
b7:32:17:b2:a8:b8:41:8c:9d:52:1e:b1:78:e3:c3:
a7:82:91:ed:99:ae:dc:01:dc:62:bc:14:fc:9e:f2:
06:7b:90:50:3f:0a:f1:64:db:f5:66:59:76:36:2b:
92:22:21:96:11:96:45:6f:76:a9:fb:a5:f0:ac:17:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7E:C4:E3:BD:EE:C5:C9:F7:05:21:5F:BE:58:49:50:4C:61:7E:81
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/F37E473uxcn3BSFfvlhJUExhfoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.86.0/24
31.56.107.0/24
31.57.122.0/24
31.57.124.0/23
31.57.140.0/24
31.57.162.0-31.57.165.255
31.57.180.0/24
31.57.221.0/24
31.58.41.0-31.58.42.255
31.58.48.0/24
Signature Algorithm: sha256WithRSAEncryption
85:23:83:59:72:fb:cd:2c:df:b1:e6:03:64:f8:38:d4:f1:e6:
ef:1e:ff:31:2b:4e:dd:a6:82:a7:67:a0:0b:3e:09:0c:fb:28:
7d:7e:1f:74:98:8b:94:72:92:4e:21:01:a0:a6:6d:bb:1c:bd:
bf:67:80:62:03:7f:82:db:27:18:07:79:63:7d:39:b8:79:e1:
bb:3a:58:93:67:5b:99:7e:3d:3b:ca:2a:40:76:8a:58:ae:24:
41:fd:ec:a0:7d:58:ee:35:81:d6:09:7d:d6:8e:d8:b4:63:33:
b5:67:f3:da:69:65:f3:14:4f:77:2f:12:b3:41:08:8e:f4:08:
14:78:3f:10:94:86:8a:4f:e1:09:8d:ac:cb:78:21:7c:23:5f:
4f:15:f9:fa:57:79:aa:e4:95:cf:9b:c5:68:32:e2:81:77:26:
34:6e:9e:6d:e8:aa:fd:94:69:45:6f:7c:5b:a4:aa:2f:19:f4:
d7:3e:86:09:48:e7:b9:58:b0:c1:6e:27:37:a3:0d:f1:50:b4:
17:e7:21:fb:7f:c3:1b:81:96:2d:be:40:3c:ff:66:9e:c0:ca:
e5:43:74:bc:0c:04:d2:5b:35:39:ea:7e:54:d1:d5:1f:0c:a3:
0c:84:0e:53:a8:4c:62:e1:3d:d3:38:fb:e6:12:d1:ef:97:ed:
b7:e8:3b:ed
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZZKI+72ZJZnmUsruSO0V38hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDE4MTgyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzdlYzRlM2JkZWVjNWM5ZjcwNTIxNWZiZTU4NDk1MDRjNjE3ZTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzemAwZlErSKuLa84C7w/NUFSZ5lb
8E3rDgtXfRnGHLu19J+7H0n4f/SRa4bWNEQUzQR9pCnzm3p/fRPk32bYL4TZUJk1
CyAf9z8/ZL4JIU3QjXK8zgjz0taNoa3dAoI9afPaF19+2dsumX+Tu8SBsdAn5+PQ
kyKSrv0QZUp/aWES4HhvYJwryjetMh0gUSNm+slg5hVJhNLSMSfcynHVnWKGMLWe
SwuXmvv5Ma7YwMBJySGxsNTbVIrogrmp67gASGC3MheyqLhBjJ1SHrF448OngpHt
ma7cAdxivBT8nvIGe5BQPwrxZNv1Zll2NiuSIiGWEZZFb3ap+6XwrBdC8QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBd+xOO97sXJ9wUhX75YSVBMYX6BMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRjM3RTQ3M3V4Y24zQlNGZnZsaEpVRXhoZm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAHzhWAwQA
HzhrAwQAHzl6AwQBHzl8AwQAHzmMMAwDBAEfOaIDBAEfOaQDBAAfObQDBAAfOd0w
DAMEAB86KQMEAB86KgMEAB86MDANBgkqhkiG9w0BAQsFAAOCAQEAhSODWXL7zSzf
seYDZPg41PHm7x7/MStO3aaCp2egCz4JDPsofX4fdJiLlHKSTiEBoKZtuxy9v2eA
YgN/gtsnGAd5Y305uHnhuzpYk2dbmX49O8oqQHaKWK4kQf3soH1Y7jWB1gl91o7Y
tGMztWfz2mll8xRPdy8Ss0EIjvQIFHg/EJSGik/hCY2sy3ghfCNfTxX5+ld5quSV
z5vFaDLigXcmNG6ebeiq/ZRpRW98W6SqLxn01z6GCUjnuViwwW4nN6MN8VC0F+ch
+3/DG4GWLb5APP9mnsDK5UN0vAwE0ls1Oep+VNHVHwyjDIQOU6hMYuE90zj75hLR
75ftt+g77Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:25:47 2025 by rpki-client