Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fes7f0GArGEr_3QAwO7pCGrr5j8.roa
File: Fes7f0GArGEr_3QAwO7pCGrr5j8.roa (raw, json)
Hash identifier: 1j/9Vg/DBfIRwlxK5d7KMH8asM/y4CLvG6GTqwdCwvU=
Subject key identifier: 15:EB:3B:7F:41:80:AC:61:2B:FF:74:00:C0:EE:E9:08:6A:EB:E6:3F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01960FE93EBC924ADB6B72710E2AA7711293
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fes7f0GArGEr_3QAwO7pCGrr5j8.roa
Signing time: Mon 07 Apr 2025 11:01:06 +0000
ROA not before: Mon 07 Apr 2025 11:01:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 31.56.73.0/24 maxlen: 24
31.56.85.0/24 maxlen: 24
31.57.153.0/24 maxlen: 24
31.57.236.0/24 maxlen: 24
31.58.43.0/24 maxlen: 24
31.58.128.0/24 maxlen: 24
31.58.162.0/24 maxlen: 24
31.58.164.0/24 maxlen: 24
31.58.166.0/24 maxlen: 24
31.59.88.0/24 maxlen: 24
31.59.122.0/24 maxlen: 24
31.59.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:e9:3e:bc:92:4a:db:6b:72:71:0e:2a:a7:71:12:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 7 11:01:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15eb3b7f4180ac612bff7400c0eee9086aebe63f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d8:af:29:7d:4f:b4:40:21:b9:5d:3c:b8:c4:
98:dc:33:eb:40:bf:cd:1e:1e:a8:a5:a1:bb:5e:a7:
f9:a7:3b:d3:6b:c4:04:dc:2c:6f:2e:12:18:07:8e:
21:ad:8a:59:4e:37:2a:05:99:d5:35:7e:bd:ac:49:
02:d3:28:ce:6e:e1:f8:22:6e:44:d8:a5:cc:ce:b6:
71:ba:13:47:9b:30:81:f2:c1:9f:88:4a:f5:1a:3f:
bc:d8:51:27:1c:7e:c7:22:4e:a9:19:61:d2:e2:a7:
6b:63:51:4b:9a:bb:d1:6f:0b:1c:78:a8:33:d3:db:
7e:b2:99:36:e5:d7:23:69:dd:cf:fe:0f:a0:d5:fa:
5e:82:73:a0:45:62:1b:9b:97:b0:85:45:e9:e0:9e:
57:57:94:74:a4:0f:e7:a8:3f:cd:8c:f1:1e:b1:32:
3a:ba:2e:3a:fa:f7:81:01:e4:f7:c2:84:88:62:4d:
10:19:9a:ca:17:32:79:18:a4:4f:ac:73:24:5a:ec:
f6:27:cb:81:24:4c:a9:cd:3c:4a:14:92:c0:c1:d9:
6c:30:1d:f6:67:ce:af:62:c2:4f:d8:cd:89:d7:b7:
06:10:21:2c:8f:ba:38:fe:f1:3a:02:ca:46:d8:69:
67:4c:54:ea:a3:ca:bb:7d:26:31:8f:af:93:a8:b2:
77:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:EB:3B:7F:41:80:AC:61:2B:FF:74:00:C0:EE:E9:08:6A:EB:E6:3F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/Fes7f0GArGEr_3QAwO7pCGrr5j8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.73.0/24
31.56.85.0/24
31.57.153.0/24
31.57.236.0/24
31.58.43.0/24
31.58.128.0/24
31.58.162.0/24
31.58.164.0/24
31.58.166.0/24
31.59.88.0/24
31.59.122.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:8a:6d:be:6f:c4:c5:13:ca:b3:96:95:de:bd:f9:f0:2c:53:
71:eb:46:14:cd:66:a0:cb:05:00:7e:76:88:3d:46:97:f8:99:
f3:b0:4a:60:3e:2a:e0:bb:11:80:6f:79:1b:04:48:94:db:32:
8c:55:d2:31:a3:80:95:b5:9f:2a:27:08:83:69:39:c7:93:a0:
8f:99:46:26:a6:57:03:c7:a9:a1:22:2f:c7:34:a6:04:6a:32:
24:e8:2e:b8:c6:a7:3c:1f:b9:f1:79:b5:84:0d:b5:71:f5:cd:
4c:25:c3:d0:4b:66:51:47:d3:13:ca:a3:35:04:b3:cf:04:34:
ab:64:fe:1d:fa:7d:1f:66:83:29:6d:b1:2d:c7:7a:0b:35:d5:
fa:53:f7:8e:32:fb:8a:dc:cf:35:e1:c4:48:6d:62:52:3f:0d:
f4:96:a8:68:90:9a:21:27:13:b5:fd:60:94:b2:71:c2:05:4b:
50:e6:95:92:db:e7:27:27:7a:06:f6:48:cf:24:34:9c:61:3f:
90:64:53:8d:85:98:fb:d3:6b:ab:93:9d:7e:1e:fe:c1:f2:0c:
bd:88:88:b2:c1:e0:2c:73:4a:61:c3:d9:41:80:96:28:d4:23:
16:b5:a8:25:dd:d4:29:9f:56:a8:aa:75:4c:f1:3b:a5:99:9d:
2c:fe:ea:72
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZYP6T68kkrba3JxDiqncRKTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA3MTEwMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWViM2I3ZjQxODBhYzYxMmJmZjc0MDBjMGVlZTkwODZhZWJlNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdivKX1PtEAhuV08uMSY3DPrQL/N
Hh6opaG7Xqf5pzvTa8QE3CxvLhIYB44hrYpZTjcqBZnVNX69rEkC0yjObuH4Im5E
2KXMzrZxuhNHmzCB8sGfiEr1Gj+82FEnHH7HIk6pGWHS4qdrY1FLmrvRbwsceKgz
09t+spk25dcjad3P/g+g1fpegnOgRWIbm5ewhUXp4J5XV5R0pA/nqD/NjPEesTI6
ui46+veBAeT3woSIYk0QGZrKFzJ5GKRPrHMkWuz2J8uBJEypzTxKFJLAwdlsMB32
Z86vYsJP2M2J17cGECEsj7o4/vE6AspG2GlnTFTqo8q7fSYxj6+TqLJ3qwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBXrO39BgKxhK/90AMDu6Qhq6+Y/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvRmVzN2YwR0FyR0VyXzNRQXdPN3BDR3JyNWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAHzhJAwQA
HzhVAwQAHzmZAwQAHznsAwQAHzorAwQAHzqAAwQAHzqiAwQAHzqkAwQAHzqmAwQA
HztYAwQBHzt6MA0GCSqGSIb3DQEBCwUAA4IBAQCOim2+b8TFE8qzlpXevfnwLFNx
60YUzWagywUAfnaIPUaX+JnzsEpgPirguxGAb3kbBEiU2zKMVdIxo4CVtZ8qJwiD
aTnHk6CPmUYmplcDx6mhIi/HNKYEajIk6C64xqc8H7nxebWEDbVx9c1MJcPQS2ZR
R9MTyqM1BLPPBDSrZP4d+n0fZoMpbbEtx3oLNdX6U/eOMvuK3M814cRIbWJSPw30
lqhokJohJxO1/WCUsnHCBUtQ5pWS2+cnJ3oG9kjPJDScYT+QZFONhZj702urk51+
Hv7B8gy9iIiyweAsc0phw9lBgJYo1CMWtagl3dQpn1aoqnVM8TulmZ0s/upy
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:58:41 2025 by rpki-client