Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVtBsS0lj9B3jm1nmhzzNVQRIYA.roa
File: NVtBsS0lj9B3jm1nmhzzNVQRIYA.roa (raw, json)
Hash identifier: gNsDujTu07HCgX4UG0e12mJz4dUCVHhCW9OfEfftHUM=
Subject key identifier: 35:5B:41:B1:2D:25:8F:D0:77:8E:6D:67:9A:1C:F3:35:54:11:21:80
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019632B7F9FB55EF14B82B81ADE66FDDB143
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVtBsS0lj9B3jm1nmhzzNVQRIYA.roa
Signing time: Mon 14 Apr 2025 05:13:59 +0000
ROA not before: Mon 14 Apr 2025 05:13:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 31.56.25.0/24 maxlen: 24
31.56.27.0/24 maxlen: 24
31.56.28.0/22 maxlen: 24
31.56.44.0/24 maxlen: 24
31.56.48.0/24 maxlen: 24
31.56.49.0/24 maxlen: 24
31.56.61.0/24 maxlen: 24
31.56.80.0/22 maxlen: 22
31.56.92.0/22 maxlen: 22
31.56.96.0/22 maxlen: 22
31.56.100.0/22 maxlen: 22
31.56.112.0/24 maxlen: 24
31.56.113.0/24 maxlen: 24
31.57.105.0/24 maxlen: 24
31.57.106.0/24 maxlen: 24
31.57.107.0/24 maxlen: 24
31.57.108.0/24 maxlen: 24
31.57.109.0/24 maxlen: 24
31.57.110.0/24 maxlen: 24
31.57.111.0/24 maxlen: 24
31.57.119.0/24 maxlen: 24
31.57.226.0/24 maxlen: 24
31.58.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:32:b7:f9:fb:55:ef:14:b8:2b:81:ad:e6:6f:dd:b1:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 14 05:13:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=355b41b12d258fd0778e6d679a1cf33554112180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:fc:71:96:8f:d4:c5:5f:2a:52:e8:fc:2d:
66:1f:0e:c5:d7:03:e4:37:a9:06:76:08:1d:aa:a9:
bc:02:c9:4d:42:78:f2:fd:61:43:af:d7:cd:7c:1c:
fb:9d:47:31:89:23:0c:c4:ac:28:d3:2a:36:ab:c0:
b6:86:e9:b4:e9:ef:d3:3b:ff:07:c7:d9:a3:b9:44:
b1:a9:4f:68:93:9f:4e:b3:8b:e9:30:d2:2d:a6:39:
7e:7d:6f:84:78:66:7c:39:ac:4f:8e:aa:5d:a5:44:
5a:34:e4:3a:6c:9c:18:81:c3:65:74:7b:fc:4d:35:
d8:f4:87:99:12:25:80:5f:ac:cc:7e:88:f4:6d:4f:
27:84:7e:18:c4:41:13:36:a1:4f:38:d8:ac:84:83:
62:d3:43:46:7c:28:f6:6c:10:bd:66:ce:dc:4d:e8:
c1:0e:10:54:89:29:29:f8:a7:30:8c:9e:cb:b3:81:
29:58:71:df:aa:43:23:97:48:85:27:88:33:73:5f:
a1:77:4a:b1:66:91:d5:ce:9b:be:9c:31:04:23:ee:
49:fb:4a:03:9a:b8:da:63:cd:d1:68:26:29:db:62:
c7:02:4a:69:e4:00:dd:27:6f:3d:3f:5e:38:24:63:
e0:85:5a:b3:72:7c:98:9c:36:06:ac:03:65:2d:f6:
b6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:5B:41:B1:2D:25:8F:D0:77:8E:6D:67:9A:1C:F3:35:54:11:21:80
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NVtBsS0lj9B3jm1nmhzzNVQRIYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.25.0/24
31.56.27.0-31.56.31.255
31.56.44.0/24
31.56.48.0/23
31.56.61.0/24
31.56.80.0/22
31.56.92.0-31.56.103.255
31.56.112.0/23
31.57.105.0-31.57.111.255
31.57.119.0/24
31.57.226.0/24
31.58.130.0/24
Signature Algorithm: sha256WithRSAEncryption
01:1e:35:30:7d:19:39:de:75:1c:fa:27:fd:56:2d:a1:8a:10:
04:f9:95:7a:ae:ab:b1:ef:8b:48:15:c4:cf:d0:8c:dd:08:47:
0e:41:19:cf:2f:37:96:9e:9c:c3:76:5e:ac:9e:cc:b9:70:b4:
79:a0:b7:e0:65:95:82:8a:d8:ba:9b:92:e1:8e:90:e9:43:e8:
a0:33:a4:d9:f7:09:a6:18:63:4c:61:05:59:81:1a:6f:0c:57:
22:75:91:02:69:1f:b1:88:f1:23:be:34:68:50:59:60:48:f4:
15:f6:43:12:ac:be:23:30:bf:fb:5e:e1:36:9b:28:83:52:bc:
ef:fb:df:48:4f:99:69:5f:3d:7f:7e:47:56:19:59:2e:7a:f7:
b6:1d:6d:fe:f3:0b:b5:c4:1f:98:4d:f2:7c:4e:c4:ea:e7:e9:
8a:1b:6d:b7:1d:8e:bf:dd:f5:b4:39:45:ed:71:f0:a9:b5:7c:
9f:2c:ac:8b:ab:e6:06:99:1b:fd:f1:8a:c5:91:d0:61:dd:26:
db:5c:2d:39:34:5d:15:3c:54:a7:0f:81:58:bc:93:80:83:4e:
42:70:8a:ac:91:29:19:75:c6:28:37:62:ca:af:3f:ac:b4:6b:
3d:fc:c8:2f:af:3c:3d:d7:eb:f2:01:87:23:d3:46:9b:55:b2:
88:15:e9:39
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZYyt/n7Ve8UuCuBreZv3bFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDE0MDUxMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTViNDFiMTJkMjU4ZmQwNzc4ZTZkNjc5YTFjZjMzNTU0MTEyMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxX8cZaP1MVfKlLo/C1mHw7F1wPk
N6kGdggdqqm8AslNQnjy/WFDr9fNfBz7nUcxiSMMxKwo0yo2q8C2hum06e/TO/8H
x9mjuUSxqU9ok59Os4vpMNItpjl+fW+EeGZ8OaxPjqpdpURaNOQ6bJwYgcNldHv8
TTXY9IeZEiWAX6zMfoj0bU8nhH4YxEETNqFPONishINi00NGfCj2bBC9Zs7cTejB
DhBUiSkp+KcwjJ7Ls4EpWHHfqkMjl0iFJ4gzc1+hd0qxZpHVzpu+nDEEI+5J+0oD
mrjaY83RaCYp22LHAkpp5ADdJ289P144JGPghVqzcnyYnDYGrANlLfa2ZQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDVbQbEtJY/Qd45tZ5oc8zVUESGAMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTlZ0QnNTMGxqOUIzam0xbm1oenpOVlFSSVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAHzgZMAwD
BAAfOBsDBAUfOAADBAAfOCwDBAEfODADBAAfOD0DBAIfOFAwDAMEAh84XAMEAx84
YAMEAR84cDAMAwQAHzlpAwQEHzlgAwQAHzl3AwQAHzniAwQAHzqCMA0GCSqGSIb3
DQEBCwUAA4IBAQABHjUwfRk53nUc+if9Vi2hihAE+ZV6rqux74tIFcTP0IzdCEcO
QRnPLzeWnpzDdl6snsy5cLR5oLfgZZWCiti6m5LhjpDpQ+igM6TZ9wmmGGNMYQVZ
gRpvDFcidZECaR+xiPEjvjRoUFlgSPQV9kMSrL4jML/7XuE2myiDUrzv+99IT5lp
Xz1/fkdWGVkueve2HW3+8wu1xB+YTfJ8TsTq5+mKG223HY6/3fW0OUXtcfCptXyf
LKyLq+YGmRv98YrFkdBh3SbbXC05NF0VPFSnD4FYvJOAg05CcIqskSkZdcYoN2LK
rz+stGs9/Mgvrzw91+vyAYcj00abVbKIFek5
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:05:43 2025 by rpki-client