Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NWoKUYCwfdvxXWU7nXZ_Cf-bwD8.roa
File: NWoKUYCwfdvxXWU7nXZ_Cf-bwD8.roa (raw, json)
Hash identifier: xuy1CyiU51zodUaiTNW6/lRYZTEgGvbh1wZzl1dgflI=
Subject key identifier: 35:6A:0A:51:80:B0:7D:DB:F1:5D:65:3B:9D:76:7F:09:FF:9B:C0:3F
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019616C1F66F6D081CB32F923C5417CF7759
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NWoKUYCwfdvxXWU7nXZ_Cf-bwD8.roa
Signing time: Tue 08 Apr 2025 18:55:32 +0000
ROA not before: Tue 08 Apr 2025 18:55:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212335
IP address blocks: 31.57.181.0/24 maxlen: 24
31.57.252.0/24 maxlen: 24
31.58.142.0/23 maxlen: 24
31.58.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:c1:f6:6f:6d:08:1c:b3:2f:92:3c:54:17:cf:77:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 8 18:55:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=356a0a5180b07ddbf15d653b9d767f09ff9bc03f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:00:48:1f:e2:ab:c1:f5:2e:05:7a:60:19:8d:
38:cf:f6:65:c9:4a:26:c4:a4:79:62:97:df:43:fb:
07:d4:45:52:7a:0e:2d:2a:a9:3e:9f:ca:f2:d1:17:
fc:89:5c:a3:65:19:9d:61:e3:3f:27:0e:97:43:08:
2e:e7:48:a0:07:44:d5:0b:2e:11:0c:6a:ab:e3:67:
a6:62:95:d7:1f:ef:99:0e:d5:b5:96:9c:87:02:70:
c0:5d:e4:df:8c:cd:d9:75:c0:d8:f9:7c:93:74:4b:
91:9f:e6:8b:b0:89:e5:4d:d7:73:04:18:06:38:c3:
ca:fd:57:c0:c2:0e:34:03:84:db:c7:e6:99:87:d3:
b8:69:85:63:c9:0a:87:80:1f:97:b8:10:68:00:f9:
a1:21:5c:01:ce:61:1e:9c:e4:59:e8:43:c4:dd:a1:
71:a9:59:37:6d:8c:7b:32:79:ac:48:53:e3:00:d9:
19:97:11:bb:c5:42:26:dc:33:b0:b6:91:3c:a5:d0:
0b:04:dc:c1:74:ee:6c:4e:22:a9:04:7c:f0:d7:3f:
74:5a:a0:29:db:34:f4:d0:e2:35:bc:ec:0a:66:fa:
a4:3c:c2:dc:a1:3c:78:1c:44:64:81:74:30:90:d2:
ec:b1:fa:53:70:19:74:9b:48:06:bc:34:88:e3:47:
da:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:6A:0A:51:80:B0:7D:DB:F1:5D:65:3B:9D:76:7F:09:FF:9B:C0:3F
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NWoKUYCwfdvxXWU7nXZ_Cf-bwD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.181.0/24
31.57.252.0/24
31.58.142.0/23
Signature Algorithm: sha256WithRSAEncryption
00:71:2d:52:ce:08:7e:85:a3:81:82:f4:48:0a:44:d6:76:3c:
c8:50:4d:b4:02:8f:e4:44:13:0a:5b:2e:55:25:1c:7b:43:14:
bb:e2:1b:b1:2a:99:99:70:bb:c9:d0:04:10:16:da:63:1a:e1:
09:1b:c1:b7:f5:e9:cb:36:7c:97:86:49:03:f4:e6:47:85:9c:
77:32:22:e9:36:d0:aa:6a:68:f0:64:28:50:be:8a:88:8d:b2:
26:43:f2:b5:c8:66:5f:91:0d:24:29:4c:eb:9b:ca:e8:ed:35:
15:1e:e4:85:f8:10:8a:f4:cd:07:c1:f8:4b:0a:84:47:d1:37:
5f:6d:68:d1:9e:ff:9b:6f:a1:61:77:40:0a:ea:29:79:02:61:
71:94:22:dc:ce:5b:59:73:19:6d:33:75:46:bc:ec:dd:f7:a7:
8c:20:9e:68:a4:3c:99:6e:0f:0f:5e:0b:1d:fd:47:f5:a8:9c:
7a:94:24:90:90:c7:0d:9b:1c:da:28:59:d5:81:c8:6a:7c:b4:
11:68:c8:4e:0c:27:fd:d4:b4:eb:85:49:59:62:0d:4f:25:86:
52:d4:d1:d2:cf:19:0f:ff:b9:ab:d3:e1:9f:b4:01:90:cf:91:
9c:c2:ca:ee:5d:98:81:b0:98:28:bd:c4:b2:89:75:c3:e6:66:
ea:bc:b8:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYWwfZvbQgcsy+SPFQXz3dZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA4MTg1NTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTZhMGE1MTgwYjA3ZGRiZjE1ZDY1M2I5ZDc2N2YwOWZmOWJjMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgBIH+KrwfUuBXpgGY04z/ZlyUom
xKR5YpffQ/sH1EVSeg4tKqk+n8ry0Rf8iVyjZRmdYeM/Jw6XQwgu50igB0TVCy4R
DGqr42emYpXXH++ZDtW1lpyHAnDAXeTfjM3ZdcDY+XyTdEuRn+aLsInlTddzBBgG
OMPK/VfAwg40A4Tbx+aZh9O4aYVjyQqHgB+XuBBoAPmhIVwBzmEenORZ6EPE3aFx
qVk3bYx7MnmsSFPjANkZlxG7xUIm3DOwtpE8pdALBNzBdO5sTiKpBHzw1z90WqAp
2zT00OI1vOwKZvqkPMLcoTx4HERkgXQwkNLssfpTcBl0m0gGvDSI40faywIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDVqClGAsH3b8V1lO512fwn/m8A/MB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTldvS1VZQ3dmZHZ4WFdVN25YWl9DZi1id0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzm1AwQA
Hzn8AwQBHzqOMA0GCSqGSIb3DQEBCwUAA4IBAQAAcS1Szgh+haOBgvRICkTWdjzI
UE20Ao/kRBMKWy5VJRx7QxS74huxKpmZcLvJ0AQQFtpjGuEJG8G39enLNnyXhkkD
9OZHhZx3MiLpNtCqamjwZChQvoqIjbImQ/K1yGZfkQ0kKUzrm8ro7TUVHuSF+BCK
9M0HwfhLCoRH0TdfbWjRnv+bb6Fhd0AK6il5AmFxlCLczltZcxltM3VGvOzd96eM
IJ5opDyZbg8PXgsd/Uf1qJx6lCSQkMcNmxzaKFnVgchqfLQRaMhODCf91LTrhUlZ
Yg1PJYZS1NHSzxkP/7mr0+GftAGQz5GcwsruXZiBsJgovcSyiXXD5mbqvLjZ
-----END CERTIFICATE-----
Generated at Sat Apr 26 22:18:02 2025 by rpki-client