Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OZw_S-heYxvl0x0NP8yS6uZaYHM.roa
File: OZw_S-heYxvl0x0NP8yS6uZaYHM.roa (raw, json)
Hash identifier: tj/jf7eVGX3MXKsumc2ChQ71+Rhuobf95NVhC2nUTM4=
Subject key identifier: 39:9C:3F:4B:E8:5E:63:1B:E5:D3:1D:0D:3F:CC:92:EA:E6:5A:60:73
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196200F4238D3918A2B715B65C335B27444
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OZw_S-heYxvl0x0NP8yS6uZaYHM.roa
Signing time: Thu 10 Apr 2025 14:16:32 +0000
ROA not before: Thu 10 Apr 2025 14:16:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197860
IP address blocks: 31.57.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 19:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:20:0f:42:38:d3:91:8a:2b:71:5b:65:c3:35:b2:74:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 10 14:16:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=399c3f4be85e631be5d31d0d3fcc92eae65a6073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:df:91:cb:6e:93:6e:fd:8a:44:56:38:b9:
06:e7:3f:53:70:a0:30:c7:a4:d6:ef:d4:5f:6e:d7:
4b:1d:79:22:b5:99:b3:00:4a:26:22:db:7e:6e:7c:
c9:67:46:75:53:d2:38:ae:58:e5:7f:47:52:8a:85:
05:20:5c:a0:e9:86:c7:26:d2:65:6e:18:d1:ae:09:
eb:ae:62:30:3d:3c:c6:94:d9:50:1a:52:b6:0e:ca:
34:55:89:d7:8f:27:2c:42:a8:d0:af:8a:c1:8a:18:
ea:29:c4:e6:b2:60:bd:99:88:59:82:62:4f:5b:7b:
cf:e5:9d:ae:07:e1:98:f4:85:fe:f6:58:40:42:3b:
d3:a0:07:a5:bc:8a:de:13:43:8c:cc:f6:0e:f1:f5:
e3:4a:52:03:67:80:99:94:0e:6a:7f:00:46:e9:27:
ed:33:d4:36:56:9b:1d:33:f3:87:9d:23:61:4e:3b:
c7:78:82:f3:c1:74:89:eb:45:69:dc:7b:14:10:44:
3a:06:be:24:f2:c9:10:34:51:82:8e:48:12:37:d3:
08:79:e6:d0:d0:1a:24:40:ee:ac:a0:e4:f0:05:1b:
7a:be:b4:0f:4e:3c:f8:15:38:09:e2:0b:09:e5:5f:
b9:06:60:59:66:78:3a:87:05:2c:a1:58:f0:ce:31:
bb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:9C:3F:4B:E8:5E:63:1B:E5:D3:1D:0D:3F:CC:92:EA:E6:5A:60:73
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/OZw_S-heYxvl0x0NP8yS6uZaYHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.57.123.0/24
Signature Algorithm: sha256WithRSAEncryption
15:48:6b:41:b6:23:b2:b9:bf:0b:07:d3:d5:b2:55:4e:07:0f:
71:a7:bf:8e:87:56:2b:56:be:61:d1:1b:76:d8:d0:31:a3:b1:
9f:7a:9f:51:c2:61:82:99:b5:86:0b:4e:55:cb:a1:76:02:ef:
27:09:76:6b:85:16:09:df:b7:4d:12:ef:e8:05:47:c7:41:65:
1d:3d:7a:d7:0d:da:27:fc:6f:99:b4:dd:bf:22:95:b4:17:46:
86:5c:e1:e2:77:e7:a4:95:c1:39:8f:01:45:ba:20:b6:f0:75:
1e:94:e6:5c:fd:7b:47:1a:0b:3a:c0:01:97:6b:4e:87:fa:c1:
3a:42:9b:9b:81:21:b8:b4:e2:dd:2b:4a:7d:7a:e7:ee:35:62:
d4:ee:e0:41:7a:01:67:05:5c:95:3f:32:4c:22:ef:11:c7:3c:
e2:6e:b8:2f:b7:42:d6:df:67:58:81:85:25:8b:34:ec:7f:e8:
f7:06:02:ae:9d:4a:52:87:b5:c7:b8:5f:46:99:4f:55:a2:1d:
72:fd:49:0c:05:f2:ef:16:46:91:bb:3b:c7:c6:62:1d:26:01:
4f:16:ec:1f:bb:20:d3:97:ed:24:f7:22:c4:3e:a2:4a:f5:ee:
48:e0:25:3a:1f:85:8b:f4:5a:fc:4b:3e:ee:0c:de:5c:60:5f:
49:0a:5e:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYgD0I405GKK3FbZcM1snREMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDEwMTQxNjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTljM2Y0YmU4NWU2MzFiZTVkMzFkMGQzZmNjOTJlYWU2NWE2MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxDfkctuk279ikRWOLkG5z9TcKAw
x6TW79RfbtdLHXkitZmzAEomItt+bnzJZ0Z1U9I4rljlf0dSioUFIFyg6YbHJtJl
bhjRrgnrrmIwPTzGlNlQGlK2Dso0VYnXjycsQqjQr4rBihjqKcTmsmC9mYhZgmJP
W3vP5Z2uB+GY9IX+9lhAQjvToAelvIreE0OMzPYO8fXjSlIDZ4CZlA5qfwBG6Sft
M9Q2VpsdM/OHnSNhTjvHeILzwXSJ60Vp3HsUEEQ6Br4k8skQNFGCjkgSN9MIeebQ
0BokQO6soOTwBRt6vrQPTjz4FTgJ4gsJ5V+5BmBZZng6hwUsoVjwzjG7EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmcP0voXmMb5dMdDT/MkurmWmBzMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvT1p3X1MtaGVZeHZsMHgwTlA4eVM2dVphWUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHzl7MA0G
CSqGSIb3DQEBCwUAA4IBAQAVSGtBtiOyub8LB9PVslVOBw9xp7+Oh1YrVr5h0Rt2
2NAxo7Gfep9RwmGCmbWGC05Vy6F2Au8nCXZrhRYJ37dNEu/oBUfHQWUdPXrXDdon
/G+ZtN2/IpW0F0aGXOHid+eklcE5jwFFuiC28HUelOZc/XtHGgs6wAGXa06H+sE6
QpubgSG4tOLdK0p9eufuNWLU7uBBegFnBVyVPzJMIu8Rxzzibrgvt0LW32dYgYUl
izTsf+j3BgKunUpSh7XHuF9GmU9Voh1y/UkMBfLvFkaRuzvHxmIdJgFPFuwfuyDT
l+0k9yLEPqJK9e5I4CU6H4WL9Fr8Sz7uDN5cYF9JCl5b
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:13:06 2025 by rpki-client