Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZA1385v2TLtACCKZgZZojlP5jt4.roa
File: ZA1385v2TLtACCKZgZZojlP5jt4.roa (raw, json)
Hash identifier: 0qLTf9RolSqJMwRVrcJYO0lnnX8JtVcknNBvQq/VMpM=
Subject key identifier: 64:0D:77:F3:9B:F6:4C:BB:40:08:22:99:81:96:68:8E:53:F9:8E:DE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01965DF309B98054F8770CB4AFB60822E473
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZA1385v2TLtACCKZgZZojlP5jt4.roa
Signing time: Tue 22 Apr 2025 14:42:10 +0000
ROA not before: Tue 22 Apr 2025 14:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 31.56.52.0/22 maxlen: 22
31.56.59.0/24 maxlen: 24
31.56.77.0/24 maxlen: 24
31.57.199.0/24 maxlen: 24
31.59.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:f3:09:b9:80:54:f8:77:0c:b4:af:b6:08:22:e4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 22 14:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=640d77f39bf64cbb400822998196688e53f98ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0e:a9:a7:f6:a0:ae:11:3b:6f:c2:2e:fd:00:
23:a5:fc:0b:ce:85:1d:68:45:5e:15:72:9c:23:d9:
64:37:10:ff:7d:3e:8a:71:a3:3f:2c:02:d9:6c:4a:
7e:80:4f:65:c6:6e:29:bc:2c:15:53:d5:70:c7:84:
26:b7:90:b3:18:60:14:fc:ec:1a:cc:c1:da:ea:ad:
a7:5f:c6:0a:60:7b:ef:99:fd:5d:19:ac:9e:3c:6a:
b3:b6:ac:26:77:c1:69:ec:ed:81:24:45:f3:87:9c:
eb:74:8c:18:02:cd:69:02:9d:93:b1:af:35:5e:d6:
18:4b:e9:25:4c:57:be:48:a4:68:67:62:be:a9:44:
ed:01:3a:eb:47:e9:0c:49:2c:ec:fa:48:07:ab:51:
e3:eb:8e:bf:d6:41:45:6f:f6:25:89:de:db:1e:73:
dd:20:1f:01:b0:27:a0:49:8b:cf:91:39:91:81:5a:
2f:f0:4e:d0:32:28:a4:ba:e4:6c:2f:f2:62:d4:34:
9f:f6:16:c6:9c:24:d2:e4:5d:94:e7:2e:dd:32:67:
e4:63:8c:27:92:58:71:1b:1a:95:ca:f0:64:27:2f:
30:ec:dc:57:91:8c:e3:45:e6:48:1c:57:f7:41:3e:
a1:95:ac:09:d3:56:ff:26:6a:60:b4:5c:d7:50:d6:
99:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0D:77:F3:9B:F6:4C:BB:40:08:22:99:81:96:68:8E:53:F9:8E:DE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/ZA1385v2TLtACCKZgZZojlP5jt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.52.0/22
31.56.59.0/24
31.56.77.0/24
31.57.199.0/24
31.59.68.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:1a:cc:5a:24:ec:3d:c0:7c:ee:18:c8:34:4a:59:55:12:67:
f4:ea:e0:7b:e2:c5:36:d2:bf:f1:04:c7:8d:d6:b0:c4:a5:e1:
b7:8c:29:d8:91:8b:7c:bf:63:1f:12:69:6d:3a:c8:1d:ff:d0:
2c:1a:3e:33:c6:a1:7f:25:1e:cc:37:15:81:e2:da:d6:75:6f:
ec:db:2b:fa:84:8b:7b:9b:45:12:51:84:24:e5:f2:c6:0c:7a:
52:8e:f9:6c:89:51:4d:3a:c4:2e:19:2d:10:f3:e8:83:ae:3c:
49:38:ad:18:3b:99:a3:c5:3c:54:75:fc:77:92:a6:af:ae:89:
5c:b3:74:3b:5b:61:81:20:d9:ec:81:47:97:9a:09:c2:3f:cd:
56:09:9c:94:a9:9d:ad:fc:41:24:7a:53:d2:e6:fa:ce:4f:f4:
29:e9:49:f8:e2:81:7e:ca:1b:37:ce:05:fa:65:e8:b0:9d:ea:
43:41:53:1a:08:ea:8b:42:46:bf:3c:55:c2:0a:90:31:fe:fb:
b5:b8:ef:3e:b6:5b:b4:91:db:35:51:96:a5:36:92:5b:1c:cb:
66:6a:7b:7e:18:f7:fb:15:c2:fb:54:a4:b4:77:6c:6c:78:4c:
3d:ee:1c:bb:4d:50:c4:e1:22:b4:ee:3c:d5:90:31:cb:e9:41:
82:a4:5b:2a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZd8wm5gFT4dwy0r7YIIuRzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIyMTQ0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDBkNzdmMzliZjY0Y2JiNDAwODIyOTk4MTk2Njg4ZTUzZjk4ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow6pp/agrhE7b8Iu/QAjpfwLzoUd
aEVeFXKcI9lkNxD/fT6KcaM/LALZbEp+gE9lxm4pvCwVU9Vwx4Qmt5CzGGAU/Owa
zMHa6q2nX8YKYHvvmf1dGayePGqztqwmd8Fp7O2BJEXzh5zrdIwYAs1pAp2Tsa81
XtYYS+klTFe+SKRoZ2K+qUTtATrrR+kMSSzs+kgHq1Hj646/1kFFb/Ylid7bHnPd
IB8BsCegSYvPkTmRgVov8E7QMiikuuRsL/Ji1DSf9hbGnCTS5F2U5y7dMmfkY4wn
klhxGxqVyvBkJy8w7NxXkYzjReZIHFf3QT6hlawJ01b/JmpgtFzXUNaZPQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGQNd/Ob9ky7QAgimYGWaI5T+Y7eMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvWkExMzg1djJUTHRBQ0NLWmdaWm9qbFA1anQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCHzg0AwQA
Hzg7AwQAHzhNAwQAHznHAwQAHztEMA0GCSqGSIb3DQEBCwUAA4IBAQB+GsxaJOw9
wHzuGMg0SllVEmf06uB74sU20r/xBMeN1rDEpeG3jCnYkYt8v2MfEmltOsgd/9As
Gj4zxqF/JR7MNxWB4trWdW/s2yv6hIt7m0USUYQk5fLGDHpSjvlsiVFNOsQuGS0Q
8+iDrjxJOK0YO5mjxTxUdfx3kqavrolcs3Q7W2GBINnsgUeXmgnCP81WCZyUqZ2t
/EEkelPS5vrOT/Qp6Un44oF+yhs3zgX6ZeiwnepDQVMaCOqLQka/PFXCCpAx/vu1
uO8+tlu0kds1UZalNpJbHMtmant+GPf7FcL7VKS0d2xseEw97hy7TVDE4SK07jzV
kDHL6UGCpFsq
-----END CERTIFICATE-----
Generated at Tue Apr 29 05:54:52 2025 by rpki-client