Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_oukaILhzuALSGjPVYzxNklhjBg.roa
File: _oukaILhzuALSGjPVYzxNklhjBg.roa (raw, json)
Hash identifier: bBt9okWFw21Glti6wxA9tCUIVsqRSkmXo4nZtZH/Pug=
Subject key identifier: FE:8B:A4:68:82:E1:CE:E0:0B:48:68:CF:55:8C:F1:36:49:61:8C:18
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019663E84D861E7D4934AE821287590A3F8A
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_oukaILhzuALSGjPVYzxNklhjBg.roa
Signing time: Wed 23 Apr 2025 18:28:10 +0000
ROA not before: Wed 23 Apr 2025 18:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
217.60.239.0/24 maxlen: 24
217.60.243.0/24 maxlen: 24
217.60.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 19:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:e8:4d:86:1e:7d:49:34:ae:82:12:87:59:0a:3f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 23 18:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe8ba46882e1cee00b4868cf558cf13649618c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b8:2d:fc:28:65:7b:46:bd:70:04:e1:0c:0f:
dd:73:c4:51:c1:d2:d3:82:dc:f9:29:7a:b7:a3:37:
54:45:fb:87:3d:dc:cf:de:3f:53:9f:2e:9a:98:c9:
dc:ff:43:95:dd:1c:cc:fe:db:e9:ba:0b:a8:0c:eb:
83:7d:6e:9b:ef:3f:8f:34:f2:3f:43:3e:85:9c:c7:
65:e3:e3:9f:ab:9e:35:46:06:3b:b2:ad:81:82:b2:
c0:71:b8:72:d4:8d:de:1e:ec:dc:a4:29:86:7b:c7:
f1:2b:3f:f5:f1:88:b8:59:1b:b9:b9:5c:2d:d6:33:
3b:cc:33:50:de:28:6a:bd:55:a0:63:8a:45:a2:2c:
4d:2c:74:73:35:ef:a9:0d:c9:77:fb:ec:e0:1c:21:
2c:98:c1:f8:82:0b:6c:04:84:a7:81:7d:c6:a2:fa:
dc:65:da:2f:99:03:db:8d:7e:00:f0:19:d7:e1:6a:
d0:f9:46:97:aa:e7:ad:ad:7d:d9:ee:24:df:86:9b:
22:7c:0b:64:06:cb:47:a6:c9:ea:8d:71:24:fa:c9:
5c:21:15:c1:4e:f1:bc:df:d4:01:bb:33:82:3d:97:
c0:cf:e5:47:1a:cd:b8:06:28:fc:e7:49:32:1e:17:
01:7c:2b:b5:43:bc:55:e7:21:0d:1e:47:97:71:5c:
73:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:8B:A4:68:82:E1:CE:E0:0B:48:68:CF:55:8C:F1:36:49:61:8C:18
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/_oukaILhzuALSGjPVYzxNklhjBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
217.60.199.0/24
217.60.237.0-217.60.239.255
217.60.243.0/24
217.60.246.0/24
Signature Algorithm: sha256WithRSAEncryption
20:94:4b:bc:65:ef:a1:fb:06:95:b6:af:98:29:86:7a:e4:14:
f8:5d:2c:b9:cd:9c:5c:8b:61:66:c3:9b:3d:85:43:87:b9:68:
7b:cf:39:3f:01:52:9c:5e:3f:be:82:39:b2:99:62:4b:8e:c7:
f9:6c:c9:86:a4:f9:8a:04:ff:fa:0a:25:d3:f2:e2:34:94:6a:
36:a4:27:38:1c:f7:73:25:10:44:80:b4:1b:25:a9:06:42:71:
42:a7:60:f7:4e:51:78:78:dd:ce:db:f9:5e:3e:2e:30:db:a2:
1f:c2:61:f3:48:e4:8f:6e:91:2d:a7:b1:a6:0f:55:b7:f0:56:
55:01:2f:af:3a:79:ac:d3:1f:9f:ed:10:7f:9e:c2:45:71:d6:
d4:c3:47:a5:50:0f:45:ee:95:f9:31:0b:3c:ed:33:73:0c:9b:
bc:a5:0c:60:15:5b:7d:4e:1e:7d:16:be:6e:2b:63:3f:e6:65:
05:fe:df:9b:f4:1d:05:bb:8e:48:3f:82:9a:f6:86:32:49:f9:
d3:3b:be:fc:3a:ad:04:e5:a5:0a:2d:cc:c8:f4:bc:7c:91:aa:
91:da:19:f2:a5:b7:55:dc:6a:43:1b:68:ad:3e:7b:0e:4a:73:
12:2b:22:6d:26:26:c2:3b:c8:d2:83:a3:b9:43:61:5c:47:83:
6c:ec:e0:3e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZZj6E2GHn1JNK6CEodZCj+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDIzMTgyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZThiYTQ2ODgyZTFjZWUwMGI0ODY4Y2Y1NThjZjEzNjQ5NjE4YzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybgt/Chle0a9cAThDA/dc8RRwdLT
gtz5KXq3ozdURfuHPdzP3j9Tny6amMnc/0OV3RzM/tvpuguoDOuDfW6b7z+PNPI/
Qz6FnMdl4+Ofq541RgY7sq2BgrLAcbhy1I3eHuzcpCmGe8fxKz/18Yi4WRu5uVwt
1jM7zDNQ3ihqvVWgY4pFoixNLHRzNe+pDcl3++zgHCEsmMH4ggtsBISngX3Govrc
ZdovmQPbjX4A8BnX4WrQ+UaXquetrX3Z7iTfhpsifAtkBstHpsnqjXEk+slcIRXB
TvG839QBuzOCPZfAz+VHGs24Bij850kyHhcBfCu1Q7xV5yENHkeXcVxzmwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFP6LpGiC4c7gC0hoz1WM8TZJYYwYMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvX291a2FJTGh6dUFMU0dqUFZZenhOa2xoakJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAHzrtAwQA
2TzHMAwDBADZPO0DBATZPOADBADZPPMDBADZPPYwDQYJKoZIhvcNAQELBQADggEB
ACCUS7xl76H7BpW2r5gphnrkFPhdLLnNnFyLYWbDmz2FQ4e5aHvPOT8BUpxeP76C
ObKZYkuOx/lsyYak+YoE//oKJdPy4jSUajakJzgc93MlEESAtBslqQZCcUKnYPdO
UXh43c7b+V4+LjDboh/CYfNI5I9ukS2nsaYPVbfwVlUBL686eazTH5/tEH+ewkVx
1tTDR6VQD0XulfkxCzztM3MMm7ylDGAVW31OHn0Wvm4rYz/mZQX+35v0HQW7jkg/
gpr2hjJJ+dM7vvw6rQTlpQotzMj0vHyRqpHaGfKlt1XcakMbaK0+ew5KcxIrIm0m
JsI7yNKDo7lDYVxHg2zs4D4=
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:06:57 2025 by rpki-client