Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u7DaDdVldfh3bhXk1gmSoV5oYbE.roa
File: u7DaDdVldfh3bhXk1gmSoV5oYbE.roa (raw, json)
Hash identifier: zWPnqTAyWO/0ISVeBy2v1nHHtc8KRv8JeYPNrNmhh6o=
Subject key identifier: BB:B0:DA:0D:D5:65:75:F8:77:6E:15:E4:D6:09:92:A1:5E:68:61:B1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019616C10B4FED53C04492980C21446756CA
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u7DaDdVldfh3bhXk1gmSoV5oYbE.roa
Signing time: Tue 08 Apr 2025 18:54:32 +0000
ROA not before: Tue 08 Apr 2025 18:54:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 31.56.114.0/24 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.201.0/24 maxlen: 24
31.57.133.0/24 maxlen: 24
31.57.136.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.144.0/22 maxlen: 24
31.59.187.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:16:c1:0b:4f:ed:53:c0:44:92:98:0c:21:44:67:56:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 8 18:54:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbb0da0dd56575f8776e15e4d60992a15e6861b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:69:7e:ca:83:52:51:68:53:81:8d:d0:51:
82:89:5c:50:1f:27:67:ba:ec:67:80:44:3c:e4:ea:
b6:39:63:19:64:f9:3a:91:cd:d1:29:7c:15:84:61:
4a:12:c9:54:ea:17:f1:60:5f:0f:f1:59:36:05:f4:
aa:80:13:2c:41:87:93:24:3d:ba:26:8f:32:46:60:
77:f7:70:12:48:da:32:ce:a0:7e:71:78:2e:ec:77:
33:d0:ca:ea:73:00:80:e8:e5:a0:1f:df:d0:3a:26:
9b:76:5b:06:84:25:fa:78:f4:56:01:f0:de:09:73:
9b:a3:48:c1:ca:1d:fb:57:ea:97:46:55:14:05:4e:
fb:fe:4d:7a:66:b3:c7:20:82:ad:4a:60:a9:2b:41:
58:53:40:3c:4a:8a:0a:ee:86:35:80:a8:f1:d5:95:
d7:a1:ec:6e:76:39:f0:9e:f3:93:65:16:c5:89:70:
67:db:ea:02:29:29:32:94:ac:e4:4e:68:77:c3:80:
7d:4f:e5:fb:44:8a:17:2b:34:cf:4f:a3:65:e3:9d:
a6:bb:98:44:d2:0d:b9:83:02:ff:b1:4a:fe:04:e2:
8a:ba:03:60:04:b1:50:e1:92:f2:6f:1c:bd:53:1f:
f4:b4:5d:d0:09:a1:cb:a1:b1:88:5a:56:6e:91:fc:
a5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B0:DA:0D:D5:65:75:F8:77:6E:15:E4:D6:09:92:A1:5E:68:61:B1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/u7DaDdVldfh3bhXk1gmSoV5oYbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.114.0/24
31.56.157.0/24
31.56.201.0/24
31.57.133.0/24
31.57.136.0/24
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.43.0/24
31.59.56.0/24
31.59.97.0/24
31.59.112.0/23
31.59.115.0/24
31.59.130.0/24
31.59.144.0/22
31.59.187.0/24
31.59.229.0/24
31.59.231.0/24
31.59.245.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:90:3a:75:c0:6d:fa:4e:c4:c0:7f:a4:0a:48:16:87:32:bc:
da:ac:dc:21:bb:64:d6:f3:de:5f:d4:63:65:be:ae:a0:0a:6e:
ef:a5:e7:5f:b8:38:27:a2:e2:38:81:b9:cf:3f:06:0d:8e:25:
0d:94:28:54:4b:97:a6:50:b5:ea:0e:f8:24:de:00:17:09:19:
4f:b7:84:65:ed:f0:64:78:ae:f4:57:e1:ca:0e:9e:66:7c:e0:
f5:a8:0c:18:1f:7f:9d:c6:45:7e:15:5b:69:a9:70:c2:99:54:
b8:44:1c:ad:b7:4a:26:ab:12:15:b6:6d:fe:c7:53:65:4b:51:
23:16:9e:40:9f:36:2e:76:09:ef:13:62:40:bd:c2:d5:55:26:
d8:18:f6:05:50:d1:45:f3:79:d2:ea:13:3a:65:44:af:a7:74:
9e:9a:3c:19:1d:66:78:64:e9:e1:b4:24:0a:18:20:37:1d:cd:
9b:d4:00:a7:3b:86:b8:4f:6e:a0:ab:66:3a:6f:ae:81:0b:52:
66:db:4e:e3:1f:e4:7f:d1:2b:03:cf:68:df:30:99:ca:69:6e:
59:04:a3:a8:38:ab:92:63:ce:24:42:1d:7b:74:57:7d:52:fa:
31:39:31:c1:56:99:50:9e:3e:6a:c3:dd:77:cb:ee:6e:22:5f:
52:91:89:78
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZYWwQtP7VPARJKYDCFEZ1bKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDA4MTg1NDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmIwZGEwZGQ1NjU3NWY4Nzc2ZTE1ZTRkNjA5OTJhMTVlNjg2MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjNpfsqDUlFoU4GN0FGCiVxQHydn
uuxngEQ85Oq2OWMZZPk6kc3RKXwVhGFKEslU6hfxYF8P8Vk2BfSqgBMsQYeTJD26
Jo8yRmB393ASSNoyzqB+cXgu7Hcz0MrqcwCA6OWgH9/QOiabdlsGhCX6ePRWAfDe
CXObo0jByh37V+qXRlUUBU77/k16ZrPHIIKtSmCpK0FYU0A8SooK7oY1gKjx1ZXX
oexudjnwnvOTZRbFiXBn2+oCKSkylKzkTmh3w4B9T+X7RIoXKzTPT6Nl452mu5hE
0g25gwL/sUr+BOKKugNgBLFQ4ZLybxy9Ux/0tF3QCaHLobGIWlZukfylRwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLuw2g3VZXX4d24V5NYJkqFeaGGxMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdTdEYURkVmxkZmgzYmhYazFnbVNvVjVvWWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAB84
cgMEAB84nQMEAB84yQMEAB85hQMEAB85iAMEAB86gQMEAR86igMEAB86lgMEAB86
mgMEAB86pQMEAB87KwMEAB87OAMEAB87YQMEAR87cAMEAB87cwMEAB87ggMEAh87
kAMEAB87uwMEAB875QMEAB875wMEAB879TANBgkqhkiG9w0BAQsFAAOCAQEAi5A6
dcBt+k7EwH+kCkgWhzK82qzcIbtk1vPeX9RjZb6uoApu76XnX7g4J6LiOIG5zz8G
DY4lDZQoVEuXplC16g74JN4AFwkZT7eEZe3wZHiu9Ffhyg6eZnzg9agMGB9/ncZF
fhVbaalwwplUuEQcrbdKJqsSFbZt/sdTZUtRIxaeQJ82LnYJ7xNiQL3C1VUm2Bj2
BVDRRfN50uoTOmVEr6d0npo8GR1meGTp4bQkChggNx3Nm9QApzuGuE9uoKtmOm+u
gQtSZttO4x/kf9ErA89o3zCZymluWQSjqDirkmPOJEIde3RXfVL6MTkxwVaZUJ4+
asPdd8vubiJfUpGJeA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:14 2025 by rpki-client