Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uGaFy1B144ipBSSuDLgafu-eCdU.roa
File: uGaFy1B144ipBSSuDLgafu-eCdU.roa (raw, json)
Hash identifier: iP/bkRNTaVUt/Kjn1m5+1a3U2M4uJSlFtRLkrdXykdQ=
Subject key identifier: B8:66:85:CB:50:75:E3:88:A9:05:24:AE:0C:B8:1A:7E:EF:9E:09:D5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196453E9353EC5962A3EC0F52E1B4934CB1
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uGaFy1B144ipBSSuDLgafu-eCdU.roa
Signing time: Thu 17 Apr 2025 19:34:10 +0000
ROA not before: Thu 17 Apr 2025 19:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 31.56.156.0/24 maxlen: 24
31.56.204.0/22 maxlen: 22
31.57.92.0/22 maxlen: 22
31.57.129.0/24 maxlen: 24
31.57.132.0/24 maxlen: 24
31.57.142.0/24 maxlen: 24
31.57.151.0/24 maxlen: 24
31.57.191.0/24 maxlen: 24
31.57.206.0/24 maxlen: 24
31.58.33.0/24 maxlen: 24
31.58.90.0/24 maxlen: 24
31.58.157.0/24 maxlen: 24
31.58.160.0/24 maxlen: 24
31.58.163.0/24 maxlen: 24
31.58.168.0/24 maxlen: 24
31.58.224.0/24 maxlen: 24
31.58.230.0/23 maxlen: 24
31.58.231.0/24 maxlen: 24
31.59.57.0/24 maxlen: 24
31.59.108.0/24 maxlen: 24
31.59.109.0/24 maxlen: 24
31.59.110.0/24 maxlen: 24
31.59.171.0/24 maxlen: 24
31.59.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:3e:93:53:ec:59:62:a3:ec:0f:52:e1:b4:93:4c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 17 19:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b86685cb5075e388a90524ae0cb81a7eef9e09d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:41:6d:fe:4f:57:29:4d:61:62:de:d6:6b:
a5:34:c3:64:d8:4f:4c:7b:f9:3d:e3:5b:f5:50:73:
4a:99:e1:19:9f:4b:60:88:bc:41:80:4e:6b:f4:40:
8f:e0:8c:19:46:fa:b2:6a:e0:f9:42:63:e5:90:4b:
04:0f:76:87:a0:4e:69:4e:0d:1a:48:48:c7:b4:ed:
26:12:16:8b:74:35:3e:28:24:c6:da:27:f1:a7:95:
87:94:2c:44:75:6d:fe:a7:21:12:1d:da:0d:95:95:
80:23:9b:7e:ee:4f:3b:37:36:b1:83:31:7c:ee:2f:
fc:45:8c:4d:6d:63:ad:17:b0:81:56:50:12:6e:a4:
6a:8e:24:85:39:34:d5:86:3e:c5:74:97:00:04:82:
86:07:d4:13:0e:48:7e:d3:ed:a8:cf:66:77:b6:e7:
35:cd:dd:ef:ec:20:9a:1e:07:d3:84:a6:ec:c2:c0:
12:b0:1a:c1:cd:72:df:89:74:71:ec:bd:76:f1:7c:
41:12:a6:04:37:50:3f:90:43:09:86:ec:c9:42:d0:
56:72:f4:5f:d4:bd:56:01:47:4a:d5:8c:83:d4:40:
ba:cb:cc:c0:fd:7e:af:7e:54:6c:2e:d3:d0:d7:85:
d0:5b:fe:94:24:2b:1c:03:9f:14:f5:fc:88:59:4e:
79:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:66:85:CB:50:75:E3:88:A9:05:24:AE:0C:B8:1A:7E:EF:9E:09:D5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/uGaFy1B144ipBSSuDLgafu-eCdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.156.0/24
31.56.204.0/22
31.57.92.0/22
31.57.129.0/24
31.57.132.0/24
31.57.142.0/24
31.57.151.0/24
31.57.191.0/24
31.57.206.0/24
31.58.33.0/24
31.58.90.0/24
31.58.157.0/24
31.58.160.0/24
31.58.163.0/24
31.58.168.0/24
31.58.224.0/24
31.58.230.0/23
31.59.57.0/24
31.59.108.0-31.59.110.255
31.59.171.0/24
31.59.236.0/22
Signature Algorithm: sha256WithRSAEncryption
37:79:81:6c:ac:79:6e:4f:32:df:16:59:cb:a1:df:14:c1:15:
3f:89:3a:59:ff:17:4f:34:ea:62:11:b4:27:58:65:3d:99:a7:
6d:a8:0f:33:2c:02:ad:59:d8:73:ba:f5:24:9f:ef:4e:4f:49:
21:c8:57:8e:83:a6:0d:64:23:e7:8b:3e:a1:5a:76:57:5e:bc:
0b:ef:01:46:fa:58:8e:54:cb:81:87:e7:6b:05:50:bd:b6:21:
cf:3e:1d:70:fa:17:8d:cb:c5:85:e1:25:9a:88:80:3b:34:b5:
ac:8d:97:19:0d:c3:31:72:0d:f9:76:3e:be:40:d8:96:c3:2b:
c7:7c:a3:0c:f3:b4:02:09:88:08:6b:a5:5d:f3:60:7a:3f:b6:
99:a3:6a:08:97:ec:b6:76:93:7c:94:82:14:aa:d9:02:e3:3f:
ad:d7:01:89:98:81:ef:07:6e:19:02:21:d1:79:2c:9d:1b:3d:
b9:4c:47:55:19:12:84:87:2c:a6:88:ee:76:79:49:ba:cb:f2:
05:32:1c:01:91:26:a4:db:2c:cf:df:bf:cb:6e:44:77:1e:3d:
6d:2d:93:78:15:30:8b:6e:80:08:b4:f8:a2:4c:9a:72:89:2a:
9d:83:54:1a:fa:1e:1a:74:44:fc:aa:51:2a:fa:67:89:12:9d:
36:4b:0d:32
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZZFPpNT7Flio+wPUuG0k0yxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDE3MTkzNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODY2ODVjYjUwNzVlMzg4YTkwNTI0YWUwY2I4MWE3ZWVmOWUwOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+dBbf5PVylNYWLe1mulNMNk2E9M
e/k941v1UHNKmeEZn0tgiLxBgE5r9ECP4IwZRvqyauD5QmPlkEsED3aHoE5pTg0a
SEjHtO0mEhaLdDU+KCTG2ifxp5WHlCxEdW3+pyESHdoNlZWAI5t+7k87NzaxgzF8
7i/8RYxNbWOtF7CBVlASbqRqjiSFOTTVhj7FdJcABIKGB9QTDkh+0+2oz2Z3tuc1
zd3v7CCaHgfThKbswsASsBrBzXLfiXRx7L128XxBEqYEN1A/kEMJhuzJQtBWcvRf
1L1WAUdK1YyD1EC6y8zA/X6vflRsLtPQ14XQW/6UJCscA58U9fyIWU55GQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFLhmhctQdeOIqQUkrgy4Gn7vngnVMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdUdhRnkxQjE0NGlwQlNTdURMZ2FmdS1lQ2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAf
OJwDBAIfOMwDBAIfOVwDBAAfOYEDBAAfOYQDBAAfOY4DBAAfOZcDBAAfOb8DBAAf
Oc4DBAAfOiEDBAAfOloDBAAfOp0DBAAfOqADBAAfOqMDBAAfOqgDBAAfOuADBAEf
OuYDBAAfOzkwDAMEAh87bAMEAB87bgMEAB87qwMEAh877DANBgkqhkiG9w0BAQsF
AAOCAQEAN3mBbKx5bk8y3xZZy6HfFMEVP4k6Wf8XTzTqYhG0J1hlPZmnbagPMywC
rVnYc7r1JJ/vTk9JIchXjoOmDWQj54s+oVp2V168C+8BRvpYjlTLgYfnawVQvbYh
zz4dcPoXjcvFheElmoiAOzS1rI2XGQ3DMXIN+XY+vkDYlsMrx3yjDPO0AgmICGul
XfNgej+2maNqCJfstnaTfJSCFKrZAuM/rdcBiZiB7wduGQIh0XksnRs9uUxHVRkS
hIcspojudnlJusvyBTIcAZEmpNssz9+/y25Edx49bS2TeBUwi26ACLT4okyacokq
nYNUGvoeGnRE/KpRKvpniRKdNksNMg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:10:56 2025 by rpki-client