Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4w9vGLVW3KHkkxrfyMd6k--LSOU.roa
File: 4w9vGLVW3KHkkxrfyMd6k--LSOU.roa (raw, json)
Hash identifier: bcUYoiIyo6E1mfXbgeaHR2GTI+WUfahe1sy7/Q+6o3k=
Subject key identifier: E3:0F:6F:18:B5:56:DC:A1:E4:93:1A:DF:C8:C7:7A:93:EF:8B:48:E5
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019682175AF8B55B06F72D2A6816104C266E
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4w9vGLVW3KHkkxrfyMd6k--LSOU.roa
Signing time: Tue 29 Apr 2025 15:08:10 +0000
ROA not before: Tue 29 Apr 2025 15:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 31.56.114.0/24 maxlen: 24
31.56.157.0/24 maxlen: 24
31.56.200.0/24 maxlen: 24
31.56.201.0/24 maxlen: 24
31.56.202.0/24 maxlen: 24
31.56.226.0/24 maxlen: 24
31.57.133.0/24 maxlen: 24
31.57.136.0/24 maxlen: 24
31.57.138.0/24 maxlen: 24
31.57.143.0/24 maxlen: 24
31.58.129.0/24 maxlen: 24
31.58.138.0/23 maxlen: 24
31.58.150.0/24 maxlen: 24
31.58.154.0/24 maxlen: 24
31.58.165.0/24 maxlen: 24
31.59.43.0/24 maxlen: 24
31.59.56.0/24 maxlen: 24
31.59.97.0/24 maxlen: 24
31.59.112.0/24 maxlen: 24
31.59.113.0/24 maxlen: 24
31.59.115.0/24 maxlen: 24
31.59.130.0/24 maxlen: 24
31.59.144.0/22 maxlen: 24
31.59.187.0/24 maxlen: 24
31.59.229.0/24 maxlen: 24
31.59.231.0/24 maxlen: 24
31.59.233.0/24 maxlen: 24
31.59.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 12:57:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:17:5a:f8:b5:5b:06:f7:2d:2a:68:16:10:4c:26:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Apr 29 15:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e30f6f18b556dca1e4931adfc8c77a93ef8b48e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:72:84:2d:7c:35:74:e7:1c:ee:e2:91:0d:f3:
d1:96:8e:54:51:b1:9a:ba:c6:92:81:b4:92:c9:84:
e3:51:7c:c9:c1:07:9b:85:d6:41:bf:49:bd:de:ed:
7b:2d:8e:1a:81:c4:ac:f1:31:48:2c:7b:9a:ac:89:
5d:a0:69:ef:d5:58:45:2a:97:62:76:d1:ed:ae:ad:
ae:d8:1e:be:9c:9a:f0:30:bb:f6:8b:71:20:a2:ea:
8d:af:77:3a:79:c3:45:34:a2:dd:ce:cb:0f:7f:15:
de:f4:5f:97:92:f2:39:f8:ec:86:48:72:90:63:b6:
48:5a:23:a5:0c:26:3e:9f:b6:12:75:1b:c2:d4:16:
61:31:18:9a:c3:d6:b9:53:0f:b1:1d:85:7c:db:ec:
b8:f7:f7:c5:cc:a1:89:29:0c:90:ff:1b:05:18:98:
92:49:98:7d:73:b1:df:b2:26:8e:ac:27:a7:de:08:
ba:9f:af:a0:b3:55:d7:f9:4b:d5:cb:57:31:ce:8a:
7a:21:f2:0d:97:75:e3:12:d6:53:f0:1f:16:ee:56:
cd:72:50:c6:40:a8:9b:d1:21:81:62:4c:d7:87:b1:
05:ee:f4:58:d9:6f:e6:73:96:d2:50:25:9b:db:68:
0e:c8:3a:7d:77:63:88:45:7d:9f:75:97:fa:22:99:
4d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:0F:6F:18:B5:56:DC:A1:E4:93:1A:DF:C8:C7:7A:93:EF:8B:48:E5
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/4w9vGLVW3KHkkxrfyMd6k--LSOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.114.0/24
31.56.157.0/24
31.56.200.0-31.56.202.255
31.56.226.0/24
31.57.133.0/24
31.57.136.0/24
31.57.138.0/24
31.57.143.0/24
31.58.129.0/24
31.58.138.0/23
31.58.150.0/24
31.58.154.0/24
31.58.165.0/24
31.59.43.0/24
31.59.56.0/24
31.59.97.0/24
31.59.112.0/23
31.59.115.0/24
31.59.130.0/24
31.59.144.0/22
31.59.187.0/24
31.59.229.0/24
31.59.231.0/24
31.59.233.0/24
31.59.245.0/24
Signature Algorithm: sha256WithRSAEncryption
07:1d:96:53:ee:bb:fb:fe:0e:17:48:9c:81:86:37:07:75:b4:
a4:e1:8f:80:ee:ef:d1:d8:cf:cf:4e:ba:7f:ab:71:8d:f1:90:
c6:de:13:d6:ea:c3:8a:cc:1e:13:50:29:21:9f:77:41:bd:4c:
ae:1b:05:cc:73:44:89:a3:07:92:e7:d5:c2:89:b0:11:34:e4:
85:69:a4:05:da:db:4a:bd:72:d7:55:af:ed:b0:ef:61:37:17:
98:01:84:da:16:c0:91:f0:81:56:09:15:03:f8:28:e1:f4:10:
60:47:24:56:c3:23:90:11:87:a8:a7:19:a1:c9:b5:1e:8c:8d:
6d:48:54:67:9f:58:de:1c:5c:15:97:77:53:00:6a:3c:54:c9:
41:5c:9a:b8:ba:97:db:3e:ab:c7:cc:98:bb:c2:fe:5d:d3:35:
75:1b:84:2d:85:42:0f:4e:42:be:34:ea:0e:22:44:eb:11:b7:
86:ec:2a:68:ed:ab:eb:5f:91:09:cf:c3:77:fb:a5:11:13:64:
60:e8:2e:45:20:8a:c9:4c:04:41:39:c1:26:00:c9:8d:6b:b6:
ba:75:02:08:a4:3e:e9:a4:3e:00:c0:f9:2c:10:8b:68:c7:fb:
92:bb:ab:70:3c:f1:31:8c:3f:7c:f3:90:85:56:55:2e:c3:d4:
f5:2a:d4:76
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZaCF1r4tVsG9y0qaBYQTCZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNDI5MTUwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzBmNmYxOGI1NTZkY2ExZTQ5MzFhZGZjOGM3N2E5M2VmOGI0OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznKELXw1dOcc7uKRDfPRlo5UUbGa
usaSgbSSyYTjUXzJwQebhdZBv0m93u17LY4agcSs8TFILHuarIldoGnv1VhFKpdi
dtHtrq2u2B6+nJrwMLv2i3EgouqNr3c6ecNFNKLdzssPfxXe9F+XkvI5+OyGSHKQ
Y7ZIWiOlDCY+n7YSdRvC1BZhMRiaw9a5Uw+xHYV82+y49/fFzKGJKQyQ/xsFGJiS
SZh9c7HfsiaOrCen3gi6n6+gs1XX+UvVy1cxzop6IfINl3XjEtZT8B8W7lbNclDG
QKib0SGBYkzXh7EF7vRY2W/mc5bSUCWb22gOyDp9d2OIRX2fdZf6IplNRwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFOMPbxi1Vtyh5JMa38jHepPvi0jlMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvNHc5dkdMVlczS0hra3hyZnlNZDZrLS1MU09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAf
OHIDBAAfOJ0wDAMEAx84yAMEAB84ygMEAB844gMEAB85hQMEAB85iAMEAB85igME
AB85jwMEAB86gQMEAR86igMEAB86lgMEAB86mgMEAB86pQMEAB87KwMEAB87OAME
AB87YQMEAR87cAMEAB87cwMEAB87ggMEAh87kAMEAB87uwMEAB875QMEAB875wME
AB876QMEAB879TANBgkqhkiG9w0BAQsFAAOCAQEABx2WU+67+/4OF0icgYY3B3W0
pOGPgO7v0djPz066f6txjfGQxt4T1urDisweE1ApIZ93Qb1MrhsFzHNEiaMHkufV
womwETTkhWmkBdrbSr1y11Wv7bDvYTcXmAGE2hbAkfCBVgkVA/go4fQQYEckVsMj
kBGHqKcZocm1HoyNbUhUZ59Y3hxcFZd3UwBqPFTJQVyauLqX2z6rx8yYu8L+XdM1
dRuELYVCD05CvjTqDiJE6xG3huwqaO2r61+RCc/Dd/ulERNkYOguRSCKyUwEQTnB
JgDJjWu2unUCCKQ+6aQ+AMD5LBCLaMf7krurcDzxMYw/fPOQhVZVLsPU9SrUdg==
-----END CERTIFICATE-----
Generated at Mon May 12 21:41:48 2025 by rpki-client