Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NI74Hx9mQ9Jz6uwK5hPRUTZ1F9w.roa
File: NI74Hx9mQ9Jz6uwK5hPRUTZ1F9w.roa (raw, json)
Hash identifier: i6K7rQ6eiJw8maMVQFhEBI8Sak04BahFo/aGxIUd7Ns=
Subject key identifier: 34:8E:F8:1F:1F:66:43:D2:73:EA:EC:0A:E6:13:D1:51:36:75:17:DC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01968CD1F05BDF485EA237F37B204A86B44C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NI74Hx9mQ9Jz6uwK5hPRUTZ1F9w.roa
Signing time: Thu 01 May 2025 17:08:10 +0000
ROA not before: Thu 01 May 2025 17:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 31.56.23.0/24 maxlen: 24
31.56.42.0/23 maxlen: 23
31.56.180.0/23 maxlen: 23
31.56.190.0/23 maxlen: 23
31.56.220.0/23 maxlen: 23
31.56.224.0/23 maxlen: 23
31.56.230.0/23 maxlen: 23
31.56.236.0/23 maxlen: 23
31.57.120.0/23 maxlen: 23
31.57.126.0/23 maxlen: 23
31.58.87.0/24 maxlen: 24
31.58.220.0/23 maxlen: 23
31.59.138.0/23 maxlen: 23
31.59.168.0/23 maxlen: 23
31.59.173.0/24 maxlen: 24
31.59.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:d1:f0:5b:df:48:5e:a2:37:f3:7b:20:4a:86:b4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 1 17:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=348ef81f1f6643d273eaec0ae613d151367517dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:64:71:82:3d:8a:d8:ea:46:46:62:af:f3:
3c:c3:cf:76:7d:e4:71:f1:72:3b:6d:39:ad:9a:50:
92:0e:b1:da:18:cf:bc:38:77:9f:28:8e:26:a1:13:
87:9a:25:82:62:b0:2d:5b:8d:18:99:66:20:8f:97:
20:a4:0b:d0:38:34:b2:37:11:6d:32:d6:e3:26:64:
40:90:3f:a2:40:4b:3d:0f:60:d2:19:95:b4:56:59:
24:11:84:13:c9:54:aa:3d:1d:03:c2:c4:4f:cf:5e:
1a:aa:52:22:0c:a7:4e:5d:2e:d2:9d:1b:fc:2d:4a:
43:02:c1:3d:0e:87:1c:ec:dd:de:d6:f8:c5:32:b5:
dc:50:84:46:16:03:cc:14:1f:43:a6:b8:c5:90:86:
e9:51:bb:40:c5:9d:03:9e:cd:75:6f:f4:76:04:43:
5f:fd:82:ce:59:8e:6c:91:26:ba:ca:dd:01:b0:9f:
ea:5c:83:24:3c:26:2e:c3:70:39:69:c2:ef:84:ba:
21:3a:e4:f9:82:b0:e7:ae:9d:a8:5b:3f:24:51:c5:
f9:3a:60:1e:a7:f3:30:9b:14:44:1f:05:6c:f8:e6:
52:c1:72:90:e3:85:60:de:9f:37:26:ac:6b:13:7a:
03:b3:ad:d8:5f:f2:cb:c1:9e:59:04:b6:89:ba:e9:
e6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8E:F8:1F:1F:66:43:D2:73:EA:EC:0A:E6:13:D1:51:36:75:17:DC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/NI74Hx9mQ9Jz6uwK5hPRUTZ1F9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.23.0/24
31.56.42.0/23
31.56.180.0/23
31.56.190.0/23
31.56.220.0/23
31.56.224.0/23
31.56.230.0/23
31.56.236.0/23
31.57.120.0/23
31.57.126.0/23
31.58.87.0/24
31.58.220.0/23
31.59.138.0/23
31.59.168.0/23
31.59.173.0-31.59.175.255
Signature Algorithm: sha256WithRSAEncryption
37:4e:53:1a:79:fa:a6:54:15:4f:14:df:43:87:d6:f2:52:5f:
c3:7a:f5:3e:5d:bb:83:93:30:e2:2d:59:12:35:5e:c2:5e:48:
56:63:a6:2e:ce:74:62:e3:bd:48:20:43:bc:38:7b:a6:8b:f0:
a2:89:7c:1c:fc:57:9c:1e:42:5c:f5:42:62:8f:e3:bf:b9:24:
cf:55:1e:8b:97:5c:76:05:b5:aa:07:fb:78:60:04:51:30:5d:
b3:2a:d8:91:31:2d:00:99:13:f8:d0:fb:c1:d2:64:d5:61:61:
ff:bb:90:f3:94:3a:62:3e:90:e0:6e:31:36:1e:f4:ae:a4:6c:
a7:b3:0e:8e:12:29:11:5d:f3:12:88:e5:68:dd:fe:bb:77:97:
28:c3:50:b1:de:9f:97:13:2d:9a:e1:fe:08:1e:b1:81:ae:03:
fc:f2:aa:6c:38:58:74:f2:06:4e:d0:a3:0a:2e:99:4f:c6:d9:
85:6e:62:6f:8f:bb:f9:bb:1e:9d:34:5a:ff:fc:72:8b:36:2e:
86:ef:dc:e6:b8:b6:12:a9:69:22:b9:cd:2c:61:bc:76:96:1f:
5e:d8:9f:45:9e:61:71:07:23:a9:0e:87:a5:4e:92:e1:74:11:
d8:e0:57:22:95:58:6b:09:47:6d:22:6e:e5:38:a3:88:61:00:
b7:a5:70:77
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZaM0fBb30heojfzeyBKhrRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTAxMTcwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDhlZjgxZjFmNjY0M2QyNzNlYWVjMGFlNjEzZDE1MTM2NzUxN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvehkcYI9itjqRkZir/M8w892feRx
8XI7bTmtmlCSDrHaGM+8OHefKI4moROHmiWCYrAtW40YmWYgj5cgpAvQODSyNxFt
MtbjJmRAkD+iQEs9D2DSGZW0VlkkEYQTyVSqPR0DwsRPz14aqlIiDKdOXS7SnRv8
LUpDAsE9Docc7N3e1vjFMrXcUIRGFgPMFB9DprjFkIbpUbtAxZ0Dns11b/R2BENf
/YLOWY5skSa6yt0BsJ/qXIMkPCYuw3A5acLvhLohOuT5grDnrp2oWz8kUcX5OmAe
p/MwmxREHwVs+OZSwXKQ44Vg3p83JqxrE3oDs63YX/LLwZ5ZBLaJuunm+QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFDSO+B8fZkPSc+rsCuYT0VE2dRfcMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvTkk3NEh4OW1ROUp6NnV3SzVoUFJVVFoxRjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAHzgXAwQB
HzgqAwQBHzi0AwQBHzi+AwQBHzjcAwQBHzjgAwQBHzjmAwQBHzjsAwQBHzl4AwQB
Hzl+AwQAHzpXAwQBHzrcAwQBHzuKAwQBHzuoMAwDBAAfO60DBAQfO6AwDQYJKoZI
hvcNAQELBQADggEBADdOUxp5+qZUFU8U30OH1vJSX8N69T5du4OTMOItWRI1XsJe
SFZjpi7OdGLjvUggQ7w4e6aL8KKJfBz8V5weQlz1QmKP47+5JM9VHouXXHYFtaoH
+3hgBFEwXbMq2JExLQCZE/jQ+8HSZNVhYf+7kPOUOmI+kOBuMTYe9K6kbKezDo4S
KRFd8xKI5Wjd/rt3lyjDULHen5cTLZrh/ggesYGuA/zyqmw4WHTyBk7QowoumU/G
2YVuYm+Pu/m7Hp00Wv/8cos2Lobv3Oa4thKpaSK5zSxhvHaWH17Yn0WeYXEHI6kO
h6VOkuF0EdjgVyKVWGsJR20ibuU4o4hhALelcHc=
-----END CERTIFICATE-----
Generated at Sun May 11 17:11:45 2025 by rpki-client