Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dsb741-Dg5sCtyGc3FwnTLHJawo.roa
File: dsb741-Dg5sCtyGc3FwnTLHJawo.roa (raw, json)
Hash identifier: VcXiZNO57jxCQolqqosfXzkjCx/1tu66a9JTM9anfKs=
Subject key identifier: 76:C6:FB:E3:5F:83:83:9B:02:B7:21:9C:DC:5C:27:4C:B1:C9:6B:0A
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196A188ABC3C444BEEFA9FA21BBAB8BB412
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dsb741-Dg5sCtyGc3FwnTLHJawo.roa
Signing time: Mon 05 May 2025 17:40:10 +0000
ROA not before: Mon 05 May 2025 17:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 31.56.113.0/24 maxlen: 24
31.56.154.0/24 maxlen: 24
31.56.158.0/24 maxlen: 24
31.56.159.0/24 maxlen: 24
31.56.168.0/24 maxlen: 24
31.56.169.0/24 maxlen: 24
31.56.170.0/24 maxlen: 24
31.56.171.0/24 maxlen: 24
31.56.174.0/24 maxlen: 24
31.56.175.0/24 maxlen: 24
31.57.24.0/22 maxlen: 24
31.57.28.0/22 maxlen: 24
31.57.48.0/22 maxlen: 24
31.57.52.0/22 maxlen: 24
31.57.56.0/22 maxlen: 24
31.57.60.0/22 maxlen: 24
31.57.105.0/24 maxlen: 24
31.57.106.0/24 maxlen: 24
31.57.107.0/24 maxlen: 24
31.57.108.0/24 maxlen: 24
31.57.109.0/24 maxlen: 24
31.58.34.0/23 maxlen: 24
31.58.212.0/22 maxlen: 24
217.60.0.0/21 maxlen: 24
217.60.0.0/24 maxlen: 24
217.60.1.0/24 maxlen: 24
217.60.2.0/24 maxlen: 24
217.60.4.0/24 maxlen: 24
217.60.5.0/24 maxlen: 24
217.60.6.0/24 maxlen: 24
217.60.12.0/22 maxlen: 24
217.60.12.0/24 maxlen: 24
217.60.13.0/24 maxlen: 24
217.60.14.0/24 maxlen: 24
217.60.24.0/22 maxlen: 24
217.60.36.0/22 maxlen: 24
217.60.60.0/22 maxlen: 24
217.60.60.0/24 maxlen: 24
217.60.61.0/24 maxlen: 24
217.60.62.0/24 maxlen: 24
217.60.63.0/24 maxlen: 24
217.60.188.0/22 maxlen: 24
217.60.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:88:ab:c3:c4:44:be:ef:a9:fa:21:bb:ab:8b:b4:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 5 17:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76c6fbe35f83839b02b7219cdc5c274cb1c96b0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:13:26:0b:23:7f:57:ea:bc:24:1b:d2:be:c3:
6e:b8:93:68:4f:b7:ca:47:a5:cd:92:89:09:97:da:
a2:a2:a2:8c:6a:0e:53:b3:6c:08:b5:14:e4:95:1b:
73:df:51:d0:a7:ce:6b:d5:93:de:a8:e3:8a:8d:9b:
30:50:a2:4c:a4:48:71:cb:28:97:3e:12:a8:60:26:
16:98:8a:fe:c1:00:b1:e9:52:67:c5:84:65:19:b5:
07:68:6a:3b:b3:ad:fe:96:11:be:dd:c3:5b:98:94:
61:0c:cd:40:85:17:29:7a:4e:6c:49:d4:a7:0f:42:
17:8a:20:42:68:94:c3:6d:6d:3c:74:59:8e:6c:a0:
cb:5a:db:3e:05:92:22:ef:97:91:fc:98:1a:d5:08:
25:6e:b1:d1:13:75:e6:71:c4:21:78:77:3c:99:78:
d9:81:bf:40:33:85:c5:8a:d2:5b:87:c4:a7:0b:93:
6b:b3:ba:93:55:0a:0d:f3:08:c5:3b:b8:93:20:04:
09:ba:51:f5:af:be:12:32:6b:c5:47:8f:16:69:51:
ad:fa:75:59:2e:f6:76:f1:ce:07:fa:d1:ab:76:97:
c6:df:c8:78:7f:35:e2:e8:12:81:d8:24:79:a2:c0:
07:d7:69:eb:4a:f3:03:06:a6:c0:0d:bc:f5:f5:8c:
ce:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C6:FB:E3:5F:83:83:9B:02:B7:21:9C:DC:5C:27:4C:B1:C9:6B:0A
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/dsb741-Dg5sCtyGc3FwnTLHJawo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.113.0/24
31.56.154.0/24
31.56.158.0/23
31.56.168.0/22
31.56.174.0/23
31.57.24.0/21
31.57.48.0/20
31.57.105.0-31.57.109.255
31.58.34.0/23
31.58.212.0/22
217.60.0.0/21
217.60.12.0/22
217.60.24.0/22
217.60.36.0/22
217.60.60.0/22
217.60.188.0-217.60.195.255
Signature Algorithm: sha256WithRSAEncryption
89:cc:04:33:f3:5c:32:a4:2c:b6:a1:e6:3e:90:d4:bc:4e:46:
0e:4d:85:71:23:52:a8:be:aa:8c:d5:d7:b9:81:b6:e0:c2:36:
42:04:cf:84:67:fd:cd:d6:60:c7:35:15:c4:2b:3e:38:5b:ed:
e2:7e:de:c3:e9:23:0e:91:79:34:f7:e4:82:fe:82:f9:29:37:
6b:38:05:51:8b:e0:a0:dc:5c:fb:96:f6:71:0c:b8:e0:c5:2f:
a0:83:f9:df:cb:f2:56:fc:ef:43:cc:b5:95:96:f1:37:ee:bd:
c9:c5:0e:46:80:17:a8:07:12:35:21:cb:00:4d:1a:40:b3:f4:
f4:98:35:72:48:7e:5a:cf:9b:34:8a:a9:3a:80:16:31:96:13:
5a:1f:44:df:c8:02:e0:58:01:3a:db:8d:67:e6:84:21:16:09:
2e:a7:cc:fb:d5:c2:79:05:ab:af:db:1c:11:95:de:6f:b9:cf:
20:51:7b:3d:59:d1:4a:8f:58:2f:aa:d6:2b:8d:67:44:f0:27:
8a:29:6f:8d:ab:93:68:25:25:f4:35:44:42:cd:51:ed:89:d4:
bd:89:67:11:16:ba:89:95:78:42:1b:73:c2:43:6f:f0:40:3c:
0f:ce:06:79:91:4b:c5:18:2c:03:4b:d7:61:8b:4d:d7:17:0e:
0c:04:f2:09
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZahiKvDxES+76n6Iburi7QSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA1MTc0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmM2ZmJlMzVmODM4MzliMDJiNzIxOWNkYzVjMjc0Y2IxYzk2YjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxMmCyN/V+q8JBvSvsNuuJNoT7fK
R6XNkokJl9qioqKMag5Ts2wItRTklRtz31HQp85r1ZPeqOOKjZswUKJMpEhxyyiX
PhKoYCYWmIr+wQCx6VJnxYRlGbUHaGo7s63+lhG+3cNbmJRhDM1AhRcpek5sSdSn
D0IXiiBCaJTDbW08dFmObKDLWts+BZIi75eR/Jga1QglbrHRE3XmccQheHc8mXjZ
gb9AM4XFitJbh8SnC5Nrs7qTVQoN8wjFO7iTIAQJulH1r74SMmvFR48WaVGt+nVZ
LvZ28c4H+tGrdpfG38h4fzXi6BKB2CR5osAH12nrSvMDBqbADbz19YzO/QIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFHbG++Nfg4ObArchnNxcJ0yxyWsKMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvZHNiNzQxLURnNXNDdHlHYzNGd25UTEhKYXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAB84cQME
AB84mgMEAR84ngMEAh84qAMEAR84rgMEAx85GAMEBB85MDAMAwQAHzlpAwQBHzls
AwQBHzoiAwQCHzrUAwQD2TwAAwQC2TwMAwQC2TwYAwQC2TwkAwQC2Tw8MAwDBALZ
PLwDBALZPMAwDQYJKoZIhvcNAQELBQADggEBAInMBDPzXDKkLLah5j6Q1LxORg5N
hXEjUqi+qozV17mBtuDCNkIEz4Rn/c3WYMc1FcQrPjhb7eJ+3sPpIw6ReTT35IL+
gvkpN2s4BVGL4KDcXPuW9nEMuODFL6CD+d/L8lb870PMtZWW8TfuvcnFDkaAF6gH
EjUhywBNGkCz9PSYNXJIflrPmzSKqTqAFjGWE1ofRN/IAuBYATrbjWfmhCEWCS6n
zPvVwnkFq6/bHBGV3m+5zyBRez1Z0UqPWC+q1iuNZ0TwJ4opb42rk2glJfQ1RELN
Ue2J1L2JZxEWuomVeEIbc8JDb/BAPA/OBnmRS8UYLANL12GLTdcXDgwE8gk=
-----END CERTIFICATE-----
Generated at Sun May 11 07:44:50 2025 by rpki-client