Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jHqB51H6SXN5Cchl9MfAhuRRess.roa
File: jHqB51H6SXN5Cchl9MfAhuRRess.roa (raw, json)
Hash identifier: AyItaJaOggNc+GJVdW+noLYR5mGanT3WHym0/2EAN8w=
Subject key identifier: 8C:7A:81:E7:51:FA:49:73:79:09:C8:65:F4:C7:C0:86:E4:51:7A:CB
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196A9CD5EB0201F3F1128B4E344F3B2B00C
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jHqB51H6SXN5Cchl9MfAhuRRess.roa
Signing time: Wed 07 May 2025 08:12:10 +0000
ROA not before: Wed 07 May 2025 08:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 31.56.196.0/22 maxlen: 24
31.58.36.0/22 maxlen: 24
31.58.44.0/22 maxlen: 24
31.58.52.0/22 maxlen: 24
31.58.60.0/22 maxlen: 24
31.59.196.0/22 maxlen: 24
31.59.200.0/22 maxlen: 24
31.59.204.0/22 maxlen: 24
31.59.208.0/22 maxlen: 24
31.59.212.0/22 maxlen: 24
31.59.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 05:04:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:cd:5e:b0:20:1f:3f:11:28:b4:e3:44:f3:b2:b0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 7 08:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c7a81e751fa49737909c865f4c7c086e4517acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:f7:ff:39:d4:d1:2f:b0:4e:bc:b4:59:b3:
5f:16:72:bf:bb:ce:0c:f1:df:9f:33:a3:fd:7d:0d:
fb:0f:10:7d:84:95:8f:8d:46:ce:7d:31:91:fd:e4:
47:92:72:df:3c:d6:96:27:3d:75:e4:72:f5:91:2f:
79:8b:af:ee:91:52:bb:08:81:fd:4d:78:61:9c:6f:
d9:c1:fc:eb:99:06:16:5a:34:32:22:c9:b1:95:fd:
24:66:cf:8b:0e:b5:48:dd:d0:2c:11:6f:9c:55:63:
d2:cc:ee:4a:b6:9b:b6:75:b7:d0:bb:5a:ec:40:ca:
1d:63:8a:93:f0:1b:3d:f4:52:8c:29:db:4d:bc:27:
14:ea:46:86:94:25:23:9d:a0:92:c6:3c:86:34:1c:
56:2d:33:3a:2b:dd:73:cd:0a:e9:b2:03:d9:17:9e:
a9:a9:46:ee:01:38:aa:6e:0c:24:13:0a:80:a8:52:
8d:ec:0c:37:c8:be:12:04:74:13:91:7c:38:d6:6f:
f8:74:e9:69:83:1e:ae:89:c0:44:90:8a:ec:60:6a:
71:f9:c2:ae:05:31:a9:9c:95:93:6d:42:c7:7b:42:
98:5e:0d:57:2a:b6:f2:4e:a0:3a:e5:d5:a0:5c:3c:
b0:68:f8:d5:e9:90:ef:e8:99:5b:1c:cb:c1:13:eb:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7A:81:E7:51:FA:49:73:79:09:C8:65:F4:C7:C0:86:E4:51:7A:CB
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/jHqB51H6SXN5Cchl9MfAhuRRess.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.196.0/22
31.58.36.0/22
31.58.44.0/22
31.58.52.0/22
31.58.60.0/22
31.59.196.0-31.59.215.255
31.59.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:fc:a9:14:32:94:0a:31:31:32:a1:af:aa:f3:de:ce:aa:62:
55:86:7a:2f:27:4e:42:c5:23:6d:82:70:24:4c:08:be:21:56:
a1:bd:14:49:24:0f:02:f1:97:5d:fc:82:5d:ef:06:e5:dd:16:
f5:d8:4a:80:5b:12:4f:9e:10:04:45:b3:0d:07:57:2a:24:e3:
fa:d5:b0:0c:49:22:23:20:ca:a5:7a:33:25:73:0d:90:2c:86:
d1:a9:79:3c:8e:dd:6c:65:dc:b5:09:e5:01:4f:66:8f:4a:f4:
6a:4f:b0:ff:7a:ca:07:7f:07:90:d7:60:7c:29:d0:8d:ea:81:
96:fd:d2:f6:c2:2d:66:3e:d9:58:ee:bc:59:44:5c:ae:87:ba:
14:a4:0d:4a:de:e0:cf:7b:86:f7:78:b9:47:50:7e:02:48:39:
09:db:43:1b:bb:ce:91:f0:92:ed:40:eb:10:53:36:e8:7a:be:
d9:1c:44:51:7a:85:d8:a9:e8:13:3e:cc:c4:44:7d:ad:82:fb:
8b:a6:a4:fb:35:35:b9:5f:4f:7a:cd:7e:76:3a:22:29:87:39:
c9:c2:52:35:22:f2:12:26:dd:ba:7e:5b:29:8b:4f:bd:1c:67:
f6:66:a6:78:1f:87:27:75:b6:fb:a3:f3:63:4b:14:6d:b1:c0:
26:b2:9c:3f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZapzV6wIB8/ESi040TzsrAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTA3MDgxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdhODFlNzUxZmE0OTczNzkwOWM4NjVmNGM3YzA4NmU0NTE3YWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbn3/znU0S+wTry0WbNfFnK/u84M
8d+fM6P9fQ37DxB9hJWPjUbOfTGR/eRHknLfPNaWJz115HL1kS95i6/ukVK7CIH9
TXhhnG/ZwfzrmQYWWjQyIsmxlf0kZs+LDrVI3dAsEW+cVWPSzO5Ktpu2dbfQu1rs
QModY4qT8Bs99FKMKdtNvCcU6kaGlCUjnaCSxjyGNBxWLTM6K91zzQrpsgPZF56p
qUbuATiqbgwkEwqAqFKN7Aw3yL4SBHQTkXw41m/4dOlpgx6uicBEkIrsYGpx+cKu
BTGpnJWTbULHe0KYXg1XKrbyTqA65dWgXDywaPjV6ZDv6JlbHMvBE+v9NQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIx6gedR+klzeQnIZfTHwIbkUXrLMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvakhxQjUxSDZTWE41Q2NobDlNZkFodVJSZXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCHzjEAwQC
HzokAwQCHzosAwQCHzo0AwQCHzo8MAwDBAIfO8QDBAMfO9ADBAIfO9wwDQYJKoZI
hvcNAQELBQADggEBAKD8qRQylAoxMTKhr6rz3s6qYlWGei8nTkLFI22CcCRMCL4h
VqG9FEkkDwLxl138gl3vBuXdFvXYSoBbEk+eEARFsw0HVyok4/rVsAxJIiMgyqV6
MyVzDZAshtGpeTyO3Wxl3LUJ5QFPZo9K9GpPsP96ygd/B5DXYHwp0I3qgZb90vbC
LWY+2VjuvFlEXK6HuhSkDUre4M97hvd4uUdQfgJIOQnbQxu7zpHwku1A6xBTNuh6
vtkcRFF6hdip6BM+zMREfa2C+4umpPs1NblfT3rNfnY6IimHOcnCUjUi8hIm3bp+
WymLT70cZ/Zmpngfhyd1tvuj82NLFG2xwCaynD8=
-----END CERTIFICATE-----
Generated at Fri May 9 15:07:27 2025 by rpki-client