Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWSrA2qr-rv2IcVX_f0_k0FQyKE.roa
File: tWSrA2qr-rv2IcVX_f0_k0FQyKE.roa (raw, json)
Hash identifier: XIijKs/UAdbEj0zJMPgpGho1c8Ya8F8kLDOtagouVdY=
Subject key identifier: B5:64:AB:03:6A:AB:FA:BB:F6:21:C5:57:FD:FD:3F:93:41:50:C8:A1
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 0196C05AAFA53C3994C82568E7136DC40BCB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWSrA2qr-rv2IcVX_f0_k0FQyKE.roa
Signing time: Sun 11 May 2025 17:18:10 +0000
ROA not before: Sun 11 May 2025 17:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211407
IP address blocks: 31.56.78.0/24 maxlen: 24
31.57.178.0/24 maxlen: 24
31.57.183.0/24 maxlen: 24
31.58.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:5a:af:a5:3c:39:94:c8:25:68:e7:13:6d:c4:0b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 11 17:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b564ab036aabfabbf621c557fdfd3f934150c8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:3b:28:42:aa:35:fc:4d:33:cc:86:2c:85:
d4:b8:58:11:6f:f1:0d:ec:45:28:87:de:f6:fd:06:
15:6e:df:27:f0:9a:05:23:4e:95:b1:4b:ac:70:83:
a5:66:8a:52:e1:7b:a5:fb:07:82:9f:3e:4a:a7:24:
16:87:98:28:a5:5f:c1:a8:8d:06:ba:80:2c:b0:96:
b7:a3:a9:2e:00:ca:21:db:9f:34:60:e3:93:2b:71:
68:bc:ed:41:b3:e3:c7:88:88:f0:90:19:a6:92:8a:
70:4e:ec:22:ea:91:9b:49:e4:61:b0:b1:e4:7c:36:
65:38:30:20:1d:c0:05:3f:7e:e9:d1:7f:cd:f5:e8:
00:2d:94:b8:34:6f:94:fa:e8:79:a1:0a:80:4f:cc:
aa:2b:80:13:b5:c0:3f:03:c3:cc:b7:44:43:e7:d9:
99:08:08:cd:fc:23:63:4c:77:52:e2:db:da:b1:bf:
8d:e9:9f:46:5e:43:b0:a8:a9:83:68:2d:7f:3b:1a:
96:18:58:ce:91:ef:90:73:7f:5b:ee:a0:3d:57:cd:
32:47:80:ef:b8:8e:87:99:76:f2:5f:ac:84:fc:63:
b7:62:90:94:87:14:90:f1:e8:4f:05:de:b8:90:8c:
bc:36:46:52:ea:6b:95:fe:9e:8d:dc:6b:6d:4d:59:
4d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:AB:03:6A:AB:FA:BB:F6:21:C5:57:FD:FD:3F:93:41:50:C8:A1
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tWSrA2qr-rv2IcVX_f0_k0FQyKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.78.0/24
31.57.178.0/24
31.57.183.0/24
31.58.158.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:87:a2:e7:49:a5:7d:5d:69:67:ec:d5:77:15:d3:42:de:fe:
91:36:5b:06:fe:a2:4e:2c:4d:3f:78:a2:d6:d0:f2:2a:7d:6c:
de:81:b4:ef:1f:60:84:ad:0c:0b:78:0f:38:b6:35:4d:9f:04:
a6:25:2f:8f:e4:6e:35:5e:82:4a:90:f9:98:23:da:14:44:b1:
57:09:63:70:24:01:f7:fd:16:2c:19:70:08:e7:e8:50:0e:14:
5f:53:b6:4c:b1:d6:64:0e:95:e4:cb:19:8d:3e:ec:08:d6:68:
f0:b6:cb:08:15:e7:c2:8f:4d:4a:a5:8d:2d:fe:f9:69:76:84:
29:d5:bd:37:fc:c8:aa:85:e2:65:5e:12:e9:8a:ca:5b:eb:09:
2f:1d:51:8b:0c:25:eb:17:af:0b:e5:c8:c5:56:00:6f:51:72:
39:df:9a:64:c1:d1:d4:86:36:b0:b9:10:17:02:35:1e:18:aa:
b6:60:66:fe:3d:7a:59:67:8d:4f:be:72:2c:6c:13:63:3b:af:
ed:56:31:b5:83:52:13:2a:75:96:eb:e3:c7:0d:28:84:72:d1:
84:ae:c3:4b:b6:24:20:0e:b3:6d:c2:85:97:fe:1f:be:68:be:
05:a6:86:7e:1d:63:0d:95:59:47:4b:1f:05:f0:7b:c4:75:ca:
30:92:f8:59
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZbAWq+lPDmUyCVo5xNtxAvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNTExMTcxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTY0YWIwMzZhYWJmYWJiZjYyMWM1NTdmZGZkM2Y5MzQxNTBjOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvA7KEKqNfxNM8yGLIXUuFgRb/EN
7EUoh972/QYVbt8n8JoFI06VsUuscIOlZopS4Xul+weCnz5KpyQWh5gopV/BqI0G
uoAssJa3o6kuAMoh2580YOOTK3FovO1Bs+PHiIjwkBmmkopwTuwi6pGbSeRhsLHk
fDZlODAgHcAFP37p0X/N9egALZS4NG+U+uh5oQqAT8yqK4ATtcA/A8PMt0RD59mZ
CAjN/CNjTHdS4tvasb+N6Z9GXkOwqKmDaC1/OxqWGFjOke+Qc39b7qA9V80yR4Dv
uI6HmXbyX6yE/GO3YpCUhxSQ8ehPBd64kIy8NkZS6muV/p6N3GttTVlN8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLVkqwNqq/q79iHFV/39P5NBUMihMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdFdTckEycXItcnYySWNWWF9mMF9rMEZReUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAHzhOAwQA
HzmyAwQAHzm3AwQAHzqeMA0GCSqGSIb3DQEBCwUAA4IBAQC1h6LnSaV9XWln7NV3
FdNC3v6RNlsG/qJOLE0/eKLW0PIqfWzegbTvH2CErQwLeA84tjVNnwSmJS+P5G41
XoJKkPmYI9oURLFXCWNwJAH3/RYsGXAI5+hQDhRfU7ZMsdZkDpXkyxmNPuwI1mjw
tssIFefCj01KpY0t/vlpdoQp1b03/MiqheJlXhLpispb6wkvHVGLDCXrF68L5cjF
VgBvUXI535pkwdHUhjawuRAXAjUeGKq2YGb+PXpZZ41PvnIsbBNjO6/tVjG1g1IT
KnWW6+PHDSiEctGErsNLtiQgDrNtwoWX/h++aL4FpoZ+HWMNlVlHSx8F8HvEdcow
kvhZ
-----END CERTIFICATE-----
Generated at Tue May 13 02:52:40 2025 by rpki-client