Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P0SW_klNDbhNIIK8YKXaPuabqTU.roa
File: P0SW_klNDbhNIIK8YKXaPuabqTU.roa (raw, json)
Hash identifier: 5FirmEmGhJEAP0DJn1h14sCEI/dbN7Gdq6ZuKutBsJU=
Subject key identifier: 3F:44:96:FE:49:4D:0D:B8:4D:20:82:BC:60:A5:DA:3E:E6:9B:A9:35
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1CEF73C741654E96E9FC0879A688B
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P0SW_klNDbhNIIK8YKXaPuabqTU.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15545
IP address blocks: 31.46.22.0/24 maxlen: 24
46.107.224.0/24 maxlen: 24
80.249.160.0/22 maxlen: 22
80.249.165.0/24 maxlen: 24
80.249.174.0/23 maxlen: 23
80.249.174.0/24 maxlen: 24
84.2.32.0/23 maxlen: 23
84.2.34.0/23 maxlen: 23
84.2.36.0/23 maxlen: 23
84.2.37.0/24 maxlen: 24
84.2.38.0/23 maxlen: 23
84.2.39.0/24 maxlen: 24
84.2.42.0/23 maxlen: 23
84.2.46.0/23 maxlen: 23
188.36.230.0/23 maxlen: 23
194.38.104.0/22 maxlen: 22
195.228.135.0/24 maxlen: 24
195.228.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ce:f7:3c:74:16:54:e9:6e:9f:c0:87:9a:68:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4496fe494d0db84d2082bc60a5da3ee69ba935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:09:1b:f1:14:2e:dd:85:85:a3:8f:f3:3e:
a9:6a:2d:dd:57:f9:1f:f8:bd:76:d2:bb:3a:70:a9:
e3:80:bf:d7:d3:65:53:1f:23:cb:9f:22:5a:94:72:
52:d3:5e:e1:ea:9c:9d:64:cf:d3:77:c4:84:78:6a:
ba:63:be:7d:3f:a1:8f:d1:1f:40:49:6f:56:aa:44:
ec:66:8a:c4:41:1a:98:32:2c:1a:bf:d2:9e:df:2a:
49:e4:9b:1a:a4:43:04:94:91:2c:3f:6f:e9:48:5d:
cc:bc:5c:85:73:e5:48:c0:0c:0e:3a:99:b6:0a:6a:
b6:ec:69:27:23:61:7b:8c:2b:f9:f0:6e:45:9f:6c:
f7:c5:6f:6e:23:9c:33:97:c3:21:2b:c1:92:29:da:
01:16:ee:b2:1f:73:cf:d6:e7:8c:6e:ae:c9:02:51:
7a:32:99:9a:18:93:fd:3e:6c:86:2e:19:2e:15:72:
8e:eb:34:7e:70:dd:03:51:95:57:be:50:08:dc:6f:
fd:a0:99:8f:69:7c:da:83:f2:3e:7c:41:42:91:09:
f3:6c:70:18:bc:74:a5:3a:90:05:cb:c0:fc:89:cf:
4b:ac:d6:1c:68:8b:1e:3b:bc:50:72:de:8a:66:2e:
b6:a5:d6:59:c2:25:09:fa:15:8c:a1:d2:71:6e:30:
76:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:44:96:FE:49:4D:0D:B8:4D:20:82:BC:60:A5:DA:3E:E6:9B:A9:35
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/P0SW_klNDbhNIIK8YKXaPuabqTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.46.22.0/24
46.107.224.0/24
80.249.160.0/22
80.249.165.0/24
80.249.174.0/23
84.2.32.0/21
84.2.42.0/23
84.2.46.0/23
188.36.230.0/23
194.38.104.0/22
195.228.135.0/24
195.228.245.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:cc:2e:6e:00:4a:88:46:db:47:e4:20:79:dd:9b:45:70:15:
d0:6d:23:83:43:bd:3d:24:de:05:d1:47:93:4e:8d:88:27:20:
c5:89:da:74:42:77:f1:ed:1f:78:0f:6e:0d:51:5e:6b:8b:b7:
f0:33:23:65:2d:8f:3a:d3:c2:d6:f4:3c:3b:33:91:42:7f:a6:
56:0d:26:2c:f1:18:fb:9f:0b:0a:06:44:0c:5a:66:39:7c:e2:
30:78:98:2b:37:54:68:4f:ce:aa:6e:03:35:ca:67:1a:f1:ef:
db:71:c5:ad:68:79:8a:3c:99:9d:a5:63:13:84:83:80:d4:97:
c6:03:59:fc:f3:08:1e:68:21:8a:57:6a:a4:5a:f9:d2:fd:b1:
18:95:61:ff:c9:fc:4a:b4:41:d5:48:e2:20:b8:cc:ba:a3:19:
e1:63:24:c5:32:6f:88:82:a5:db:7e:9a:a1:07:91:3a:b6:cd:
14:f8:47:e5:6a:bd:e1:54:fd:14:8c:bb:c1:d7:6c:9d:0a:6c:
9c:0e:28:ad:b2:e2:d5:e2:65:b2:4e:6f:a8:ba:6a:9b:29:1b:
38:15:fe:81:38:b4:1b:dc:d0:53:22:e5:5b:16:e4:b1:72:1f:
aa:26:87:65:e6:59:4c:1a:69:cc:cf:0a:9e:9f:7c:c4:ad:03:
54:96:06:1a
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZQhsc73PHQWVOlun8CHmmiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQ0OTZmZTQ5NGQwZGI4NGQyMDgyYmM2MGE1ZGEzZWU2OWJhOTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQQJG/EULt2FhaOP8z6pai3dV/kf
+L120rs6cKnjgL/X02VTHyPLnyJalHJS017h6pydZM/Td8SEeGq6Y759P6GP0R9A
SW9WqkTsZorEQRqYMiwav9Ke3ypJ5JsapEMElJEsP2/pSF3MvFyFc+VIwAwOOpm2
Cmq27GknI2F7jCv58G5Fn2z3xW9uI5wzl8MhK8GSKdoBFu6yH3PP1ueMbq7JAlF6
MpmaGJP9PmyGLhkuFXKO6zR+cN0DUZVXvlAI3G/9oJmPaXzag/I+fEFCkQnzbHAY
vHSlOpAFy8D8ic9LrNYcaIseO7xQct6KZi62pdZZwiUJ+hWModJxbjB2ewIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFD9Elv5JTQ24TSCCvGCl2j7mm6k1MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvUDBTV19rbE5EYmhOSUlLOFlLWGFQdWFicVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAHy4WAwQA
LmvgAwQCUPmgAwQAUPmlAwQBUPmuAwQDVAIgAwQBVAIqAwQBVAIuAwQBvCTmAwQC
wiZoAwQAw+SHAwQAw+T1MA0GCSqGSIb3DQEBCwUAA4IBAQBuzC5uAEqIRttH5CB5
3ZtFcBXQbSODQ709JN4F0UeTTo2IJyDFidp0Qnfx7R94D24NUV5ri7fwMyNlLY86
08LW9Dw7M5FCf6ZWDSYs8Rj7nwsKBkQMWmY5fOIweJgrN1RoT86qbgM1ymca8e/b
ccWtaHmKPJmdpWMThIOA1JfGA1n88wgeaCGKV2qkWvnS/bEYlWH/yfxKtEHVSOIg
uMy6oxnhYyTFMm+IgqXbfpqhB5E6ts0U+Eflar3hVP0UjLvB12ydCmycDiitsuLV
4mWyTm+oumqbKRs4Ff6BOLQb3NBTIuVbFuSxch+qJodl5llMGmnMzwqen3zErQNU
lgYa
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:22:20 2025 by rpki-client