Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/P1lPFPWPTd1w46uD6anWUIXDN-8.roa
File: P1lPFPWPTd1w46uD6anWUIXDN-8.roa (raw, json)
Hash identifier: FaC6i1U056HyqhneOOkZBta00Lc9nbNeidkazRTc8Zc=
Subject key identifier: 3F:59:4F:14:F5:8F:4D:DD:70:E3:AB:83:E9:A9:D6:50:85:C3:37:EF
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 019246F4E9F48555A2EFEE5BA0E14542B270
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/P1lPFPWPTd1w46uD6anWUIXDN-8.roa
Signing time: Tue 01 Oct 2024 07:21:48 +0000
ROA not before: Tue 01 Oct 2024 07:21:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21245
IP address blocks: 31.3.0.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
80.91.216.0/24 maxlen: 24
146.19.176.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.155.102.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.235.10.0/24 maxlen: 24
185.241.63.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
2a03:3f00:2::/48 maxlen: 48
2a03:3f00:3::/48 maxlen: 48
2a03:3f00:4::/48 maxlen: 48
2a03:3f00:5::/48 maxlen: 48
2a03:3f00:6::/48 maxlen: 48
2a03:3f00:7::/48 maxlen: 48
2a03:3f00:10::/48 maxlen: 48
2a03:3f00:17::/48 maxlen: 48
2a03:3f00:19::/48 maxlen: 48
2a03:3f00:31::/48 maxlen: 48
2a03:3f00:160::/48 maxlen: 48
2a03:3f00:161::/48 maxlen: 48
2a03:3f00:162::/48 maxlen: 48
2a03:3f00:163::/48 maxlen: 48
2a03:3f00:172::/48 maxlen: 48
2a03:3f00:174::/48 maxlen: 48
2a03:3f00:175::/48 maxlen: 48
2a03:3f00:180::/48 maxlen: 48
2a03:3f00:181::/48 maxlen: 48
2a03:3f00:182::/48 maxlen: 48
2a03:3f00:183::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 Nov 2024 01:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:f4:e9:f4:85:55:a2:ef:ee:5b:a0:e1:45:42:b2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Oct 1 07:21:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f594f14f58f4ddd70e3ab83e9a9d65085c337ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e5:4a:f1:7e:d8:56:8b:3d:42:8b:7a:de:c5:
09:8a:2b:db:32:21:9e:be:7f:f2:0b:1e:ef:cf:2c:
c3:19:c7:6c:fd:63:0d:3c:7f:2d:98:aa:ad:16:65:
8c:d1:85:ad:72:72:a8:1e:28:a6:05:7e:8e:bd:6f:
47:d4:cc:a8:cc:45:57:a7:f6:f5:19:d1:da:93:a0:
34:47:98:48:e1:2f:ad:cd:12:4d:2a:d8:9b:0c:eb:
7b:30:98:e1:1f:70:7a:a4:41:79:4b:e2:eb:ef:42:
67:ea:02:7a:49:30:bf:3c:ce:12:7d:fe:15:21:96:
1d:90:0e:ca:34:b8:0f:95:b4:ea:76:7f:b4:ea:fe:
0f:01:db:cd:e3:0f:5c:99:77:9e:bf:45:44:28:0d:
ee:09:52:56:4d:63:ff:40:16:73:11:12:c0:c4:8a:
e4:1c:96:ad:28:56:5e:18:6f:9f:d0:92:34:4f:b1:
e1:c1:da:f9:9f:87:4d:04:28:60:ca:46:3f:a0:ec:
c9:1f:0d:ed:cf:97:20:3c:27:d9:28:48:bc:07:f2:
bd:9f:74:62:80:40:74:fd:14:22:28:2f:80:3d:d1:
5c:e9:90:ec:28:d3:cc:33:c7:d9:b8:97:e2:d9:a1:
a1:ec:33:29:a7:fc:a9:f2:c1:e9:ea:97:2e:1f:07:
42:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:59:4F:14:F5:8F:4D:DD:70:E3:AB:83:E9:A9:D6:50:85:C3:37:EF
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/P1lPFPWPTd1w46uD6anWUIXDN-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
80.91.216.0/24
146.19.176.0/24
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.155.102.0/24
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
185.241.63.0/24
IPv6:
2a03:3f00::/45
2a03:3f00:10::/48
2a03:3f00:17::/48
2a03:3f00:19::/48
2a03:3f00:31::/48
2a03:3f00:160::/46
2a03:3f00:172::/48
2a03:3f00:174::/47
2a03:3f00:180::/46
Signature Algorithm: sha256WithRSAEncryption
1f:ec:03:6b:84:b5:df:50:77:85:28:ea:fd:d7:eb:09:ed:db:
92:aa:03:4d:8f:7f:83:de:bf:f4:9e:75:f3:f8:06:91:90:8b:
69:2c:ba:11:b9:f7:65:32:37:77:ec:03:5f:de:d8:8e:cf:ad:
a9:6a:3b:5b:2e:f0:0f:02:2b:45:f3:25:b4:d1:56:d9:9f:af:
ba:12:65:6e:55:9b:39:00:be:86:cc:d0:3e:6b:40:5d:c7:8c:
3f:0a:b2:40:dd:2c:3b:06:cc:ee:b3:cf:7a:e7:9d:b3:0b:68:
8b:59:95:73:d1:39:03:60:15:d1:18:08:c3:9a:57:42:5a:87:
85:c0:7f:7d:17:e9:6c:ac:a6:2d:f8:ea:88:8a:42:a0:5d:3e:
f2:ae:36:46:94:0b:0d:c0:d1:d6:f5:6d:ed:34:84:13:31:2b:
47:f8:8f:67:46:3d:b7:4d:55:4e:16:30:9c:67:3e:f0:4b:8b:
34:81:a5:9a:dd:7e:b9:06:fd:9d:54:04:77:c7:90:38:6c:02:
2e:7c:19:22:c5:02:a3:b2:8b:80:bb:88:ce:23:e1:04:d3:0b:
5a:20:0e:a3:1f:62:c0:57:cd:5e:e2:9d:cf:fe:89:cc:d4:71:
b2:9a:92:0f:a4:1c:46:70:03:05:3a:b8:c3:ab:0a:27:6d:d6:
90:2b:d1:0e
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZJG9On0hVWi7+5boOFFQrJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjQxMDAxMDcyMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjU5NGYxNGY1OGY0ZGRkNzBlM2FiODNlOWE5ZDY1MDg1YzMzN2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOVK8X7YVos9Qot63sUJiivbMiGe
vn/yCx7vzyzDGcds/WMNPH8tmKqtFmWM0YWtcnKoHiimBX6OvW9H1MyozEVXp/b1
GdHak6A0R5hI4S+tzRJNKtibDOt7MJjhH3B6pEF5S+Lr70Jn6gJ6STC/PM4Sff4V
IZYdkA7KNLgPlbTqdn+06v4PAdvN4w9cmXeev0VEKA3uCVJWTWP/QBZzERLAxIrk
HJatKFZeGG+f0JI0T7Hhwdr5n4dNBChgykY/oOzJHw3tz5cgPCfZKEi8B/K9n3Ri
gEB0/RQiKC+APdFc6ZDsKNPMM8fZuJfi2aGh7DMpp/yp8sHp6pcuHwdCPQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFD9ZTxT1j03dcOOrg+mp1lCFwzfvMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvUDFsUEZQV1BUZDF3NDZ1RDZhbldVSVhETi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozBIBAIAATBCAwQDHwMA
AwQAUFvYAwQAkhOwAwQCuRW0AwQCuRagAwQCuVesAwQAuZtmAwQBueYQAwQAueYT
AwQAuesKAwQAufE/MFcEAgACMFEDBwMqAz8AAAADBwAqAz8AABADBwAqAz8AABcD
BwAqAz8AABkDBwAqAz8AADEDBwIqAz8AAWADBwAqAz8AAXIDBwEqAz8AAXQDBwIq
Az8AAYAwDQYJKoZIhvcNAQELBQADggEBAB/sA2uEtd9Qd4Uo6v3X6wnt25KqA02P
f4Pev/SedfP4BpGQi2ksuhG592UyN3fsA1/e2I7PralqO1su8A8CK0XzJbTRVtmf
r7oSZW5VmzkAvobM0D5rQF3HjD8KskDdLDsGzO6zz3rnnbMLaItZlXPROQNgFdEY
CMOaV0Jah4XAf30X6Wyspi346oiKQqBdPvKuNkaUCw3A0db1be00hBMxK0f4j2dG
PbdNVU4WMJxnPvBLizSBpZrdfrkG/Z1UBHfHkDhsAi58GSLFAqOyi4C7iM4j4QTT
C1ogDqMfYsBXzV7inc/+iczUcbKakg+kHEZwAwU6uMOrCidt1pAr0Q4=
-----END CERTIFICATE-----
Generated at Sat Nov 16 05:21:22 2024 by rpki-client on console-fra.rpki-client.org