Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/a7DppR8a_zPl6np7nOEfJXryakA.roa
File: a7DppR8a_zPl6np7nOEfJXryakA.roa (raw, json)
Hash identifier: wU3AghxluRA4zWm18LLUP4eLKYWVDAXfgoTV1mFNROs=
Subject key identifier: 6B:B0:E9:A5:1F:1A:FF:33:E5:EA:7A:7B:9C:E1:1F:25:7A:F2:6A:40
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 019425FDBD868106B22ED4F1C59EB632D7CB
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/a7DppR8a_zPl6np7nOEfJXryakA.roa
Signing time: Thu 02 Jan 2025 07:49:33 +0000
ROA not before: Thu 02 Jan 2025 07:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206805
IP address blocks: 45.84.152.0/23 maxlen: 24
45.84.154.0/24 maxlen: 24
45.84.155.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.191.0/24 maxlen: 24
80.85.248.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.252.0/24 maxlen: 24
80.85.253.0/24 maxlen: 24
80.85.254.0/23 maxlen: 24
176.119.0.0/21 maxlen: 21
178.159.32.0/23 maxlen: 24
185.159.111.0/24 maxlen: 24
185.228.48.0/22 maxlen: 24
185.247.192.0/22 maxlen: 24
188.64.149.0/24 maxlen: 24
188.64.150.0/23 maxlen: 24
193.19.100.0/23 maxlen: 24
193.141.230.0/23 maxlen: 23
193.142.20.0/23 maxlen: 23
193.246.144.0/24 maxlen: 24
193.246.150.0/24 maxlen: 24
193.246.153.0/24 maxlen: 24
193.246.159.0/24 maxlen: 24
2a0c:ee00::/32 maxlen: 40
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:300::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:bd:86:81:06:b2:2e:d4:f1:c5:9e:b6:32:d7:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Jan 2 07:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bb0e9a51f1aff33e5ea7a7b9ce11f257af26a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:18:ab:d2:6b:dd:f8:ee:c3:3d:19:4f:12:b2:
01:c6:88:c7:d5:04:6c:b1:62:ed:35:e7:45:4f:1a:
90:04:4b:dd:ad:6d:41:01:97:40:fb:a9:24:2e:1a:
19:d6:c1:70:d0:a3:c9:71:57:96:45:96:19:97:48:
e5:04:1d:7a:30:76:6e:77:cd:cd:ae:55:bb:2a:b6:
c2:ba:77:f0:41:0e:c0:90:1a:12:5d:3b:08:f0:5d:
91:0d:93:36:52:88:e2:4f:ef:64:70:49:6f:49:4a:
18:87:3f:d1:52:41:17:25:33:40:47:37:ba:b8:69:
98:29:30:17:2b:79:8c:b7:a3:7c:5c:7b:9c:66:34:
40:fc:1e:e4:0f:e2:b1:ec:8d:8e:47:94:16:c4:84:
94:90:34:95:1a:f8:87:00:83:c1:f3:0d:26:98:e0:
4a:55:a6:64:f7:26:d0:13:5a:b0:79:18:76:1f:bc:
e1:89:15:31:16:87:e3:58:ae:61:e1:ab:3d:ec:38:
3b:c3:29:17:10:84:03:9d:4d:a1:25:ea:b4:5e:06:
05:eb:ec:ab:07:2c:e4:e1:80:a8:d9:6f:e5:e7:5c:
3c:19:ab:83:55:c0:6d:93:60:ab:48:aa:25:97:28:
fa:e8:6f:84:57:5d:89:38:9f:1c:62:59:e8:49:00:
3b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:B0:E9:A5:1F:1A:FF:33:E5:EA:7A:7B:9C:E1:1F:25:7A:F2:6A:40
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/a7DppR8a_zPl6np7nOEfJXryakA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/21
176.119.0.0/21
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
193.141.230.0/23
193.142.20.0/23
193.246.144.0/24
193.246.150.0/24
193.246.153.0/24
193.246.159.0/24
IPv6:
2a0c:ee00::/32
Signature Algorithm: sha256WithRSAEncryption
13:c6:f3:e1:9f:fa:4c:d4:ab:09:45:4d:7c:07:56:c3:e3:67:
8e:54:84:73:db:c9:eb:03:66:cb:44:03:e2:d1:2c:ea:b9:64:
76:52:d6:17:1a:d3:f2:7e:26:dc:2b:04:92:41:db:97:46:f1:
64:6c:8c:5a:cd:96:a8:e8:07:06:a0:e0:0d:aa:2c:69:cd:47:
37:bb:4a:77:8c:e2:2a:02:c0:cc:ef:76:44:54:7f:8b:bd:94:
77:4f:e3:22:32:5f:70:24:a8:ec:0a:da:ec:d6:74:95:05:fe:
12:cb:85:21:b2:98:b4:64:ec:b7:e3:a7:7b:5b:19:56:96:ca:
c1:3d:1a:4a:6f:14:41:83:f3:65:4d:65:a6:5a:1f:f8:3e:0a:
6b:10:1e:bb:e5:76:65:3b:30:87:64:b7:69:27:ed:43:df:b3:
c0:49:26:da:e9:60:1d:53:eb:95:ac:d5:18:e7:db:e0:de:c8:
39:c2:6b:ba:9c:98:04:08:bd:fb:46:79:26:97:b5:f3:61:8d:
18:66:6c:51:22:e9:79:d7:cb:ea:1b:2f:dc:52:4a:1a:06:96:
37:86:a9:b9:2c:a0:2d:dd:bf:b2:19:ec:6d:36:e9:20:56:d9:
df:6d:50:fe:74:42:9a:69:02:d3:bf:c1:83:f9:92:fc:e2:6f:
33:d3:2a:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZQl/b2GgQayLtTxxZ62MtfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjUwMTAyMDc0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmIwZTlhNTFmMWFmZjMzZTVlYTdhN2I5Y2UxMWYyNTdhZjI2YTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBir0mvd+O7DPRlPErIBxojH1QRs
sWLtNedFTxqQBEvdrW1BAZdA+6kkLhoZ1sFw0KPJcVeWRZYZl0jlBB16MHZud83N
rlW7KrbCunfwQQ7AkBoSXTsI8F2RDZM2UojiT+9kcElvSUoYhz/RUkEXJTNARze6
uGmYKTAXK3mMt6N8XHucZjRA/B7kD+Kx7I2OR5QWxISUkDSVGviHAIPB8w0mmOBK
VaZk9ybQE1qweRh2H7zhiRUxFofjWK5h4as97Dg7wykXEIQDnU2hJeq0XgYF6+yr
Byzk4YCo2W/l51w8GauDVcBtk2CrSKollyj66G+EV12JOJ8cYlnoSQA7YwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFGuw6aUfGv8z5ep6e5zhHyV68mpAMB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvYTdEcHBSOGFfelBsNm5wN25PRWZKWHJ5YWtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAItVJgD
BAItkbwDBANQVfgDBAOwdwADBAGynyADBAC5n28DBAK55DADBAK598AwDAMEALxA
lQMEA7xAkAMEAcETZAMEAcGN5gMEAcGOFAMEAMH2kAMEAMH2lgMEAMH2mQMEAMH2
nzANBAIAAjAHAwUAKgzuADANBgkqhkiG9w0BAQsFAAOCAQEAE8bz4Z/6TNSrCUVN
fAdWw+NnjlSEc9vJ6wNmy0QD4tEs6rlkdlLWFxrT8n4m3CsEkkHbl0bxZGyMWs2W
qOgHBqDgDaosac1HN7tKd4ziKgLAzO92RFR/i72Ud0/jIjJfcCSo7Ara7NZ0lQX+
EsuFIbKYtGTst+One1sZVpbKwT0aSm8UQYPzZU1lplof+D4KaxAeu+V2ZTswh2S3
aSftQ9+zwEkm2ulgHVPrlazVGOfb4N7IOcJrupyYBAi9+0Z5Jpe182GNGGZsUSLp
edfL6hsv3FJKGgaWN4apuSygLd2/shnsbTbpIFbZ321Q/nRCmmkC07/Bg/mS/OJv
M9MqtQ==
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:54:38 2025 by rpki-client