Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/3vEPBG1oI2P7D_OfeL-L-zO3dlY.roa
File: 3vEPBG1oI2P7D_OfeL-L-zO3dlY.roa (raw, json)
Hash identifier: tN3ytiGRqjapeYsvwHwSYsXkP2Hw2Lot2BTQS7jncsI=
Subject key identifier: DE:F1:0F:04:6D:68:23:63:FB:0F:F3:9F:78:BF:8B:FB:33:B7:76:56
Certificate issuer: /CN=6f5e0230be799e44829c8720ca38347045494e20
Certificate serial: 019420D623F61B16B7AEFA0FFC58EFA59BFA
Authority key identifier: 6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/3vEPBG1oI2P7D_OfeL-L-zO3dlY.roa
Signing time: Wed 01 Jan 2025 07:48:12 +0000
ROA not before: Wed 01 Jan 2025 07:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39651
IP address blocks: 77.218.32.0/19 maxlen: 19
80.216.0.0/15 maxlen: 15
83.177.160.0/19 maxlen: 19
83.177.192.0/19 maxlen: 19
83.177.200.0/21 maxlen: 21
83.177.224.0/19 maxlen: 19
83.177.232.0/21 maxlen: 21
83.180.224.0/19 maxlen: 19
83.181.0.0/19 maxlen: 19
83.182.32.0/19 maxlen: 19
83.188.0.0/18 maxlen: 18
83.188.224.0/19 maxlen: 19
83.190.64.0/18 maxlen: 18
83.191.160.0/19 maxlen: 19
83.248.0.0/13 maxlen: 13
85.194.0.0/18 maxlen: 18
87.227.0.0/17 maxlen: 17
90.129.224.0/19 maxlen: 19
90.133.128.0/19 maxlen: 19
90.133.160.0/19 maxlen: 19
90.141.0.0/19 maxlen: 19
90.141.40.0/21 maxlen: 21
90.141.48.0/20 maxlen: 20
90.142.32.0/19 maxlen: 19
90.142.48.0/20 maxlen: 20
90.143.0.0/19 maxlen: 19
90.143.128.0/17 maxlen: 17
90.144.64.0/19 maxlen: 19
91.128.128.0/19 maxlen: 19
91.128.160.0/19 maxlen: 19
91.128.192.0/19 maxlen: 19
91.130.0.0/18 maxlen: 18
151.177.0.0/16 maxlen: 16
178.218.152.0/22 maxlen: 22
188.148.0.0/14 maxlen: 14
193.13.160.0/20 maxlen: 20
193.14.192.0/20 maxlen: 20
193.150.192.0/18 maxlen: 18
213.89.0.0/16 maxlen: 16
213.100.192.0/19 maxlen: 19
213.102.64.0/19 maxlen: 19
213.102.80.0/20 maxlen: 20
213.103.128.0/19 maxlen: 19
213.200.128.0/18 maxlen: 18
2a04:ae00::/26 maxlen: 26
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:23:f6:1b:16:b7:ae:fa:0f:fc:58:ef:a5:9b:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5e0230be799e44829c8720ca38347045494e20
Validity
Not Before: Jan 1 07:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=def10f046d682363fb0ff39f78bf8bfb33b77656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:1a:3b:9e:04:81:ec:00:f4:b1:7a:f1:ab:c2:
ff:fc:ab:2a:59:4e:0a:1a:58:62:7d:b0:60:d4:91:
fc:d7:ea:83:53:3f:1f:b2:87:4e:6b:6a:c0:9a:f3:
b5:b0:8f:42:5d:01:a2:0a:69:4e:b3:cb:0c:4b:48:
2c:30:ff:c0:2b:71:be:ef:58:e4:9a:42:42:7f:c5:
e8:3e:55:0a:f5:e2:b4:fb:f9:2e:0a:f0:6e:8a:c5:
8f:f5:c1:50:c5:9a:c8:1a:01:0f:6a:49:e8:3e:d4:
f5:f7:7f:e0:91:0b:a6:ac:28:06:49:1b:bd:2f:8a:
38:82:91:0a:00:8b:88:25:69:53:fe:41:15:a3:1f:
f9:d9:c7:8b:71:b3:2b:2b:3a:2a:6b:50:60:2e:a2:
81:0c:88:2c:5a:0a:4b:9f:16:09:37:0b:f2:3d:1f:
33:20:8c:0c:8c:86:99:49:ec:8e:5a:b8:e7:a7:2d:
62:01:06:49:58:f5:5e:fe:03:8a:83:f7:08:24:b9:
15:98:0d:1f:9a:cd:fc:fe:34:48:64:d0:10:c1:af:
00:ff:ba:5d:05:94:89:76:e7:26:4a:74:a8:20:12:
27:6e:6b:d9:7f:a1:d3:83:ff:4e:67:58:88:c5:ef:
5d:10:cd:00:15:d9:77:70:f8:ff:a3:0a:8b:80:e0:
e6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F1:0F:04:6D:68:23:63:FB:0F:F3:9F:78:BF:8B:FB:33:B7:76:56
X509v3 Authority Key Identifier:
keyid:6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/3vEPBG1oI2P7D_OfeL-L-zO3dlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.218.32.0/19
80.216.0.0/15
83.177.160.0-83.177.255.255
83.180.224.0-83.181.31.255
83.182.32.0/19
83.188.0.0/18
83.188.224.0/19
83.190.64.0/18
83.191.160.0/19
83.248.0.0/13
85.194.0.0/18
87.227.0.0/17
90.129.224.0/19
90.133.128.0/18
90.141.0.0/19
90.141.40.0-90.141.63.255
90.142.32.0/19
90.143.0.0/19
90.143.128.0/17
90.144.64.0/19
91.128.128.0-91.128.223.255
91.130.0.0/18
151.177.0.0/16
178.218.152.0/22
188.148.0.0/14
193.13.160.0/20
193.14.192.0/20
193.150.192.0/18
213.89.0.0/16
213.100.192.0/19
213.102.64.0/19
213.103.128.0/19
213.200.128.0/18
IPv6:
2a04:ae00::/26
Signature Algorithm: sha256WithRSAEncryption
72:68:ee:6b:69:97:fe:f7:e1:b0:53:39:05:bc:85:6f:3a:f4:
dd:f8:53:28:2d:03:14:08:66:7f:00:30:5a:fc:aa:58:67:e8:
d3:16:a2:28:2b:e1:8f:e3:fd:21:3e:c4:32:d7:c0:9d:cd:66:
2d:1e:92:a9:b4:62:d8:69:7b:b9:91:81:1d:bb:1d:a5:ab:34:
4f:83:53:c3:5b:20:cc:d1:fe:65:fe:c2:5d:14:66:c9:9c:86:
ba:1a:92:30:e8:22:6c:4e:fa:fe:ee:6d:7e:d2:28:12:89:d8:
b6:f4:c8:ca:a0:b9:e7:c0:f5:e4:81:43:15:d7:b2:0e:68:ff:
ae:30:d5:85:d8:20:47:64:fe:61:b9:9b:72:09:03:2e:fe:34:
9b:d1:cb:d3:5c:d1:6b:a7:d5:0e:ff:3f:75:cb:93:19:5e:a2:
d5:34:03:a5:2d:3d:02:4b:cb:1b:81:f5:2f:a4:eb:10:9d:e7:
9a:8c:ba:30:58:a8:c8:cc:eb:31:4d:d5:c8:2d:23:8b:a6:3f:
58:00:17:d0:45:e7:28:89:f1:ea:3e:f0:3b:7d:a7:a4:49:a5:
c2:61:c5:e4:62:b1:1f:22:82:76:3e:1a:af:f5:24:9d:56:96:
52:d3:f4:94:14:3c:b7:b2:cc:3f:a6:54:b5:63:bb:50:62:4d:
a9:2e:87:1f
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZQg1iP2Gxa3rvoP/FjvpZv6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWUwMjMwYmU3OTllNDQ4MjljODcyMGNhMzgzNDcwNDU0
OTRlMjAwHhcNMjUwMTAxMDc0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWYxMGYwNDZkNjgyMzYzZmIwZmYzOWY3OGJmOGJmYjMzYjc3NjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6xo7ngSB7AD0sXrxq8L//KsqWU4K
GlhifbBg1JH81+qDUz8fsodOa2rAmvO1sI9CXQGiCmlOs8sMS0gsMP/AK3G+71jk
mkJCf8XoPlUK9eK0+/kuCvBuisWP9cFQxZrIGgEPaknoPtT193/gkQumrCgGSRu9
L4o4gpEKAIuIJWlT/kEVox/52ceLcbMrKzoqa1BgLqKBDIgsWgpLnxYJNwvyPR8z
IIwMjIaZSeyOWrjnpy1iAQZJWPVe/gOKg/cIJLkVmA0fms38/jRIZNAQwa8A/7pd
BZSJducmSnSoIBInbmvZf6HTg/9OZ1iIxe9dEM0AFdl3cPj/owqLgODm9wIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFN7xDwRtaCNj+w/zn3i/i/szt3ZWMB8GA1UdIwQY
MBaAFG9eAjC+eZ5EgpyHIMo4NHBFSU4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGIt
YmE3YzdkODE5MGNhLzEvM3ZFUEJHMW9JMlA3RF9PZmVMLUwtek8zZGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGItYmE3YzdkODE5MGNh
LzEvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQF
TdogAwMBUNgwCwMEBVOxoAMDAVOwMAwDBAVTtOADBAVTtQADBAVTtiADBAZTvAAD
BAVTvOADBAZTvkADBAVTv6ADAwNT+AMEBlXCAAMEB1fjAAMEBVqB4AMEBlqFgAME
BVqNADAMAwQDWo0oAwQGWo0AAwQFWo4gAwQFWo8AAwQHWo+AAwQFWpBAMAwDBAdb
gIADBAVbgMADBAZbggADAwCXsQMEArLamAMDAryUAwQEwQ2gAwQEwQ7AAwQGwZbA
AwMA1VkDBAXVZMADBAXVZkADBAXVZ4ADBAbVyIAwDQQCAAIwBwMFBioErgAwDQYJ
KoZIhvcNAQELBQADggEBAHJo7mtpl/734bBTOQW8hW869N34UygtAxQIZn8AMFr8
qlhn6NMWoigr4Y/j/SE+xDLXwJ3NZi0ekqm0Ythpe7mRgR27HaWrNE+DU8NbIMzR
/mX+wl0UZsmchroakjDoImxO+v7ubX7SKBKJ2Lb0yMqguefA9eSBQxXXsg5o/64w
1YXYIEdk/mG5m3IJAy7+NJvRy9Nc0Wun1Q7/P3XLkxleotU0A6UtPQJLyxuB9S+k
6xCd55qMujBYqMjM6zFN1cgtI4umP1gAF9BF5yiJ8eo+8Dt9p6RJpcJhxeRisR8i
gnY+Gq/1JJ1WllLT9JQUPLeyzD+mVLVju1BiTakuhx8=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:26:34 2025 by rpki-client