Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/3i8SziI4yOANwHuCoVeJUFIkDmY.roa
File: 3i8SziI4yOANwHuCoVeJUFIkDmY.roa (raw, json)
Hash identifier: ApwThwemagVAYGDz/BhbEY+AhYokJz7tAT0f3Qt4Pto=
Subject key identifier: DE:2F:12:CE:22:38:C8:E0:0D:C0:7B:82:A1:57:89:50:52:24:0E:66
Certificate issuer: /CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Certificate serial: 019426D96592769958AAEC1F5D14E9FE78EF
Authority key identifier: AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/3i8SziI4yOANwHuCoVeJUFIkDmY.roa
Signing time: Thu 02 Jan 2025 11:49:28 +0000
ROA not before: Thu 02 Jan 2025 11:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9158
IP address blocks: 2.128.0.0/14 maxlen: 14
5.33.0.0/16 maxlen: 16
37.96.0.0/16 maxlen: 16
62.66.0.0/16 maxlen: 16
62.79.0.0/16 maxlen: 16
62.121.160.0/19 maxlen: 19
77.212.0.0/14 maxlen: 14
80.91.0.0/20 maxlen: 20
83.72.0.0/14 maxlen: 14
85.80.0.0/14 maxlen: 14
94.144.0.0/13 maxlen: 13
129.142.0.0/16 maxlen: 16
130.227.0.0/16 maxlen: 16
130.228.0.0/16 maxlen: 16
185.116.184.0/22 maxlen: 22
192.38.128.0/17 maxlen: 17
195.47.128.0/18 maxlen: 18
195.82.192.0/19 maxlen: 19
212.54.64.0/19 maxlen: 19
212.88.64.0/19 maxlen: 19
212.242.0.0/16 maxlen: 16
213.83.128.0/17 maxlen: 17
213.237.0.0/17 maxlen: 17
217.157.0.0/16 maxlen: 16
2001:1580::/32 maxlen: 32
2a02:2a30::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:65:92:76:99:58:aa:ec:1f:5d:14:e9:fe:78:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfeacea5d812f3030c557e48c53758753fb6c6b
Validity
Not Before: Jan 2 11:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de2f12ce2238c8e00dc07b82a157895052240e66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a2:90:e5:1d:02:34:2e:a8:d1:45:60:fb:ed:
7d:3e:bf:5e:e4:3a:82:c8:1e:f0:c8:ef:77:80:2d:
c0:28:b4:49:7c:90:cb:48:10:ed:94:93:6c:dd:4c:
e4:1e:06:c4:84:c7:08:a2:4a:ed:d4:a4:84:5f:00:
fb:98:d8:cd:a7:a0:7d:29:17:64:d8:1f:91:81:ff:
60:84:ae:fd:0d:b4:90:d2:c6:44:a2:86:cf:c0:9b:
c8:ca:6e:10:06:bc:f2:2a:a5:77:b6:ca:37:bd:45:
ed:fc:25:94:ca:f3:5a:ef:f3:55:e1:e1:e9:d9:f4:
fc:ed:dc:7a:0b:da:91:23:f5:bc:d4:dd:22:dc:bb:
3e:85:f9:47:7b:a6:33:51:58:55:3a:49:85:08:d5:
f6:75:fc:96:70:53:83:0c:8e:79:00:6f:ef:18:54:
c7:2b:f2:8a:ab:6f:d0:73:7c:1c:f9:1f:62:e5:47:
2d:ad:3b:13:a9:9e:bf:35:ff:94:4d:9a:59:07:b5:
e0:ff:cb:db:a1:e4:0c:18:16:31:ce:85:59:62:f5:
95:f5:d1:c8:97:63:b9:bb:38:7e:50:27:0f:06:b1:
3c:10:09:93:96:30:4d:f8:42:3d:58:a1:b0:29:70:
84:2c:77:1d:10:32:44:2d:0b:f9:ac:e8:e0:ee:66:
b3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2F:12:CE:22:38:C8:E0:0D:C0:7B:82:A1:57:89:50:52:24:0E:66
X509v3 Authority Key Identifier:
keyid:AC:FE:AC:EA:5D:81:2F:30:30:C5:57:E4:8C:53:75:87:53:FB:6C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rP6s6l2BLzAwxVfkjFN1h1P7bGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/3i8SziI4yOANwHuCoVeJUFIkDmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2727b5-5ecb-485f-b7d9-a2fd28840a03/1/rP6s6l2BLzAwxVfkjFN1h1P7bGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.128.0.0/14
5.33.0.0/16
37.96.0.0/16
62.66.0.0/16
62.79.0.0/16
62.121.160.0/19
77.212.0.0/14
80.91.0.0/20
83.72.0.0/14
85.80.0.0/14
94.144.0.0/13
129.142.0.0/16
130.227.0.0-130.228.255.255
185.116.184.0/22
192.38.128.0/17
195.47.128.0/18
195.82.192.0/19
212.54.64.0/19
212.88.64.0/19
212.242.0.0/16
213.83.128.0/17
213.237.0.0/17
217.157.0.0/16
IPv6:
2001:1580::/32
2a02:2a30::/29
Signature Algorithm: sha256WithRSAEncryption
bd:d7:60:a9:fd:b4:10:7e:24:de:bb:35:73:cd:c5:0a:b3:4e:
51:0b:61:1f:10:c9:3f:1b:b2:1f:9b:0a:53:01:95:ec:94:88:
20:a8:39:76:1e:1e:5a:c2:ee:d0:01:b0:2d:4a:c2:fd:0c:07:
81:2d:8c:d2:02:23:31:61:b8:04:ca:e9:bb:02:f8:56:92:77:
e2:09:52:c5:2b:bf:22:68:d0:de:d9:65:91:a6:43:f3:ae:90:
f2:93:38:dc:9a:69:ef:bf:aa:95:3c:a8:43:11:1a:59:83:ef:
20:bc:9c:b1:71:9b:ac:f4:66:e4:8e:36:85:f8:d3:ba:20:06:
a4:0e:06:10:bb:b1:32:ba:62:e3:af:15:22:0c:b2:0a:2e:5e:
70:37:b9:9c:6a:1f:ec:4e:06:b7:97:7e:9f:ab:e9:99:f8:ca:
2d:93:21:ce:10:54:f1:81:ce:b2:ec:9d:d4:71:56:eb:65:23:
a3:95:28:3b:42:71:17:a5:de:2d:8f:e9:88:35:33:62:ee:da:
93:1f:49:e8:a4:99:5d:7f:02:de:72:42:7d:3a:5e:d1:d4:f3:
ee:7f:66:9f:d7:7c:8a:de:e5:d7:cb:f0:5d:2b:f0:76:87:40:
cf:bf:02:82:a3:f2:cf:37:7f:a1:98:ea:f2:5d:03:71:9e:48:
fa:21:15:72
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZQm2WWSdplYquwfXRTp/njvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjZmVhY2VhNWQ4MTJmMzAzMGM1NTdlNDhjNTM3NTg3NTNm
YjZjNmIwHhcNMjUwMTAyMTE0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJmMTJjZTIyMzhjOGUwMGRjMDdiODJhMTU3ODk1MDUyMjQwZTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6KQ5R0CNC6o0UVg++19Pr9e5DqC
yB7wyO93gC3AKLRJfJDLSBDtlJNs3UzkHgbEhMcIokrt1KSEXwD7mNjNp6B9KRdk
2B+Rgf9ghK79DbSQ0sZEoobPwJvIym4QBrzyKqV3tso3vUXt/CWUyvNa7/NV4eHp
2fT87dx6C9qRI/W81N0i3Ls+hflHe6YzUVhVOkmFCNX2dfyWcFODDI55AG/vGFTH
K/KKq2/Qc3wc+R9i5UctrTsTqZ6/Nf+UTZpZB7Xg/8vboeQMGBYxzoVZYvWV9dHI
l2O5uzh+UCcPBrE8EAmTljBN+EI9WKGwKXCELHcdEDJELQv5rOjg7mazkQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFN4vEs4iOMjgDcB7gqFXiVBSJA5mMB8GA1UdIwQY
MBaAFKz+rOpdgS8wMMVX5IxTdYdT+2xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclA2czZsMkJMekF3eFZma2pGTjFoMVA3YkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yNzI3YjUtNWVjYi00ODVmLWI3ZDkt
YTJmZDI4ODQwYTAzLzEvM2k4U3ppSTR5T0FOd0h1Q29WZUpVRklrRG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yNzI3YjUtNWVjYi00ODVmLWI3ZDktYTJmZDI4ODQwYTAz
LzEvclA2czZsMkJMekF3eFZma2pGTjFoMVA3YkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBiwQCAAEwgYQDAwIC
gAMDAAUhAwMAJWADAwA+QgMDAD5PAwQFPnmgAwMCTdQDBARQWwADAwJTSAMDAlVQ
AwMDXpADAwCBjjAKAwMAguMDAwCC5AMEArl0uAMEB8AmgAMEBsMvgAMEBcNSwAME
BdQ2QAMEBdRYQAMDANTyAwQH1VOAAwQH1e0AAwMA2Z0wFAQCAAIwDgMFACABFYAD
BQMqAiowMA0GCSqGSIb3DQEBCwUAA4IBAQC912Cp/bQQfiTeuzVzzcUKs05RC2Ef
EMk/G7IfmwpTAZXslIggqDl2Hh5awu7QAbAtSsL9DAeBLYzSAiMxYbgEyum7AvhW
knfiCVLFK78iaNDe2WWRpkPzrpDykzjcmmnvv6qVPKhDERpZg+8gvJyxcZus9Gbk
jjaF+NO6IAakDgYQu7EyumLjrxUiDLIKLl5wN7mcah/sTga3l36fq+mZ+MotkyHO
EFTxgc6y7J3UcVbrZSOjlSg7QnEXpd4tj+mINTNi7tqTH0nopJldfwLeckJ9Ol7R
1PPuf2af13yK3uXXy/BdK/B2h0DPvwKCo/LPN3+hmOryXQNxnkj6IRVy
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:20:41 2025 by rpki-client