Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/3vk_cNMUWC-JUrbyIXBN2gny1YM.roa
File: 3vk_cNMUWC-JUrbyIXBN2gny1YM.roa (raw, json)
Hash identifier: 5UI1dk/WNT1Jzxh8ssSrm2cZ8VMJvaL80lHMAJV1sdM=
Subject key identifier: DE:F9:3F:70:D3:14:58:2F:89:52:B6:F2:21:70:4D:DA:09:F2:D5:83
Certificate issuer: /CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Certificate serial: 019424B3270DFCEDB150C68025FE57512F84
Authority key identifier: C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/3vk_cNMUWC-JUrbyIXBN2gny1YM.roa
Signing time: Thu 02 Jan 2025 01:48:28 +0000
ROA not before: Thu 02 Jan 2025 01:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3249
IP address blocks: 37.157.64.0/18 maxlen: 18
46.131.0.0/16 maxlen: 16
62.65.32.0/19 maxlen: 19
78.110.36.0/22 maxlen: 22
78.110.40.0/22 maxlen: 22
80.235.0.0/17 maxlen: 17
81.20.144.0/20 maxlen: 20
83.166.32.0/19 maxlen: 19
84.50.0.0/16 maxlen: 16
85.29.192.0/18 maxlen: 18
88.196.0.0/16 maxlen: 16
89.221.64.0/21 maxlen: 21
90.190.0.0/15 maxlen: 15
91.236.222.0/24 maxlen: 24
94.246.192.0/20 maxlen: 20
94.246.208.0/21 maxlen: 21
176.46.0.0/17 maxlen: 17
185.20.56.0/22 maxlen: 22
185.40.236.0/22 maxlen: 22
185.43.104.0/22 maxlen: 22
194.106.96.0/19 maxlen: 19
194.126.96.0/19 maxlen: 19
195.50.192.0/19 maxlen: 19
195.50.224.0/19 maxlen: 19
195.250.160.0/19 maxlen: 19
213.35.128.0/17 maxlen: 17
213.168.0.0/19 maxlen: 19
213.180.0.0/19 maxlen: 19
213.219.64.0/18 maxlen: 18
217.71.32.0/20 maxlen: 20
217.159.128.0/17 maxlen: 17
2001:7d0::/32 maxlen: 32
2a00:16e0::/32 maxlen: 32
2a01:158::/32 maxlen: 32
2a01:6da0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:27:0d:fc:ed:b1:50:c6:80:25:fe:57:51:2f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1d710d8ac31b1f6daf7046c45374ae8e405f18e
Validity
Not Before: Jan 2 01:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=def93f70d314582f8952b6f221704dda09f2d583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ba:44:7e:78:97:80:0a:8b:fd:cb:c3:56:9b:
a9:ab:d0:98:46:48:98:66:e7:3d:65:fd:e5:fc:96:
03:ed:a8:0a:cd:58:0e:e0:99:5a:03:3b:c1:d4:cc:
16:f8:97:4d:55:d4:3d:98:79:c7:50:b9:fd:af:b7:
65:dc:6e:d7:11:95:b3:e5:ed:90:db:32:78:ad:85:
57:83:9f:96:0d:93:ed:10:39:04:14:1b:b4:16:f4:
8f:af:41:f8:a1:e9:ff:f9:80:8b:ea:6e:9c:f3:04:
4c:b6:93:af:3d:52:0e:b6:88:94:3c:d6:10:50:c9:
f2:e8:95:75:99:38:3b:b6:4c:63:8f:d4:f0:fc:da:
22:49:84:20:37:2b:a2:35:df:80:fa:64:84:1a:c1:
65:c9:f0:82:f8:a8:77:f8:8f:0a:61:7c:61:fa:69:
1f:14:cc:de:e8:24:01:07:26:a7:5e:d1:c2:e0:e2:
a5:c7:c6:19:9c:e6:d8:c6:e5:22:c3:c3:22:cc:88:
e4:41:c7:e9:db:42:91:d9:0e:dc:6e:9a:a3:f6:41:
f9:c1:e1:f0:57:46:b0:03:03:01:20:7e:79:21:8f:
9b:15:aa:de:1f:c7:dc:81:6e:c4:00:21:94:af:6b:
2f:25:8a:0c:41:6a:f0:a2:9a:c8:ec:56:86:40:a6:
22:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F9:3F:70:D3:14:58:2F:89:52:B6:F2:21:70:4D:DA:09:F2:D5:83
X509v3 Authority Key Identifier:
keyid:C1:D7:10:D8:AC:31:B1:F6:DA:F7:04:6C:45:37:4A:E8:E4:05:F1:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/3vk_cNMUWC-JUrbyIXBN2gny1YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/db3303-7879-4b69-8848-115f15b20de7/1/wdcQ2Kwxsfba9wRsRTdK6OQF8Y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.64.0/18
46.131.0.0/16
62.65.32.0/19
78.110.36.0-78.110.43.255
80.235.0.0/17
81.20.144.0/20
83.166.32.0/19
84.50.0.0/16
85.29.192.0/18
88.196.0.0/16
89.221.64.0/21
90.190.0.0/15
91.236.222.0/24
94.246.192.0-94.246.215.255
176.46.0.0/17
185.20.56.0/22
185.40.236.0/22
185.43.104.0/22
194.106.96.0/19
194.126.96.0/19
195.50.192.0/18
195.250.160.0/19
213.35.128.0/17
213.168.0.0/19
213.180.0.0/19
213.219.64.0/18
217.71.32.0/20
217.159.128.0/17
IPv6:
2001:7d0::/32
2a00:16e0::/32
2a01:158::/32
2a01:6da0::/32
Signature Algorithm: sha256WithRSAEncryption
28:cc:ef:bf:ca:96:0f:19:af:a1:62:8c:df:30:57:01:45:50:
24:d7:ef:27:d4:ea:98:df:ef:89:70:10:14:92:df:28:fa:9d:
3b:54:f3:0f:03:a2:3b:39:cb:2d:09:ec:a2:87:da:79:54:60:
c2:15:e5:d9:92:94:02:0b:75:c6:d8:b5:d4:3a:43:43:b6:0d:
5f:50:1d:bb:e3:0a:99:5f:9d:94:00:24:b0:1d:af:99:c2:0f:
05:c5:43:a4:ec:f7:f0:9b:9c:33:d1:f1:f1:aa:da:d4:7b:66:
74:49:87:c9:be:b9:41:87:0b:ae:89:ce:83:6b:a4:98:c5:74:
7c:9c:cb:10:3c:31:50:40:5c:98:cf:29:26:98:8c:67:da:1a:
06:72:29:3b:ad:19:97:ae:eb:bc:f1:a2:b0:a4:10:4c:95:f9:
f2:1d:44:01:53:7e:3e:34:80:4c:64:b2:02:04:65:82:3f:fc:
cb:67:a0:01:87:9c:16:6e:97:78:8f:55:32:ae:dc:3a:3a:59:
14:2f:7a:d3:4d:9a:54:4e:cc:9b:78:8b:11:a4:bf:fc:ab:2e:
e3:90:da:63:c7:fe:6b:4f:5f:2e:59:25:d3:a0:ad:18:1b:44:
7c:0a:8c:06:b9:27:c2:47:0a:b2:a7:9e:33:a7:c7:13:ec:87:
f2:42:d8:31
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgISAZQksycN/O2xUMaAJf5XUS+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZDcxMGQ4YWMzMWIxZjZkYWY3MDQ2YzQ1Mzc0YWU4ZTQw
NWYxOGUwHhcNMjUwMTAyMDE0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY5M2Y3MGQzMTQ1ODJmODk1MmI2ZjIyMTcwNGRkYTA5ZjJkNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrpEfniXgAqL/cvDVpupq9CYRkiY
Zuc9Zf3l/JYD7agKzVgO4JlaAzvB1MwW+JdNVdQ9mHnHULn9r7dl3G7XEZWz5e2Q
2zJ4rYVXg5+WDZPtEDkEFBu0FvSPr0H4oen/+YCL6m6c8wRMtpOvPVIOtoiUPNYQ
UMny6JV1mTg7tkxjj9Tw/NoiSYQgNyuiNd+A+mSEGsFlyfCC+Kh3+I8KYXxh+mkf
FMze6CQBByanXtHC4OKlx8YZnObYxuUiw8MizIjkQcfp20KR2Q7cbpqj9kH5weHw
V0awAwMBIH55IY+bFareH8fcgW7EACGUr2svJYoMQWrwoprI7FaGQKYi5QIDAQAB
o4IC4DCCAtwwHQYDVR0OBBYEFN75P3DTFFgviVK28iFwTdoJ8tWDMB8GA1UdIwQY
MBaAFMHXENisMbH22vcEbEU3SujkBfGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgt
MTE1ZjE1YjIwZGU3LzEvM3ZrX2NOTVVXQy1KVXJieUlYQk4yZ255MVlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kYjMzMDMtNzg3OS00YjY5LTg4NDgtMTE1ZjE1YjIwZGU3
LzEvd2RjUTJLd3hzZmJhOXdSc1JUZEs2T1FGOFk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH1BggrBgEFBQcBBwEB/wSB5TCB4jCBuwQCAAEwgbQDBAYl
nUADAwAugwMEBT5BIDAMAwQCTm4kAwQCTm4oAwQHUOsAAwQEURSQAwQFU6YgAwMA
VDIDBAZVHcADAwBYxAMEA1ndQAMDAVq+AwQAW+zeMAwDBAZe9sADBANe9tADBAew
LgADBAK5FDgDBAK5KOwDBAK5K2gDBAXCamADBAXCfmADBAbDMsADBAXD+qADBAfV
I4ADBAXVqAADBAXVtAADBAbV20ADBATZRyADBAfZn4AwIgQCAAIwHAMFACABB9AD
BQAqABbgAwUAKgEBWAMFACoBbaAwDQYJKoZIhvcNAQELBQADggEBACjM77/Klg8Z
r6FijN8wVwFFUCTX7yfU6pjf74lwEBSS3yj6nTtU8w8Dojs5yy0J7KKH2nlUYMIV
5dmSlAILdcbYtdQ6Q0O2DV9QHbvjCplfnZQAJLAdr5nCDwXFQ6Ts9/CbnDPR8fGq
2tR7ZnRJh8m+uUGHC66JzoNrpJjFdHycyxA8MVBAXJjPKSaYjGfaGgZyKTutGZeu
67zxorCkEEyV+fIdRAFTfj40gExksgIEZYI//MtnoAGHnBZul3iPVTKu3Do6WRQv
etNNmlROzJt4ixGkv/yrLuOQ2mPH/mtPXy5ZJdOgrRgbRHwKjAa5J8JHCrKnnjOn
xxPsh/JC2DE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:37:56 2025 by rpki-client