Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/PaI64H6BRsmdPh8uuLmpn87sEpk.roa
File: PaI64H6BRsmdPh8uuLmpn87sEpk.roa (raw, json)
Hash identifier: ChYSk5aaXrbkh/NXoTfSNgAZtDhVJuGceMZU45a97JU=
Subject key identifier: 3D:A2:3A:E0:7E:81:46:C9:9D:3E:1F:2E:B8:B9:A9:9F:CE:EC:12:99
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 01942444C05B7C38385E8A345220F6AB42D2
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/PaI64H6BRsmdPh8uuLmpn87sEpk.roa
Signing time: Wed 01 Jan 2025 23:47:53 +0000
ROA not before: Wed 01 Jan 2025 23:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9063
IP address blocks: 31.220.32.0/22 maxlen: 22
37.230.0.0/19 maxlen: 19
91.184.160.0/19 maxlen: 19
93.186.0.0/20 maxlen: 20
109.75.80.0/20 maxlen: 20
176.126.64.0/23 maxlen: 23
176.126.68.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.79.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.168.8.0/24 maxlen: 24
185.168.11.0/24 maxlen: 24
185.186.144.0/23 maxlen: 23
185.194.151.0/24 maxlen: 24
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
185.231.252.0/22 maxlen: 22
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
212.88.128.0/19 maxlen: 19
217.24.224.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:c0:5b:7c:38:38:5e:8a:34:52:20:f6:ab:42:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Jan 1 23:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3da23ae07e8146c99d3e1f2eb8b9a99fceec1299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:af:de:82:b9:1f:bf:d1:ca:de:d9:4d:74:dd:
bf:2b:55:23:d5:09:5f:bc:1a:c4:2e:7c:35:f1:5b:
0f:5b:01:8b:89:0f:7b:ad:4a:e6:b0:ba:de:5c:42:
5c:36:92:ac:3a:a8:12:39:8a:4a:3e:bf:17:f3:31:
c8:a1:5a:2b:32:3c:da:e7:51:90:4f:34:82:37:40:
ed:24:8c:99:71:e7:fd:44:0d:7d:1d:28:24:44:16:
21:86:21:56:8d:be:bd:6d:e3:90:b9:e6:84:8a:5f:
84:ea:e6:59:8a:7c:bd:0e:75:59:ce:3c:18:f1:a5:
53:d4:dc:c3:4f:f0:6e:04:09:25:23:34:45:5a:e9:
ef:e3:9c:f0:64:ed:6a:d4:50:b8:ec:dd:50:d8:b5:
c9:44:81:bc:d0:12:54:86:f0:1c:37:5b:ed:16:7a:
37:13:fd:c5:61:24:11:1a:1f:f4:6c:c4:e8:34:06:
3b:68:46:c8:02:67:3c:b9:b4:76:47:a8:b2:fb:5a:
91:22:64:be:e0:d9:f0:95:19:34:f6:0c:8d:b8:9c:
1b:b7:2f:af:56:4f:45:7c:c5:56:45:c8:b1:50:7d:
06:4c:50:a8:c9:cf:84:7a:c1:8d:df:02:72:a6:e8:
1b:4f:17:a3:95:7f:b9:4e:c6:6f:f8:d0:0e:0f:b1:
2a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:A2:3A:E0:7E:81:46:C9:9D:3E:1F:2E:B8:B9:A9:9F:CE:EC:12:99
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/PaI64H6BRsmdPh8uuLmpn87sEpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.32.0/22
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:d7:6a:2b:a2:39:ba:b3:15:a1:de:bc:e9:05:70:a1:24:0d:
58:0b:d1:99:bf:6f:3c:ab:2e:d2:8e:58:69:29:73:89:4d:e3:
d3:4a:ca:ca:f8:bd:72:91:c7:33:48:a5:f5:6b:0b:5a:da:b1:
57:e5:2c:c8:23:2c:e3:1e:02:41:c1:73:40:8c:18:cc:88:93:
c4:80:cc:a1:d1:3c:ab:d0:6a:1d:ae:6c:ff:f3:89:71:80:c5:
5d:04:e3:cb:7e:cd:82:60:23:9a:84:5b:0c:80:df:d3:12:e5:
8e:39:75:a2:49:5a:87:44:88:0d:9a:81:d1:fa:81:60:04:9b:
c0:46:ce:8c:93:38:a5:9b:36:e5:dc:02:81:7e:a7:a5:94:d1:
87:56:e5:c3:f9:4a:78:eb:cd:da:eb:e8:90:34:83:38:87:e3:
90:f0:29:3d:78:21:d8:e5:16:0a:43:73:2d:d8:c0:91:b3:2e:
b3:24:c2:78:2c:aa:7e:fb:d0:df:69:83:c8:b4:b3:2d:a3:b4:
13:e8:16:0b:8a:f3:05:6a:4b:47:fa:88:6a:e9:59:ea:0c:ea:
09:40:e8:ab:95:39:30:10:cf:62:54:e2:90:85:e8:39:94:e0:
79:8f:2b:5e:67:26:65:21:58:a0:fd:1a:c2:64:2e:79:ab:67:
3a:d3:ae:d9
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAZQkRMBbfDg4Xoo0UiD2q0LSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjUwMTAxMjM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGEyM2FlMDdlODE0NmM5OWQzZTFmMmViOGI5YTk5ZmNlZWMxMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8q/egrkfv9HK3tlNdN2/K1Uj1Qlf
vBrELnw18VsPWwGLiQ97rUrmsLreXEJcNpKsOqgSOYpKPr8X8zHIoVorMjza51GQ
TzSCN0DtJIyZcef9RA19HSgkRBYhhiFWjb69beOQueaEil+E6uZZiny9DnVZzjwY
8aVT1NzDT/BuBAklIzRFWunv45zwZO1q1FC47N1Q2LXJRIG80BJUhvAcN1vtFno3
E/3FYSQRGh/0bMToNAY7aEbIAmc8ubR2R6iy+1qRImS+4NnwlRk09gyNuJwbty+v
Vk9FfMVWRcixUH0GTFCoyc+EesGN3wJypugbTxejlX+5TsZv+NAOD7EqJwIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFD2iOuB+gUbJnT4fLri5qZ/O7BKZMB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEvUGFJNjRINkJSc21kUGg4dXVMbXBuODdzRXBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBxQQCAAEwgb4DBAIf
3CADBAUl5gADBAVbuKADBARdugADBARtS1ADBAGwfkADBAGwfkQwDAMEALB+RwME
AbB+SDAMAwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQMEBLkjYAME
AbmhyDAMAwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKXAwQAuct7
AwQAud6LAwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2RjgMA0EAgAC
MAcDBQMqAgWgMA0GCSqGSIb3DQEBCwUAA4IBAQB712orojm6sxWh3rzpBXChJA1Y
C9GZv288qy7SjlhpKXOJTePTSsrK+L1ykcczSKX1awta2rFX5SzIIyzjHgJBwXNA
jBjMiJPEgMyh0Tyr0Godrmz/84lxgMVdBOPLfs2CYCOahFsMgN/TEuWOOXWiSVqH
RIgNmoHR+oFgBJvARs6Mkzilmzbl3AKBfqellNGHVuXD+Up4683a6+iQNIM4h+OQ
8Ck9eCHY5RYKQ3Mt2MCRsy6zJMJ4LKp++9DfaYPItLMto7QT6BYLivMFaktH+ohq
6VnqDOoJQOirlTkwEM9iVOKQheg5lOB5jyteZyZlIVig/RrCZC55q2c6067Z
-----END CERTIFICATE-----
Generated at Fri Apr 25 02:18:22 2025 by rpki-client