Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/cWz4o_srVYJ7u1WMdKOtQCHg6y0.roa
File: cWz4o_srVYJ7u1WMdKOtQCHg6y0.roa (raw, json)
Hash identifier: vAal5XYzXbyURRChCT4RJAyfgGQFpG1H0ALGPvzkAck=
Subject key identifier: 71:6C:F8:A3:FB:2B:55:82:7B:BB:55:8C:74:A3:AD:40:21:E0:EB:2D
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 0194266B0EA85B5452BAC056174774798BA0
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/cWz4o_srVYJ7u1WMdKOtQCHg6y0.roa
Signing time: Thu 02 Jan 2025 09:48:57 +0000
ROA not before: Thu 02 Jan 2025 09:48:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8100
IP address blocks: 31.220.14.0/24 maxlen: 24
45.12.52.0/23 maxlen: 23
45.12.91.0/24 maxlen: 24
185.238.249.0/24 maxlen: 24
185.238.251.0/24 maxlen: 24
193.9.45.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:0e:a8:5b:54:52:ba:c0:56:17:47:74:79:8b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Jan 2 09:48:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=716cf8a3fb2b55827bbb558c74a3ad4021e0eb2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:20:92:58:e4:81:de:62:95:f7:a4:2b:49:84:
37:8f:99:d4:af:ee:f2:f1:66:bb:a3:27:2f:4e:83:
bf:82:2c:40:20:11:40:6c:fa:82:82:e4:ac:1b:a8:
25:d7:88:27:17:4b:97:75:47:40:a6:ab:9f:56:e9:
1d:b1:24:bd:0f:06:4d:1e:40:20:5e:fd:8a:31:1b:
3a:c9:a1:9a:53:cc:de:e5:19:4e:41:52:bd:1b:64:
20:15:f6:d4:a5:de:e9:8c:83:13:4e:7b:06:3b:f4:
c8:a8:8e:54:37:e1:f9:cd:01:a8:fb:f9:52:08:c5:
b0:1f:d0:73:29:60:c4:34:f6:e6:f5:8a:20:12:d6:
62:e3:32:20:19:44:a3:15:fd:8d:75:ac:4b:eb:5d:
66:d2:52:03:63:03:9b:ab:c7:28:ed:db:39:21:3c:
f5:97:6f:71:9b:ef:c0:97:5f:0d:1b:6e:47:34:bc:
09:1e:ac:9b:3b:93:52:4a:1f:de:72:70:ae:e0:aa:
c6:8f:37:8d:d6:6d:74:a9:3b:53:9d:89:49:e4:2b:
33:74:c0:5a:f2:e4:ee:6f:6d:53:72:c2:fb:43:5c:
6b:94:8e:14:c3:24:56:2b:42:c4:40:b0:63:30:91:
fa:e8:cb:95:75:f2:2b:9b:00:5f:66:b9:fe:d0:02:
24:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6C:F8:A3:FB:2B:55:82:7B:BB:55:8C:74:A3:AD:40:21:E0:EB:2D
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/cWz4o_srVYJ7u1WMdKOtQCHg6y0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.14.0/24
45.12.52.0/23
45.12.91.0/24
185.238.249.0/24
185.238.251.0/24
193.9.45.0/24
Signature Algorithm: sha256WithRSAEncryption
27:f1:c8:8d:c5:8c:e4:1f:5a:ac:b1:ac:eb:4f:ec:ef:ea:74:
82:50:7d:93:a6:20:63:aa:95:50:9d:6b:10:75:b5:15:f4:df:
b0:03:5c:0e:9e:1f:66:2c:87:5b:2e:88:44:94:ac:c2:cb:a4:
06:c7:ce:7d:be:f2:55:ef:d5:8c:68:7b:6e:31:cb:c0:77:81:
3a:2b:08:45:74:d7:f5:87:c7:2d:80:cb:46:ac:b4:4d:82:a2:
2d:f8:51:c1:51:54:ec:d8:ee:4c:34:2e:e2:ea:81:3e:77:0d:
6c:0a:c3:fe:47:02:e0:5a:05:ed:02:20:e2:f9:b2:b4:76:72:
69:89:85:b1:ec:45:4f:fb:bb:61:ec:4c:f7:5e:94:38:a7:72:
dd:68:ac:ae:c4:58:90:81:58:03:bf:d9:7e:00:a3:3d:67:89:
92:5c:77:99:08:63:fd:14:b6:a2:e3:79:73:69:e2:1b:d5:59:
a6:43:11:a1:0a:d5:3f:06:83:e8:0c:35:29:1d:43:60:29:70:
c8:c0:7e:7c:39:bc:4a:9e:d2:b1:f3:a7:2e:5f:aa:e4:1c:b0:
87:d9:59:8d:9f:4e:f7:a5:a4:5f:a9:30:2f:31:a1:ec:8a:96:
d3:28:63:1a:4b:52:8f:6d:cf:fe:48:be:6b:d6:2f:ef:93:75:
4d:0a:2f:fb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQmaw6oW1RSusBWF0d0eYugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjUwMTAyMDk0ODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZjZjhhM2ZiMmI1NTgyN2JiYjU1OGM3NGEzYWQ0MDIxZTBlYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyCSWOSB3mKV96QrSYQ3j5nUr+7y
8Wa7oycvToO/gixAIBFAbPqCguSsG6gl14gnF0uXdUdApqufVukdsSS9DwZNHkAg
Xv2KMRs6yaGaU8ze5RlOQVK9G2QgFfbUpd7pjIMTTnsGO/TIqI5UN+H5zQGo+/lS
CMWwH9BzKWDENPbm9YogEtZi4zIgGUSjFf2NdaxL611m0lIDYwObq8co7ds5ITz1
l29xm+/Al18NG25HNLwJHqybO5NSSh/ecnCu4KrGjzeN1m10qTtTnYlJ5CszdMBa
8uTub21TcsL7Q1xrlI4UwyRWK0LEQLBjMJH66MuVdfIrmwBfZrn+0AIkXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHFs+KP7K1WCe7tVjHSjrUAh4OstMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvY1d6NG9fc3JWWUo3dTFXTWRLT3RRQ0hnNnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH9wOAwQB
LQw0AwQALQxbAwQAue75AwQAue77AwQAwQktMA0GCSqGSIb3DQEBCwUAA4IBAQAn
8ciNxYzkH1qssazrT+zv6nSCUH2TpiBjqpVQnWsQdbUV9N+wA1wOnh9mLIdbLohE
lKzCy6QGx859vvJV79WMaHtuMcvAd4E6KwhFdNf1h8ctgMtGrLRNgqIt+FHBUVTs
2O5MNC7i6oE+dw1sCsP+RwLgWgXtAiDi+bK0dnJpiYWx7EVP+7th7Ez3XpQ4p3Ld
aKyuxFiQgVgDv9l+AKM9Z4mSXHeZCGP9FLai43lzaeIb1VmmQxGhCtU/BoPoDDUp
HUNgKXDIwH58ObxKntKx86cuX6rkHLCH2VmNn073paRfqTAvMaHsipbTKGMaS1KP
bc/+SL5r1i/vk3VNCi/7
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:44:59 2025 by rpki-client