Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RtuH_0FKBCNOhv7uxgeEL7TSH10.roa
File: RtuH_0FKBCNOhv7uxgeEL7TSH10.roa (raw, json)
Hash identifier: QbB7E+GnBoQaFxAJdEHE3mjj/MZDPl1UNwP4SIJKMzA=
Subject key identifier: 46:DB:87:FF:41:4A:04:23:4E:86:FE:EE:C6:07:84:2F:B4:D2:1F:5D
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01954167E771A2A0B70551EA57AB80079EF5
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RtuH_0FKBCNOhv7uxgeEL7TSH10.roa
Signing time: Wed 26 Feb 2025 08:38:03 +0000
ROA not before: Wed 26 Feb 2025 08:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 80.96.12.0/24 maxlen: 24
80.96.43.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.69.0/24 maxlen: 24
80.96.72.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.219.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.30.0/24 maxlen: 24
81.181.112.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
81.181.246.0/24 maxlen: 24
85.120.20.0/24 maxlen: 24
85.120.23.0/24 maxlen: 24
193.226.16.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.125.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
193.230.158.0/24 maxlen: 24
193.230.171.0/24 maxlen: 24
193.230.217.0/24 maxlen: 24
193.230.229.0/24 maxlen: 24
193.231.75.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.194.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
194.102.98.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
194.153.224.0/24 maxlen: 24
217.156.14.0/24 maxlen: 24
217.156.20.0/23 maxlen: 23
217.156.41.0/24 maxlen: 24
217.156.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:41:67:e7:71:a2:a0:b7:05:51:ea:57:ab:80:07:9e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Feb 26 08:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=46db87ff414a04234e86feeec607842fb4d21f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:88:ba:6d:1c:0a:91:2f:85:b0:fe:2f:41:88:
a4:dc:44:f0:46:4e:77:db:f2:e3:e0:77:c7:28:e4:
72:e7:e1:ea:73:98:35:cf:03:45:5e:ac:f6:0e:7c:
7d:b5:ae:26:c7:9e:21:d8:d8:54:6f:a6:68:df:42:
65:c7:08:ee:d7:4d:3f:63:b7:b5:c4:aa:d9:3c:dd:
06:98:66:99:83:cb:d8:c4:5d:e8:b7:2d:8b:48:6e:
26:49:e2:65:8d:6b:d3:d1:32:ab:9e:64:d7:f1:53:
1e:b9:92:88:a0:da:6b:62:c1:08:3c:0c:f1:07:1d:
74:1b:e1:e5:a4:8d:7d:3c:fa:32:e3:d7:19:66:74:
36:b6:c2:01:fb:e0:89:d9:5a:6a:97:27:bc:6b:73:
56:61:0e:b9:fd:c4:a1:ca:8b:47:c6:d5:18:41:c8:
67:ba:da:10:0d:00:1d:8f:cb:b8:fb:d4:d8:eb:16:
f9:0a:5a:c3:51:6c:d6:ed:ce:14:4f:4d:4f:26:08:
c9:1a:aa:ff:7f:58:e2:99:a4:66:fb:cb:94:d1:3a:
48:f2:71:19:21:0c:f3:a4:03:f6:26:50:47:75:36:
e7:6f:94:09:7b:a3:88:17:fd:25:7f:14:25:6e:e6:
76:41:24:a4:b9:70:66:88:16:2c:af:d1:dd:28:c2:
4f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:DB:87:FF:41:4A:04:23:4E:86:FE:EE:C6:07:84:2F:B4:D2:1F:5D
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RtuH_0FKBCNOhv7uxgeEL7TSH10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.43.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.69.0/24
80.96.72.0/24
80.96.79.0/24
80.96.219.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.30.0/24
81.181.112.0/24
81.181.128.0/24
81.181.167.0/24
81.181.246.0/24
85.120.20.0/24
85.120.23.0/24
193.226.16.0/24
193.226.116.0/24
193.226.125.0/24
193.226.127.0/24
193.230.158.0/24
193.230.171.0/24
193.230.217.0/24
193.230.229.0/24
193.231.75.0/24
193.231.108.0/24
193.231.184.0/24
193.231.194.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.98.0/24
194.102.134.0/24
194.102.229.0/24
194.153.224.0/24
217.156.14.0/24
217.156.20.0/23
217.156.41.0/24
217.156.92.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:d3:6e:a1:30:c4:98:55:cf:d1:a0:1c:c6:e5:2b:70:33:b5:
f4:11:a1:7b:09:87:65:52:97:a6:6c:77:df:da:60:81:0f:4a:
bb:89:ec:d3:67:80:e0:8b:8b:6c:d3:83:14:f7:df:36:f6:0c:
b8:67:96:86:20:6d:a0:02:9f:9b:b2:93:fc:49:dd:9e:62:2e:
4e:81:0a:21:8f:53:7e:a0:d8:04:e6:c4:0f:68:b8:93:b9:95:
f4:e1:59:23:f6:24:40:52:78:0d:8b:32:80:a9:79:1c:46:8f:
11:ba:58:e9:6a:61:ca:11:58:b8:dc:b6:05:3f:5c:09:b6:df:
bb:4c:93:61:20:d7:28:c9:63:10:6c:43:01:21:af:7a:bc:f0:
ae:be:21:a9:83:b9:c4:99:dd:32:ad:9a:d8:70:58:f5:82:6b:
92:ca:87:16:d7:e3:59:44:dc:39:51:3a:10:26:dc:f0:a6:80:
f1:7f:51:55:8a:af:dd:51:b3:c1:ce:18:93:00:a3:7e:a8:6b:
e9:67:ce:81:36:f8:e4:f6:bb:76:f7:0c:86:6d:34:9b:5e:10:
67:2e:89:b5:f5:d2:70:96:a4:23:ce:5c:9a:f6:3e:6b:b7:df:
a5:a1:3f:84:4b:81:de:53:4d:59:27:4f:2c:d9:2e:d8:c7:ac:
87:e4:e1:9b
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgISAZVBZ+dxoqC3BVHqV6uAB571MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMjI2MDgzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmRiODdmZjQxNGEwNDIzNGU4NmZlZWVjNjA3ODQyZmI0ZDIxZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oi6bRwKkS+FsP4vQYik3ETwRk53
2/Lj4HfHKORy5+Hqc5g1zwNFXqz2Dnx9ta4mx54h2NhUb6Zo30Jlxwju100/Y7e1
xKrZPN0GmGaZg8vYxF3oty2LSG4mSeJljWvT0TKrnmTX8VMeuZKIoNprYsEIPAzx
Bx10G+HlpI19PPoy49cZZnQ2tsIB++CJ2Vpqlye8a3NWYQ65/cShyotHxtUYQchn
utoQDQAdj8u4+9TY6xb5ClrDUWzW7c4UT01PJgjJGqr/f1jimaRm+8uU0TpI8nEZ
IQzzpAP2JlBHdTbnb5QJe6OIF/0lfxQlbuZ2QSSkuXBmiBYsr9HdKMJPvQIDAQAB
o4IDETCCAw0wHQYDVR0OBBYEFEbbh/9BSgQjTob+7sYHhC+00h9dMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUnR1SF8wRktCQ05PaHY3dXhnZUVMN1RTSDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBJQYIKwYBBQUHAQcBAf8EggEUMIIBEDCCAQwEAgABMIIB
BAMEAFBgDAMEAFBgKwMEAFBgLwMEAFBgMwMEAFBgQwMEAFBgRQMEAFBgSAMEAFBg
TwMEAFBg2zAMAwQAUGGTAwQBUGGUAwQAUbQbAwQAUbUeAwQAUbVwAwQAUbWAAwQA
UbWnAwQAUbX2AwQAVXgUAwQAVXgXAwQAweIQAwQAweJ0AwQAweJ9AwQAweJ/AwQA
weaeAwQAwearAwQAwebZAwQAweblAwQAwedLAwQAwedsAwQAwee4AwQAwefCAwQA
wefpAwQAwefsAwQAwefuAwQAwef8AwQAwmZiAwQAwmaGAwQAwmblAwQAwpngAwQA
2ZwOAwQB2ZwUAwQA2ZwpAwQA2ZxcMA0GCSqGSIb3DQEBCwUAA4IBAQA8026hMMSY
Vc/RoBzG5StwM7X0EaF7CYdlUpembHff2mCBD0q7iezTZ4Dgi4ts04MU99829gy4
Z5aGIG2gAp+bspP8Sd2eYi5OgQohj1N+oNgE5sQPaLiTuZX04Vkj9iRAUngNizKA
qXkcRo8RuljpamHKEVi43LYFP1wJtt+7TJNhINcoyWMQbEMBIa96vPCuviGpg7nE
md0yrZrYcFj1gmuSyocW1+NZRNw5UToQJtzwpoDxf1FViq/dUbPBzhiTAKN+qGvp
Z86BNvjk9rt29wyGbTSbXhBnLom19dJwlqQjzlya9j5rt9+loT+ES4HeU01ZJ08s
2S7Yx6yH5OGb
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:25:07 2025 by rpki-client