Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/74K5COiNHqRKwtsPyvKkgS9e6xQ.roa
File: 74K5COiNHqRKwtsPyvKkgS9e6xQ.roa (raw, json)
Hash identifier: jHSch+okCri5q4zwxjU52tSM/mWDerzB3ZPucKHLQKs=
Subject key identifier: EF:82:B9:08:E8:8D:1E:A4:4A:C2:DB:0F:CA:F2:A4:81:2F:5E:EB:14
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 018CC6B934963ED35CC1D931B75BC2948627
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/74K5COiNHqRKwtsPyvKkgS9e6xQ.roa
Signing time: Mon 01 Jan 2024 20:31:15 +0000
ROA not before: Mon 01 Jan 2024 20:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34347
IP address blocks: 80.92.112.0/20 maxlen: 20
185.35.180.0/22 maxlen: 22
156.67.192.0/21 maxlen: 21
195.149.216.0/21 maxlen: 21
185.203.212.0/22 maxlen: 22
185.176.156.0/23 maxlen: 23
2a02:28e8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:34:96:3e:d3:5c:c1:d9:31:b7:5b:c2:94:86:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Jan 1 20:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef82b908e88d1ea44ac2db0fcaf2a4812f5eeb14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:65:bf:45:5e:a8:55:c7:3b:4c:4a:6a:0a:34:
d4:5b:bd:d1:b2:c2:d2:8e:26:87:34:e8:9e:44:b8:
d3:1a:a6:d8:5b:65:61:fc:a3:02:5a:1f:47:9b:17:
a6:f1:e3:61:20:0d:05:34:8f:7c:cb:ce:43:8d:ad:
fe:a4:e3:a1:20:15:bf:c0:17:6f:80:d3:57:33:5d:
c1:1f:ea:27:8b:81:16:ac:06:32:c5:0d:c1:a9:ac:
a4:ea:e5:c0:fd:50:8a:ac:3c:40:f3:ad:e3:7b:07:
e9:e5:63:2f:58:41:ca:8b:81:75:b9:af:4a:fe:4d:
dd:86:79:ce:06:40:9a:5e:bf:49:76:df:06:e9:15:
51:fa:6b:8a:40:51:e4:fe:68:78:79:22:33:8e:d2:
be:6f:2e:64:67:34:34:d5:0b:12:7d:c8:3c:c3:10:
a4:03:23:d4:b9:7c:c6:9c:77:fa:6e:bc:20:84:ca:
bc:45:4b:45:08:20:2e:91:49:04:5d:9e:f8:f5:dc:
04:16:63:7e:31:16:3b:8f:d4:3d:69:c5:5e:21:9b:
80:d0:2f:23:9e:85:f8:b5:a9:85:a6:cd:a8:d9:84:
60:d9:25:4e:83:51:be:2f:cb:5e:1b:df:de:03:ad:
25:d1:0a:a8:a5:99:61:f4:f5:b7:71:bc:4a:58:16:
dd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:82:B9:08:E8:8D:1E:A4:4A:C2:DB:0F:CA:F2:A4:81:2F:5E:EB:14
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/74K5COiNHqRKwtsPyvKkgS9e6xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.112.0/20
156.67.192.0/21
185.35.180.0/22
185.176.156.0/23
185.203.212.0/22
195.149.216.0/21
IPv6:
2a02:28e8::/32
Signature Algorithm: sha256WithRSAEncryption
2c:93:7a:6f:c3:7c:e9:9a:28:ed:d1:b0:7d:c0:ba:6d:dd:69:
95:2c:f2:55:04:7e:85:05:19:0a:40:4e:38:73:ae:99:2f:e9:
12:d6:12:9a:f0:ae:97:7d:5b:65:18:d2:5d:ad:0c:79:3f:3e:
22:82:67:fd:9a:e6:8b:31:a9:e3:89:73:69:28:49:8f:2f:31:
c7:fa:9d:f4:f9:c1:e0:ad:18:e8:b4:1d:bf:25:d2:b8:d6:ab:
f9:b2:82:a7:de:16:f4:73:a9:fa:b5:a5:70:1b:49:31:b5:ba:
e7:3e:09:7e:87:bf:29:fa:34:64:60:f0:fc:c4:6d:59:df:b9:
21:99:5a:e6:04:a3:4f:7b:7f:e2:36:d0:cd:84:1a:a6:59:2c:
1a:91:d8:75:10:e5:f0:39:d6:2c:9d:00:b0:b2:e3:d9:54:c3:
4e:86:5b:5f:ea:77:2a:a9:46:6e:8e:c5:6b:2b:36:c2:62:e2:
9c:c8:34:c1:93:76:8b:88:9c:b9:2d:b3:2e:ad:48:ee:9e:9f:
1b:78:b6:be:cc:46:d6:cd:e8:0c:e7:e2:a5:6e:f7:8f:67:f2:
68:64:f0:e5:a1:47:c2:7f:c8:6b:25:73:12:49:39:02:fa:99:
c9:7e:09:24:4b:f0:fa:d7:20:76:43:58:ea:77:bd:7e:65:b3:
78:c6:df:a6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGuTSWPtNcwdkxt1vClIYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx
NDlhZmQwHhcNMjQwMTAxMjAzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjgyYjkwOGU4OGQxZWE0NGFjMmRiMGZjYWYyYTQ4MTJmNWVlYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGW/RV6oVcc7TEpqCjTUW73RssLS
jiaHNOieRLjTGqbYW2Vh/KMCWh9Hmxem8eNhIA0FNI98y85Dja3+pOOhIBW/wBdv
gNNXM13BH+oni4EWrAYyxQ3Bqayk6uXA/VCKrDxA863jewfp5WMvWEHKi4F1ua9K
/k3dhnnOBkCaXr9Jdt8G6RVR+muKQFHk/mh4eSIzjtK+by5kZzQ01QsSfcg8wxCk
AyPUuXzGnHf6brwghMq8RUtFCCAukUkEXZ749dwEFmN+MRY7j9Q9acVeIZuA0C8j
noX4tamFps2o2YRg2SVOg1G+L8teG9/eA60l0QqopZlh9PW3cbxKWBbdUwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO+CuQjojR6kSsLbD8rypIEvXusUMB8GA1UdIwQY
MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt
MzRkNzE0ODVjNTQ3LzEvNzRLNUNPaU5IcVJLd3RzUHl2S2tnUzllNnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3
LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFxwAwQD
nEPAAwQCuSO0AwQBubCcAwQCucvUAwQDw5XYMA0EAgACMAcDBQAqAijoMA0GCSqG
SIb3DQEBCwUAA4IBAQAsk3pvw3zpmijt0bB9wLpt3WmVLPJVBH6FBRkKQE44c66Z
L+kS1hKa8K6XfVtlGNJdrQx5Pz4igmf9muaLManjiXNpKEmPLzHH+p30+cHgrRjo
tB2/JdK41qv5soKn3hb0c6n6taVwG0kxtbrnPgl+h78p+jRkYPD8xG1Z37khmVrm
BKNPe3/iNtDNhBqmWSwakdh1EOXwOdYsnQCwsuPZVMNOhltf6ncqqUZujsVrKzbC
YuKcyDTBk3aLiJy5LbMurUjunp8beLa+zEbWzegM5+KlbvePZ/JoZPDloUfCf8hr
JXMSSTkC+pnJfgkkS/D61yB2Q1jqd71+ZbN4xt+m
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:14:04 2025 by rpki-client