Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/HtYH7IfWThQC0FjsfIOLJnPcCb0.roa
File: HtYH7IfWThQC0FjsfIOLJnPcCb0.roa (raw, json)
Hash identifier: JQOoHMUiGQozF5WEbUjnDZo1IaMc3weZxMTmvWza6pA=
Subject key identifier: 1E:D6:07:EC:87:D6:4E:14:02:D0:58:EC:7C:83:8B:26:73:DC:09:BD
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 019425FDA34B34438F061574365C82D89B6D
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/HtYH7IfWThQC0FjsfIOLJnPcCb0.roa
Signing time: Thu 02 Jan 2025 07:49:26 +0000
ROA not before: Thu 02 Jan 2025 07:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34347
IP address blocks: 80.92.112.0/20 maxlen: 20
156.67.192.0/21 maxlen: 21
185.35.180.0/22 maxlen: 22
185.176.156.0/23 maxlen: 23
185.203.212.0/22 maxlen: 22
195.149.216.0/21 maxlen: 21
2a02:28e8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a3:4b:34:43:8f:06:15:74:36:5c:82:d8:9b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Jan 2 07:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed607ec87d64e1402d058ec7c838b2673dc09bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:55:a2:79:42:0e:5c:5b:c3:0e:7e:bc:8a:ff:
ef:46:d7:01:76:31:5f:51:7f:af:79:04:fb:98:1b:
db:5e:00:b7:9f:cd:8e:6e:b4:ae:6b:33:b0:05:44:
9e:2a:4d:05:98:95:f6:d4:2c:65:5f:7f:92:d3:8a:
86:10:6a:bd:d5:03:9a:77:bd:ac:d5:45:74:0a:f8:
d8:57:61:e4:bd:a6:f3:37:52:57:9c:ee:f3:6e:49:
d5:18:18:0d:27:21:b1:b0:0f:3e:6b:c6:c2:33:6a:
1e:1c:32:31:87:4d:06:25:74:b2:56:37:1e:8a:8f:
96:40:cc:33:76:f4:de:3b:70:66:4b:3a:8c:66:bf:
86:f3:ed:75:5e:9a:b2:8f:de:75:03:2a:7f:d6:f6:
de:e5:37:a3:7b:d4:85:80:f6:a3:fb:c8:b0:03:60:
12:3b:97:fc:db:47:17:a4:ff:b4:8f:84:20:22:26:
a2:2f:36:8a:e0:b6:b7:15:a2:f1:e1:9b:34:ba:1f:
b6:88:6e:ed:6c:b3:52:e0:e4:57:96:82:98:d6:a1:
4b:c2:b1:ab:d4:7e:4d:29:ed:61:e3:c3:e9:f3:69:
f4:eb:e3:de:eb:2b:7c:ee:15:13:2b:2e:60:07:13:
5b:bf:80:cc:c4:8c:12:7d:60:60:4e:f6:0f:9c:18:
87:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D6:07:EC:87:D6:4E:14:02:D0:58:EC:7C:83:8B:26:73:DC:09:BD
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/HtYH7IfWThQC0FjsfIOLJnPcCb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.112.0/20
156.67.192.0/21
185.35.180.0/22
185.176.156.0/23
185.203.212.0/22
195.149.216.0/21
IPv6:
2a02:28e8::/32
Signature Algorithm: sha256WithRSAEncryption
0b:78:d1:5e:3b:4a:22:1c:d5:ff:b6:55:6c:6c:ea:18:de:20:
d3:4e:e0:da:2f:06:42:a4:85:53:3f:c0:12:d6:90:8c:46:c8:
59:2b:29:ab:cb:2f:f9:fc:bb:ab:11:1d:f2:b7:c3:3a:2a:da:
a1:41:63:72:8e:a1:62:f9:70:b5:27:3e:92:62:87:ca:16:96:
44:7e:56:ef:19:ba:82:27:8b:dc:de:9b:15:3d:ef:4a:71:18:
2e:5e:4f:1c:18:46:22:99:b2:68:8d:05:7b:51:97:d0:50:6e:
f3:f7:ae:a2:b3:f2:0a:44:ea:a1:b0:69:34:88:20:fe:f2:a9:
74:3b:72:80:40:4c:9a:bb:23:95:a8:83:1b:f9:e3:5d:0a:d3:
2e:0f:b2:fc:a4:67:1a:d6:65:c3:5f:26:02:ae:bd:db:3a:5d:
eb:fd:2b:a6:3e:6a:3d:ec:f2:59:e8:08:82:92:0a:57:93:40:
af:6a:73:e5:28:b6:4e:dd:8b:d7:3e:90:3e:39:9b:64:3b:3c:
a0:b5:ed:d2:b0:81:68:26:4e:1e:df:31:b9:82:19:48:99:52:
3e:b4:28:8e:18:d3:97:d1:63:00:c7:e0:66:a7:45:2a:26:d2:
f2:a2:67:2f:0b:fd:77:37:6b:95:0e:51:f5:81:2b:d1:b7:f3:
89:47:e7:7d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQl/aNLNEOPBhV0NlyC2JttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx
NDlhZmQwHhcNMjUwMTAyMDc0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ2MDdlYzg3ZDY0ZTE0MDJkMDU4ZWM3YzgzOGIyNjczZGMwOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81WieUIOXFvDDn68iv/vRtcBdjFf
UX+veQT7mBvbXgC3n82ObrSuazOwBUSeKk0FmJX21CxlX3+S04qGEGq91QOad72s
1UV0CvjYV2HkvabzN1JXnO7zbknVGBgNJyGxsA8+a8bCM2oeHDIxh00GJXSyVjce
io+WQMwzdvTeO3BmSzqMZr+G8+11Xpqyj951Ayp/1vbe5Teje9SFgPaj+8iwA2AS
O5f820cXpP+0j4QgIiaiLzaK4La3FaLx4Zs0uh+2iG7tbLNS4ORXloKY1qFLwrGr
1H5NKe1h48Pp82n06+Pe6yt87hUTKy5gBxNbv4DMxIwSfWBgTvYPnBiHBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFB7WB+yH1k4UAtBY7HyDiyZz3Am9MB8GA1UdIwQY
MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt
MzRkNzE0ODVjNTQ3LzEvSHRZSDdJZldUaFFDMEZqc2ZJT0xKblBjQ2IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3
LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFxwAwQD
nEPAAwQCuSO0AwQBubCcAwQCucvUAwQDw5XYMA0EAgACMAcDBQAqAijoMA0GCSqG
SIb3DQEBCwUAA4IBAQALeNFeO0oiHNX/tlVsbOoY3iDTTuDaLwZCpIVTP8AS1pCM
RshZKymryy/5/LurER3yt8M6KtqhQWNyjqFi+XC1Jz6SYofKFpZEflbvGbqCJ4vc
3psVPe9KcRguXk8cGEYimbJojQV7UZfQUG7z966is/IKROqhsGk0iCD+8ql0O3KA
QEyauyOVqIMb+eNdCtMuD7L8pGca1mXDXyYCrr3bOl3r/SumPmo97PJZ6AiCkgpX
k0CvanPlKLZO3YvXPpA+OZtkOzygte3SsIFoJk4e3zG5ghlImVI+tCiOGNOX0WMA
x+Bmp0UqJtLyomcvC/13N2uVDlH1gSvRt/OJR+d9
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:34:53 2025 by rpki-client