Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/aI-Nj_vun4Y6z6EyohwDYGX8H0s.roa
File: aI-Nj_vun4Y6z6EyohwDYGX8H0s.roa (raw, json)
Hash identifier: 4ylIK/WDC2lM0bIp9pIrkyurv4//zfPx4hNaQgE2TG0=
Subject key identifier: 68:8F:8D:8F:FB:EE:9F:86:3A:CF:A1:32:A2:1C:03:60:65:FC:1F:4B
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 31437F03
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/aI-Nj_vun4Y6z6EyohwDYGX8H0s.roa
Signing time: Sat 01 Jan 2022 12:05:57 +0000
ROA not before: Sat 01 Jan 2022 12:05:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34347
IP address blocks: 80.92.112.0/20 maxlen: 20
185.35.180.0/22 maxlen: 22
156.67.192.0/21 maxlen: 21
195.149.216.0/21 maxlen: 21
185.203.212.0/22 maxlen: 22
185.176.156.0/23 maxlen: 23
2a02:28e8::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 826507011 (0x31437f03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Jan 1 12:05:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=688f8d8ffbee9f863acfa132a21c036065fc1f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1e:70:ca:fc:cf:c6:31:06:3e:a5:cb:e8:d5:
21:ac:83:fe:2d:9b:a2:16:a9:c6:8e:72:d8:07:44:
92:57:df:d4:08:b7:de:85:fe:0a:96:05:32:56:f2:
fc:07:1c:0a:8d:21:b3:27:bb:68:3f:5e:6e:cb:47:
5c:14:b9:59:4a:8b:ba:99:a4:2a:a9:3f:90:0b:0a:
ae:bb:35:cd:78:ad:88:98:d7:9c:8a:91:b7:eb:12:
fe:e9:54:86:88:ec:85:ba:2f:1b:20:73:ce:62:39:
a5:c4:00:84:48:ac:9b:45:30:d8:fd:fd:f4:dc:dd:
db:08:08:e0:ad:ea:f1:63:93:8a:09:72:dc:d2:8f:
99:ea:12:bc:4a:4c:0e:49:ae:73:90:7d:4b:1d:ef:
4f:85:02:0d:c0:02:ed:3f:65:25:20:4f:33:c3:c2:
c1:84:9d:fe:50:c2:a6:99:28:97:ae:62:65:13:ca:
ac:7c:57:4f:ad:e3:ba:e5:24:23:84:22:71:fc:8d:
6a:a7:a1:65:45:9f:98:b0:11:dd:58:04:86:62:7c:
8f:35:f2:cb:f7:4e:aa:ae:a6:30:38:cd:c3:b1:f7:
07:d9:23:71:48:c4:9c:f4:02:29:8a:f7:4f:e6:82:
df:01:39:4b:88:b9:be:3f:11:1a:7b:ea:35:a7:fe:
2e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8F:8D:8F:FB:EE:9F:86:3A:CF:A1:32:A2:1C:03:60:65:FC:1F:4B
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/aI-Nj_vun4Y6z6EyohwDYGX8H0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.112.0/20
156.67.192.0/21
185.35.180.0/22
185.176.156.0/23
185.203.212.0/22
195.149.216.0/21
IPv6:
2a02:28e8::/32
Signature Algorithm: sha256WithRSAEncryption
03:e4:1b:9b:b6:6b:32:b3:9b:39:71:d7:4b:c0:d0:6d:a3:b9:
21:c8:f7:3b:f4:e9:37:fa:98:f1:ba:4d:97:8b:10:17:6e:99:
6e:21:90:0e:37:8f:9a:3d:12:9f:3a:ad:79:19:97:f6:b1:e7:
71:3c:4d:0f:91:3e:ec:03:8b:a3:a9:3c:4f:06:4d:14:87:32:
81:d0:f3:cd:f3:ae:c7:25:58:16:c7:59:82:b2:02:41:44:cc:
d8:44:32:e4:a2:03:7d:86:0a:d8:38:1f:90:34:cc:95:7f:c1:
ae:18:f9:75:59:a2:13:49:98:f2:c4:c4:47:fa:3c:0d:34:12:
63:a3:2b:03:66:66:7f:92:dd:94:71:27:25:de:59:d8:8f:5e:
dd:fb:44:c1:88:d5:69:f4:37:c7:af:d7:49:c5:6c:2b:6e:97:
cc:68:2f:ae:64:a5:d3:21:aa:b8:1f:d3:7b:23:e2:64:52:4c:
ac:dc:01:87:dc:d6:45:51:8c:c1:7d:b9:ca:25:89:91:67:5a:
b8:a2:3a:27:f8:6a:c7:41:b6:67:5b:c8:c7:57:bd:fc:01:bc:
e2:5f:aa:b7:6b:bb:07:3b:c9:a9:fe:0d:f9:4b:de:d1:9c:f5:
33:f3:6d:37:34:a3:33:50:85:01:e4:b1:74:fb:bb:ed:c8:b0:
cc:03:36:aa
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEMUN/AzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZWYzMjVlZjRjYmFhNjZjYzcxZmZjYzY4ODA4NzdlNzZlMTQ5YWZkMB4XDTIyMDEw
MTEyMDU1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg4ZjhkOGZmYmVl
OWY4NjNhY2ZhMTMyYTIxYzAzNjA2NWZjMWY0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQecMr8z8YxBj6ly+jVIayD/i2bohapxo5y2AdEklff1Ai3
3oX+CpYFMlby/AccCo0hsye7aD9ebstHXBS5WUqLupmkKqk/kAsKrrs1zXitiJjX
nIqRt+sS/ulUhojshbovGyBzzmI5pcQAhEism0Uw2P399Nzd2wgI4K3q8WOTigly
3NKPmeoSvEpMDkmuc5B9Sx3vT4UCDcAC7T9lJSBPM8PCwYSd/lDCppkol65iZRPK
rHxXT63juuUkI4QicfyNaqehZUWfmLAR3VgEhmJ8jzXyy/dOqq6mMDjNw7H3B9kj
cUjEnPQCKYr3T+aC3wE5S4i5vj8RGnvqNaf+LuUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRoj42P++6fhjrPoTKiHANgZfwfSzAfBgNVHSMEGDAWgBQ+8yXvTLqmbMcf
/MaICHfnbhSa/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1B2TWw3MHk2cG16SEhfekdpQWgzNTI0VW12MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvNGZkMDkwLTZmYWUtNGE2YS04ZjllLTM0ZDcxNDg1YzU0Ny8x
L2FJLU5qX3Z1bjRZNno2RXlvaHdEWUdYOEgwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
NGZkMDkwLTZmYWUtNGE2YS04ZjllLTM0ZDcxNDg1YzU0Ny8xL1B2TWw3MHk2cG16
SEhfekdpQWgzNTI0VW12MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBFBccAMEA5xDwAMEArkjtAMEAbmw
nAMEArnL1AMEA8OV2DANBAIAAjAHAwUAKgIo6DANBgkqhkiG9w0BAQsFAAOCAQEA
A+Qbm7ZrMrObOXHXS8DQbaO5Icj3O/TpN/qY8bpNl4sQF26ZbiGQDjePmj0Snzqt
eRmX9rHncTxND5E+7AOLo6k8TwZNFIcygdDzzfOuxyVYFsdZgrICQUTM2EQy5KID
fYYK2DgfkDTMlX/Brhj5dVmiE0mY8sTER/o8DTQSY6MrA2Zmf5LdlHEnJd5Z2I9e
3ftEwYjVafQ3x6/XScVsK26XzGgvrmSl0yGquB/TeyPiZFJMrNwBh9zWRVGMwX25
yiWJkWdauKI6J/hqx0G2Z1vIx1e9/AG84l+qt2u7BzvJqf4N+Uve0Zz1M/NtNzSj
M1CFAeSxdPu77ciwzAM2qg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 20:46:16 2025 by rpki-client