Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/PAbHc64weo8hVFOoyNw_KIYZGbQ.roa
File: PAbHc64weo8hVFOoyNw_KIYZGbQ.roa (raw, json)
Hash identifier: QrXbLReiK7UXgLaMSU+fS4kFmpcrsFUElNX3domZ2dw=
Subject key identifier: 3C:06:C7:73:AE:30:7A:8F:21:54:53:A8:C8:DC:3F:28:86:19:19:B4
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 01941F8C32D373C89229E90F7B3F6A115B64
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/PAbHc64weo8hVFOoyNw_KIYZGbQ.roa
Signing time: Wed 01 Jan 2025 01:47:49 +0000
ROA not before: Wed 01 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 37.61.226.0/24 maxlen: 32
37.61.227.0/24 maxlen: 32
37.200.104.0/21 maxlen: 32
43.252.28.0/22 maxlen: 32
45.12.56.0/22 maxlen: 32
45.130.120.0/22 maxlen: 32
46.182.168.0/22 maxlen: 32
78.156.160.0/20 maxlen: 32
78.156.176.0/20 maxlen: 32
85.208.148.0/22 maxlen: 32
89.104.110.0/23 maxlen: 32
89.184.192.0/19 maxlen: 32
89.223.14.0/23 maxlen: 32
89.223.18.0/23 maxlen: 32
92.255.32.0/21 maxlen: 32
92.255.86.0/23 maxlen: 32
94.46.0.0/21 maxlen: 32
94.46.2.0/23 maxlen: 32
94.46.32.0/21 maxlen: 32
103.30.12.0/22 maxlen: 32
103.211.184.0/23 maxlen: 32
103.225.128.0/22 maxlen: 32
109.198.32.0/20 maxlen: 32
109.198.48.0/20 maxlen: 32
116.212.188.0/22 maxlen: 32
180.94.216.0/22 maxlen: 32
185.10.7.0/24 maxlen: 32
193.151.52.0/22 maxlen: 32
194.32.88.0/22 maxlen: 32
203.78.168.0/21 maxlen: 32
206.204.0.0/18 maxlen: 32
213.188.80.0/20 maxlen: 32
216.194.80.0/20 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:32:d3:73:c8:92:29:e9:0f:7b:3f:6a:11:5b:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Jan 1 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c06c773ae307a8f215453a8c8dc3f28861919b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ba:38:44:f3:dd:a3:7d:83:13:35:cb:50:77:
64:f1:6f:27:16:39:93:a2:d6:d5:75:f1:89:fc:ab:
ca:28:b9:d9:3c:d3:6f:37:2b:78:e0:d1:b9:b0:4d:
9f:13:31:9a:01:71:35:f3:c0:20:ad:8e:bf:d7:cd:
73:76:b5:75:69:86:73:b7:a8:64:e8:3b:8c:f6:6b:
b8:58:d2:98:fd:9a:96:51:62:c8:53:de:c2:ac:21:
60:0f:d6:e6:4e:0e:38:92:04:6c:de:33:0d:3f:0d:
09:a3:a3:b6:28:58:53:0e:d8:85:31:ed:df:c5:8a:
97:59:cf:31:10:78:32:dc:d1:cf:16:08:dc:2a:5c:
8c:f5:b9:5e:c2:e5:7c:36:e9:eb:b3:1c:8e:1c:96:
72:9d:bc:f3:d4:e3:3b:a4:78:9d:df:31:e0:4d:29:
4d:73:82:44:bd:92:0c:e6:30:e7:d5:9b:67:66:af:
26:cc:33:14:7f:6c:e0:99:62:8b:b1:25:af:86:e8:
50:9c:b1:b6:f8:1f:f1:1b:3c:0f:ff:50:6b:71:ba:
d1:5e:f7:7d:58:91:35:68:ae:18:52:12:f9:55:97:
5f:d3:94:3a:07:d2:22:5a:98:e2:43:41:3c:15:6f:
a5:ed:01:e2:df:a1:a6:34:0d:2c:f5:35:bf:1e:ec:
b2:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:06:C7:73:AE:30:7A:8F:21:54:53:A8:C8:DC:3F:28:86:19:19:B4
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/PAbHc64weo8hVFOoyNw_KIYZGbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.226.0/23
37.200.104.0/21
43.252.28.0/22
45.12.56.0/22
45.130.120.0/22
46.182.168.0/22
78.156.160.0/19
85.208.148.0/22
89.104.110.0/23
89.184.192.0/19
89.223.14.0/23
89.223.18.0/23
92.255.32.0/21
92.255.86.0/23
94.46.0.0/21
94.46.32.0/21
103.30.12.0/22
103.211.184.0/23
103.225.128.0/22
109.198.32.0/19
116.212.188.0/22
180.94.216.0/22
185.10.7.0/24
193.151.52.0/22
194.32.88.0/22
203.78.168.0/21
206.204.0.0/18
213.188.80.0/20
216.194.80.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:97:3b:c1:7b:c1:db:95:61:3f:80:93:46:36:be:57:65:2f:
e9:26:29:d6:df:5a:32:c6:85:95:e6:57:c7:eb:18:9c:ed:b5:
44:54:ca:1f:a6:49:28:35:66:8a:37:59:5d:ea:8e:d0:7d:fb:
79:cf:67:70:04:fb:ff:22:6b:65:d8:fa:95:8c:cb:c2:33:5b:
c4:38:b1:e4:46:bf:c5:45:b7:85:55:e5:c6:e6:ef:77:cf:59:
f6:f1:7c:06:70:52:d4:f1:6e:cc:c9:a7:ce:3d:17:cd:ce:58:
a2:e0:c2:50:80:cc:af:90:7b:d2:38:9b:0b:84:5e:de:38:80:
80:62:98:b4:de:b6:3c:5c:62:27:b8:ca:98:f6:a4:7d:71:6a:
20:8c:04:a7:95:94:73:2d:e7:b0:d2:21:1f:a7:48:b4:d3:1a:
d5:b3:16:76:25:ae:b4:bf:36:47:27:27:ed:f2:26:a8:e3:25:
c7:f4:dc:da:1d:1e:bf:ea:13:20:29:f7:20:2f:31:b0:d4:4e:
6e:b5:5e:06:67:56:0e:ee:ee:cf:9e:e5:b4:37:0c:91:60:5b:
0d:52:2e:e6:fa:93:cf:0b:8e:d5:25:0c:60:c7:08:aa:31:0a:
87:8a:62:d2:64:08:fa:af:a6:a1:3b:b2:d5:ec:a8:a0:3b:e1:
a8:ba:cf:7f
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZQfjDLTc8iSKekPez9qEVtkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzA2Yzc3M2FlMzA3YThmMjE1NDUzYThjOGRjM2YyODg2MTkxOWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ro4RPPdo32DEzXLUHdk8W8nFjmT
otbVdfGJ/KvKKLnZPNNvNyt44NG5sE2fEzGaAXE188AgrY6/181zdrV1aYZzt6hk
6DuM9mu4WNKY/ZqWUWLIU97CrCFgD9bmTg44kgRs3jMNPw0Jo6O2KFhTDtiFMe3f
xYqXWc8xEHgy3NHPFgjcKlyM9blewuV8NunrsxyOHJZynbzz1OM7pHid3zHgTSlN
c4JEvZIM5jDn1ZtnZq8mzDMUf2zgmWKLsSWvhuhQnLG2+B/xGzwP/1BrcbrRXvd9
WJE1aK4YUhL5VZdf05Q6B9IiWpjiQ0E8FW+l7QHi36GmNA0s9TW/HuyyywIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFDwGx3OuMHqPIVRTqMjcPyiGGRm0MB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvUEFiSGM2NHdlbzhoVkZPb3lOd19LSVlaR2JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAEl
PeIDBAMlyGgDBAIr/BwDBAItDDgDBAItgngDBAIutqgDBAVOnKADBAJV0JQDBAFZ
aG4DBAVZuMADBAFZ3w4DBAFZ3xIDBANc/yADBAFc/1YDBANeLgADBANeLiADBAJn
HgwDBAFn07gDBAJn4YADBAVtxiADBAJ01LwDBAK0XtgDBAC5CgcDBALBlzQDBALC
IFgDBAPLTqgDBAbOzAADBATVvFADBATYwlAwDQYJKoZIhvcNAQELBQADggEBAJ6X
O8F7wduVYT+Ak0Y2vldlL+kmKdbfWjLGhZXmV8frGJzttURUyh+mSSg1Zoo3WV3q
jtB9+3nPZ3AE+/8ia2XY+pWMy8IzW8Q4seRGv8VFt4VV5cbm73fPWfbxfAZwUtTx
bszJp849F83OWKLgwlCAzK+Qe9I4mwuEXt44gIBimLTetjxcYie4ypj2pH1xaiCM
BKeVlHMt57DSIR+nSLTTGtWzFnYlrrS/NkcnJ+3yJqjjJcf03NodHr/qEyAp9yAv
MbDUTm61XgZnVg7u7s+e5bQ3DJFgWw1SLub6k88LjtUlDGDHCKoxCoeKYtJkCPqv
pqE7stXsqKA74ai6z38=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:43 2025 by rpki-client