Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/P6qSfMN4bS0nrJNz6XJRtAxVyJw.roa
File: P6qSfMN4bS0nrJNz6XJRtAxVyJw.roa (raw, json)
Hash identifier: YirpAuWE/Sf06+oHRFdvdZ3OCWrOWGp493wL/jLlFRo=
Subject key identifier: 3F:AA:92:7C:C3:78:6D:2D:27:AC:93:73:E9:72:51:B4:0C:55:C8:9C
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0194AC35116A7364F2CACCBACBD9F91E553F
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/P6qSfMN4bS0nrJNz6XJRtAxVyJw.roa
Signing time: Tue 28 Jan 2025 09:19:06 +0000
ROA not before: Tue 28 Jan 2025 09:19:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60246
IP address blocks: 80.72.20.0/23 maxlen: 32
80.72.24.0/23 maxlen: 32
85.198.120.0/21 maxlen: 32
92.118.72.0/23 maxlen: 32
95.174.96.0/20 maxlen: 32
95.174.112.0/21 maxlen: 32
95.174.120.0/24 maxlen: 32
95.174.123.0/24 maxlen: 32
95.174.124.0/22 maxlen: 32
178.212.139.0/24 maxlen: 32
185.9.184.0/24 maxlen: 32
185.9.186.0/23 maxlen: 32
185.230.240.0/23 maxlen: 32
185.230.242.0/24 maxlen: 32
2a00:8740::/47 maxlen: 128
2a00:8740:2::/48 maxlen: 128
2a00:8740:10::/47 maxlen: 128
2a00:8740:15::/48 maxlen: 128
2a00:8740:16::/47 maxlen: 128
2a00:8740:18::/45 maxlen: 128
2a00:8740:20::/44 maxlen: 128
2a00:8740:30::/46 maxlen: 128
2a00:8740:34::/47 maxlen: 128
2a00:8740:36::/48 maxlen: 128
2a00:8740:100::/48 maxlen: 128
2a00:8740:110::/47 maxlen: 128
2a00:8740:112::/48 maxlen: 128
2a00:8740:201::/48 maxlen: 128
2a00:8740:ff00::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:35:11:6a:73:64:f2:ca:cc:ba:cb:d9:f9:1e:55:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 28 09:19:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3faa927cc3786d2d27ac9373e97251b40c55c89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:20:ce:ce:ba:fd:da:ff:8c:92:7e:d2:72:65:
bc:fc:b0:bf:7c:ab:99:dd:3f:c1:a6:7f:7c:5b:d5:
f0:cf:3d:a2:98:3b:1a:34:5a:d2:cb:0d:bb:b6:45:
73:4e:59:bb:d8:65:8d:9f:c5:a4:16:bc:6c:88:b8:
95:93:3e:74:db:07:d8:dc:b7:ad:4f:9f:a9:e7:43:
d2:de:be:35:45:3d:8c:58:3b:07:46:59:32:0b:9c:
91:96:da:fc:81:8b:e2:17:6d:4f:8c:5c:e6:b6:b1:
d0:c6:6c:d6:f3:f6:2a:cc:76:a0:a3:d2:e5:a9:b5:
60:4b:90:dd:5e:10:e7:1f:fc:87:3e:f4:33:49:27:
be:b7:63:24:12:58:08:19:43:ec:81:eb:56:20:c0:
a7:99:03:45:95:d9:47:64:6b:3e:aa:83:4e:8a:4b:
dc:6c:ca:1b:ca:ab:81:f4:de:f1:bb:f0:b5:72:79:
8f:82:a4:46:e7:9a:0a:8b:da:31:45:54:9a:13:96:
60:c3:f2:a6:70:2c:1b:ae:55:b8:16:03:4d:5e:d0:
a6:98:8d:b9:37:71:dc:1a:1f:2b:ab:44:71:7b:f5:
2e:df:18:85:11:03:56:7c:cc:88:bf:c8:68:02:de:
37:54:98:d1:7b:21:65:63:0e:2e:45:8e:cb:28:97:
b5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:AA:92:7C:C3:78:6D:2D:27:AC:93:73:E9:72:51:B4:0C:55:C8:9C
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/P6qSfMN4bS0nrJNz6XJRtAxVyJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.20.0/23
80.72.24.0/23
85.198.120.0/21
92.118.72.0/23
95.174.96.0-95.174.120.255
95.174.123.0-95.174.127.255
178.212.139.0/24
185.9.184.0/24
185.9.186.0/23
185.230.240.0-185.230.242.255
IPv6:
2a00:8740::-2a00:8740:2:ffff:ffff:ffff:ffff:ffff
2a00:8740:10::/47
2a00:8740:15::-2a00:8740:36:ffff:ffff:ffff:ffff:ffff
2a00:8740:100::/48
2a00:8740:110::-2a00:8740:112:ffff:ffff:ffff:ffff:ffff
2a00:8740:201::/48
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
87:b6:26:7f:24:e5:06:e6:46:c4:45:b7:d2:bc:f7:71:3b:14:
cf:7d:b4:fe:af:8e:9c:fd:f6:7e:b7:3a:23:ea:d3:62:a6:bc:
5b:da:bc:e2:1a:0d:56:d4:c9:43:4b:4f:6b:d2:0c:30:a6:25:
12:66:59:eb:29:6a:84:e8:de:8c:c9:99:4a:b5:04:ca:e9:d8:
8d:db:b7:b3:cd:22:8c:bf:7d:e6:7b:b3:37:1b:be:9f:2d:a3:
cf:5b:b6:d7:14:36:f2:7f:4e:4b:d2:e6:bd:37:68:9a:0d:1e:
d1:ab:13:21:ee:fb:9f:e1:42:63:ab:6c:03:35:35:7f:86:ab:
84:78:8a:bd:a3:01:5d:b7:91:ae:e6:ac:aa:be:3b:88:b5:55:
dc:39:11:ea:41:7f:ab:ce:36:3d:64:b0:07:f4:37:21:65:a5:
93:59:f9:37:03:2c:e9:d5:35:b9:08:3a:e4:90:93:ac:85:41:
74:94:22:c1:77:80:55:22:5a:0a:00:37:02:86:da:10:dd:45:
13:c6:e4:4b:14:6c:84:58:f8:ba:98:71:40:61:32:79:67:23:
12:57:87:ee:fc:16:2f:fc:47:dd:81:3a:ab:3a:86:d7:f9:e3:
2f:5d:1e:d5:6f:26:b8:fe:48:c6:29:15:49:56:24:5c:e2:51:
83:c0:03:af
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZSsNRFqc2Tyysy6y9n5HlU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwMTI4MDkxOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmFhOTI3Y2MzNzg2ZDJkMjdhYzkzNzNlOTcyNTFiNDBjNTVjODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSDOzrr92v+Mkn7ScmW8/LC/fKuZ
3T/Bpn98W9Xwzz2imDsaNFrSyw27tkVzTlm72GWNn8WkFrxsiLiVkz502wfY3Let
T5+p50PS3r41RT2MWDsHRlkyC5yRltr8gYviF21PjFzmtrHQxmzW8/YqzHago9Ll
qbVgS5DdXhDnH/yHPvQzSSe+t2MkElgIGUPsgetWIMCnmQNFldlHZGs+qoNOikvc
bMobyquB9N7xu/C1cnmPgqRG55oKi9oxRVSaE5Zgw/KmcCwbrlW4FgNNXtCmmI25
N3HcGh8rq0Rxe/Uu3xiFEQNWfMyIv8hoAt43VJjReyFlYw4uRY7LKJe1MQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFD+qknzDeG0tJ6yTc+lyUbQMVcicMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvUDZxU2ZNTjRiUzBuckpOejZYSlJ0QXhWeUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjBaBAIAATBUAwQBUEgU
AwQBUEgYAwQDVcZ4AwQBXHZIMAwDBAVfrmADBABfrngwDAMEAF+uewMEB1+uAAME
ALLUiwMEALkJuAMEAbkJujAMAwQEuebwAwQAuebyMGQEAgACMF4wEAMFBioAh0AD
BwAqAIdAAAIDBwEqAIdAABAwEgMHACoAh0AAFQMHACoAh0AANgMHACoAh0ABADAS
AwcEKgCHQAEQAwcAKgCHQAESAwcAKgCHQAIBAwcAKgCHQP8AMA0GCSqGSIb3DQEB
CwUAA4IBAQCHtiZ/JOUG5kbERbfSvPdxOxTPfbT+r46c/fZ+tzoj6tNiprxb2rzi
Gg1W1MlDS09r0gwwpiUSZlnrKWqE6N6MyZlKtQTK6diN27ezzSKMv33me7M3G76f
LaPPW7bXFDbyf05L0ua9N2iaDR7RqxMh7vuf4UJjq2wDNTV/hquEeIq9owFdt5Gu
5qyqvjuItVXcORHqQX+rzjY9ZLAH9DchZaWTWfk3Ayzp1TW5CDrkkJOshUF0lCLB
d4BVIloKADcChtoQ3UUTxuRLFGyEWPi6mHFAYTJ5ZyMSV4fu/BYv/EfdgTqrOobX
+eMvXR7Vbya4/kjGKRVJViRc4lGDwAOv
-----END CERTIFICATE-----
Generated at Tue Apr 8 13:04:02 2025 by rpki-client