Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TPviQ_5IccHkGOfnVmvpDuVprx4.roa
File: TPviQ_5IccHkGOfnVmvpDuVprx4.roa (raw, json)
Hash identifier: RRTPJsHk/sTpcO46IHsy2WrUPYfXyVW4cwovinoPCK4=
Subject key identifier: 4C:FB:E2:43:FE:48:71:C1:E4:18:E7:E7:56:6B:E9:0E:E5:69:AF:1E
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A1ADC899BE2DDF71745AFC24C565
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TPviQ_5IccHkGOfnVmvpDuVprx4.roa
Signing time: Wed 01 Jan 2025 07:47:38 +0000
ROA not before: Wed 01 Jan 2025 07:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12479
IP address blocks: 90.68.0.0/16 maxlen: 24
90.69.0.0/16 maxlen: 24
90.69.0.0/19 maxlen: 19
90.69.32.0/19 maxlen: 19
90.69.64.0/20 maxlen: 20
90.69.80.0/21 maxlen: 21
90.69.112.0/21 maxlen: 21
90.69.124.0/22 maxlen: 22
90.69.128.0/19 maxlen: 19
90.69.160.0/21 maxlen: 21
90.69.176.0/21 maxlen: 21
90.69.184.0/22 maxlen: 22
90.69.188.0/22 maxlen: 22
90.69.192.0/20 maxlen: 20
90.69.208.0/20 maxlen: 20
90.69.224.0/19 maxlen: 19
90.71.0.0/16 maxlen: 24
90.74.0.0/16 maxlen: 24
90.75.0.0/16 maxlen: 24
90.77.0.0/16 maxlen: 24
90.94.0.0/16 maxlen: 24
90.106.0.0/16 maxlen: 24
92.172.0.0/16 maxlen: 24
92.176.0.0/16 maxlen: 24
92.177.0.0/16 maxlen: 24
92.178.0.0/16 maxlen: 24
92.185.0.0/16 maxlen: 24
92.186.0.0/16 maxlen: 24
92.187.0.0/16 maxlen: 24
92.189.0.0/16 maxlen: 24
92.190.0.0/16 maxlen: 24
92.191.0.0/16 maxlen: 24
2a01:c500::/28 maxlen: 46
2a01:c500::/31 maxlen: 42
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a1:ad:c8:99:be:2d:df:71:74:5a:fc:24:c5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cfbe243fe4871c1e418e7e7566be90ee569af1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1c:c1:98:bf:05:8b:52:20:5a:a7:d8:2f:cd:
cd:11:ab:ba:03:82:21:73:56:d1:58:82:00:0f:ae:
9f:52:29:f2:49:de:99:7b:8c:80:b4:59:e8:2a:fb:
68:b1:62:dc:0f:db:9b:25:9d:71:3e:c0:ae:68:11:
6d:15:46:92:69:06:d5:95:e4:48:22:1e:6b:15:a2:
d3:ba:33:65:b3:d3:09:5d:c5:c1:d0:11:97:02:b2:
7c:94:f2:d8:2b:c0:1c:f5:4c:68:b8:18:52:ed:05:
6e:16:0c:2e:83:74:96:8a:07:1d:33:d2:5b:b7:f1:
5d:a5:42:39:80:df:86:ec:60:87:36:ec:d7:a1:2f:
9a:eb:bb:81:90:01:ac:fd:52:96:04:18:f1:46:5b:
56:10:e2:39:62:71:7a:b1:af:2c:a3:e9:f5:e1:96:
6f:87:26:5b:d8:dd:28:99:83:26:5c:eb:35:a7:ba:
01:67:7e:8c:72:c6:80:78:ac:76:6d:cb:78:c4:a7:
23:c4:b8:ba:20:8e:bd:7d:67:da:3f:a2:9c:0e:d0:
7a:9e:17:a6:69:41:88:ca:55:b0:c3:84:c8:1b:bb:
67:2a:53:8a:8a:85:fc:9f:25:3c:6b:01:69:9b:a6:
91:bc:fb:1a:25:61:0d:5e:5f:c7:da:71:de:14:b9:
13:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:FB:E2:43:FE:48:71:C1:E4:18:E7:E7:56:6B:E9:0E:E5:69:AF:1E
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/TPviQ_5IccHkGOfnVmvpDuVprx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.68.0.0/15
90.71.0.0/16
90.74.0.0/15
90.77.0.0/16
90.94.0.0/16
90.106.0.0/16
92.172.0.0/16
92.176.0.0-92.178.255.255
92.185.0.0-92.187.255.255
92.189.0.0-92.191.255.255
IPv6:
2a01:c500::/28
Signature Algorithm: sha256WithRSAEncryption
48:0e:da:13:10:aa:c0:94:f9:14:9a:b3:3a:85:09:38:a9:04:
6a:80:57:22:7c:77:2f:54:a4:93:98:97:46:37:89:7a:0d:20:
36:19:56:04:8b:2a:25:10:86:7f:99:76:f9:5f:eb:d2:88:ae:
ab:87:4a:14:f0:7b:84:41:13:4f:1e:5e:9d:a2:9c:8a:6c:cd:
25:61:a9:d8:08:8d:17:64:46:ef:bb:bf:d7:5c:7a:2d:36:d8:
f4:ad:dc:64:86:98:72:47:ae:98:9a:35:c2:f1:06:ff:f4:35:
c8:08:05:34:db:04:2e:a7:27:de:41:b8:9c:42:94:90:be:c7:
39:fc:b5:28:4e:c3:7b:a6:a4:46:a0:a1:6d:f8:3c:64:a5:b5:
7a:84:a4:8c:6a:23:98:82:94:0e:6a:1f:d6:fb:71:5b:84:f2:
fd:c0:d5:ac:4a:1f:0b:38:b5:3b:02:0d:7b:ab:2c:2b:33:d4:
02:82:34:52:e4:ce:c6:02:25:06:6f:58:28:b3:33:e5:aa:b6:
85:dc:ea:bd:6b:73:5a:8b:e8:35:25:70:8a:b2:94:5c:d3:11:
c9:0a:7a:45:26:04:ee:cf:5a:2f:c0:e4:06:1d:3c:55:73:f2:
9c:20:94:f6:7a:07:73:c8:90:87:9d:4b:c6:96:bf:70:ac:2c:
6c:3c:02:a4
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQg1aGtyJm+Ld9xdFr8JMVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ZiZTI0M2ZlNDg3MWMxZTQxOGU3ZTc1NjZiZTkwZWU1NjlhZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBzBmL8Fi1IgWqfYL83NEau6A4Ih
c1bRWIIAD66fUinySd6Ze4yAtFnoKvtosWLcD9ubJZ1xPsCuaBFtFUaSaQbVleRI
Ih5rFaLTujNls9MJXcXB0BGXArJ8lPLYK8Ac9UxouBhS7QVuFgwug3SWigcdM9Jb
t/FdpUI5gN+G7GCHNuzXoS+a67uBkAGs/VKWBBjxRltWEOI5YnF6sa8so+n14ZZv
hyZb2N0omYMmXOs1p7oBZ36McsaAeKx2bct4xKcjxLi6II69fWfaP6KcDtB6nhem
aUGIylWww4TIG7tnKlOKioX8nyU8awFpm6aRvPsaJWENXl/H2nHeFLkTRQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFEz74kP+SHHB5Bjn51Zr6Q7laa8eMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvVFB2aVFfNUljY0hrR09mblZtdnBEdVZwcng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBNBAIAATBHAwMBWkQDAwBa
RwMDAVpKAwMAWk0DAwBaXgMDAFpqAwMAXKwwCgMDBFywAwMAXLIwCgMDAFy5AwMC
XLgwCgMDAFy9AwMGXIAwDQQCAAIwBwMFBCoBxQAwDQYJKoZIhvcNAQELBQADggEB
AEgO2hMQqsCU+RSaszqFCTipBGqAVyJ8dy9UpJOYl0Y3iXoNIDYZVgSLKiUQhn+Z
dvlf69KIrquHShTwe4RBE08eXp2inIpszSVhqdgIjRdkRu+7v9dcei022PSt3GSG
mHJHrpiaNcLxBv/0NcgIBTTbBC6nJ95BuJxClJC+xzn8tShOw3umpEagoW34PGSl
tXqEpIxqI5iClA5qH9b7cVuE8v3A1axKHws4tTsCDXurLCsz1AKCNFLkzsYCJQZv
WCizM+WqtoXc6r1rc1qL6DUlcIqylFzTEckKekUmBO7PWi/A5AYdPFVz8pwglPZ6
B3PIkIedS8aWv3CsLGw8AqQ=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:25 2025 by rpki-client