Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z90bDiZZrVwWawd-VoQYtfeiaoo.roa
File: Z90bDiZZrVwWawd-VoQYtfeiaoo.roa (raw, json)
Hash identifier: nwwAR+pz0vqW+c8SvCdxny0HdTdR2y1ISA2AWk2I7B8=
Subject key identifier: 67:DD:1B:0E:26:59:AD:5C:16:6B:07:7E:56:84:18:B5:F7:A2:6A:8A
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5B9C0F48995EE1C08481831BF2B3B
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z90bDiZZrVwWawd-VoQYtfeiaoo.roa
Signing time: Wed 01 Jan 2025 07:47:45 +0000
ROA not before: Wed 01 Jan 2025 07:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 328126
IP address blocks: 80.15.228.0/24 maxlen: 32
80.15.229.0/24 maxlen: 32
80.15.230.0/24 maxlen: 32
80.15.231.0/24 maxlen: 32
80.15.232.0/24 maxlen: 32
80.15.233.0/24 maxlen: 32
80.15.234.0/24 maxlen: 32
80.15.235.0/24 maxlen: 32
80.15.242.0/24 maxlen: 32
80.15.243.0/24 maxlen: 32
80.15.244.0/24 maxlen: 32
80.15.245.0/24 maxlen: 32
80.15.246.0/24 maxlen: 32
80.15.247.0/24 maxlen: 32
80.15.248.0/24 maxlen: 32
80.15.249.0/24 maxlen: 32
80.15.250.0/24 maxlen: 32
80.15.251.0/24 maxlen: 32
80.15.252.0/24 maxlen: 32
80.15.253.0/24 maxlen: 32
80.15.254.0/24 maxlen: 32
80.15.255.0/24 maxlen: 32
90.84.143.0/24 maxlen: 32
90.84.148.0/24 maxlen: 32
90.84.153.0/24 maxlen: 32
193.249.225.0/24 maxlen: 32
2a01:c9c0:c000::/48 maxlen: 128
2a01:c9c0:c002::/48 maxlen: 128
2a01:c9c0:c004::/48 maxlen: 128
2a01:c9c0:c006::/48 maxlen: 128
2a01:c9c0:c008::/48 maxlen: 128
2a01:c9c0:c00a::/48 maxlen: 128
2a01:c9c0:c00c::/48 maxlen: 128
2a01:c9c0:c00f::/48 maxlen: 128
2a01:c9c0:c010::/48 maxlen: 128
2a01:c9c0:c012::/48 maxlen: 128
2a01:c9c0:c014::/48 maxlen: 128
2a01:c9c0:c016::/48 maxlen: 128
2a01:c9c0:c018::/48 maxlen: 128
2a01:c9c0:c01a::/48 maxlen: 128
2a01:c9c0:c01c::/48 maxlen: 128
2a01:c9c0:c01e::/48 maxlen: 128
2a01:c9c0:c020::/48 maxlen: 128
2a01:c9c0:c022::/48 maxlen: 128
2a01:c9c0:c024::/48 maxlen: 128
2a01:c9c0:c026::/48 maxlen: 128
2a01:c9c0:c040::/48 maxlen: 128
2a01:c9c0:c060::/48 maxlen: 128
2a01:c9c0:c062::/48 maxlen: 128
2a01:c9c0:c080::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:b9:c0:f4:89:95:ee:1c:08:48:18:31:bf:2b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67dd1b0e2659ad5c166b077e568418b5f7a26a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:26:a0:35:66:f9:13:54:8b:9c:c7:dc:f4:43:
ec:45:18:89:3e:91:cf:f8:69:07:b5:89:a3:00:11:
c0:12:eb:21:58:61:ea:48:36:b0:b9:80:40:19:3f:
a2:75:d4:2e:5f:41:ee:eb:aa:d5:3b:1f:54:47:92:
9a:85:43:45:8c:3d:2e:1f:b0:0d:6d:81:bd:6e:7d:
14:94:7a:ed:31:d8:62:30:58:6f:e9:7e:11:cf:f6:
3a:c2:e2:83:23:a6:3e:08:5c:05:2b:3c:68:d7:cb:
c8:c7:e9:9f:81:63:33:35:89:ab:0c:5f:f5:c8:5e:
65:c9:65:c0:c8:7e:73:e2:0f:b8:02:38:d6:41:dd:
fb:06:de:4c:d0:2f:58:c3:ee:d6:34:8f:d2:f7:4e:
95:d3:09:cb:47:7d:fa:46:e4:ce:9a:44:e9:f0:9c:
6f:8c:7a:8b:6d:8e:9a:09:f6:2e:dc:c9:98:73:e4:
25:16:2d:cb:64:f7:b8:b9:d9:41:0a:60:a6:fd:65:
c6:64:d7:c4:c5:f4:b5:94:7a:a1:a0:66:d7:1d:e6:
f9:80:72:b7:02:ca:31:20:29:fb:88:4c:c4:36:ba:
8f:a3:2e:88:fc:90:ac:5d:92:98:83:3f:29:d5:65:
44:b7:e6:0f:db:48:ff:5e:88:dd:b9:f3:0d:77:3e:
35:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DD:1B:0E:26:59:AD:5C:16:6B:07:7E:56:84:18:B5:F7:A2:6A:8A
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z90bDiZZrVwWawd-VoQYtfeiaoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.15.228.0-80.15.235.255
80.15.242.0-80.15.255.255
90.84.143.0/24
90.84.148.0/24
90.84.153.0/24
193.249.225.0/24
IPv6:
2a01:c9c0:c000::/48
2a01:c9c0:c002::/48
2a01:c9c0:c004::/48
2a01:c9c0:c006::/48
2a01:c9c0:c008::/48
2a01:c9c0:c00a::/48
2a01:c9c0:c00c::/48
2a01:c9c0:c00f::-2a01:c9c0:c010:ffff:ffff:ffff:ffff:ffff
2a01:c9c0:c012::/48
2a01:c9c0:c014::/48
2a01:c9c0:c016::/48
2a01:c9c0:c018::/48
2a01:c9c0:c01a::/48
2a01:c9c0:c01c::/48
2a01:c9c0:c01e::/48
2a01:c9c0:c020::/48
2a01:c9c0:c022::/48
2a01:c9c0:c024::/48
2a01:c9c0:c026::/48
2a01:c9c0:c040::/48
2a01:c9c0:c060::/48
2a01:c9c0:c062::/48
2a01:c9c0:c080::/48
Signature Algorithm: sha256WithRSAEncryption
82:bc:2a:f4:3c:78:6d:6b:04:ee:94:54:99:53:96:5a:58:02:
8f:05:ed:b4:9f:78:eb:64:ed:08:8d:29:fc:21:1e:b6:f1:22:
8e:57:4a:0b:31:4d:c8:a7:98:58:a9:b4:66:65:0b:f1:4e:d2:
97:dc:3e:9b:74:d5:30:e4:24:4e:88:b9:19:7c:3b:1b:1f:56:
60:ba:d0:54:7b:24:02:05:77:a7:6e:cc:5a:01:d8:d2:61:45:
7f:f8:14:da:ae:e0:41:f1:28:3d:c0:28:a5:a4:72:a9:cd:e0:
5d:c4:ce:0f:af:45:f3:5b:92:21:f1:c1:6f:a0:43:57:b6:0c:
10:8e:cf:52:75:70:1b:a1:ba:24:1c:80:68:bf:b2:3e:bc:97:
71:39:86:72:30:0e:52:54:87:2b:97:b5:68:15:81:87:8c:86:
17:7a:8c:d1:41:a9:99:45:9e:c3:06:98:76:76:a8:99:4d:22:
49:c0:e5:1f:27:37:af:58:e6:21:19:60:77:71:b9:2d:9c:04:
80:65:2e:9a:04:ae:12:11:df:65:a6:1b:0f:ff:0c:cc:ec:ba:
eb:b1:dd:cb:ea:d8:43:7e:ff:0a:b2:db:0a:0a:84:a6:88:03:
50:52:05:b2:39:83:5b:3c:25:cf:bc:9e:76:87:c6:92:14:32:
5a:af:d2:97
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAZQg1bnA9ImV7hwISBgxvys7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RkMWIwZTI2NTlhZDVjMTY2YjA3N2U1Njg0MThiNWY3YTI2YThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnyagNWb5E1SLnMfc9EPsRRiJPpHP
+GkHtYmjABHAEushWGHqSDawuYBAGT+iddQuX0Hu66rVOx9UR5KahUNFjD0uH7AN
bYG9bn0UlHrtMdhiMFhv6X4Rz/Y6wuKDI6Y+CFwFKzxo18vIx+mfgWMzNYmrDF/1
yF5lyWXAyH5z4g+4AjjWQd37Bt5M0C9Yw+7WNI/S906V0wnLR336RuTOmkTp8Jxv
jHqLbY6aCfYu3MmYc+QlFi3LZPe4udlBCmCm/WXGZNfExfS1lHqhoGbXHeb5gHK3
AsoxICn7iEzENrqPoy6I/JCsXZKYgz8p1WVEt+YP20j/XojdufMNdz41JwIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFGfdGw4mWa1cFmsHflaEGLX3omqKMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvWjkwYkRpWlpyVndXYXdkLVZvUVl0ZmVpYW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzA5BAIAATAzMAwD
BAJQD+QDBAJQD+gwCwMEAVAP8gMDBFAAAwQAWlSPAwQAWlSUAwQAWlSZAwQAwfnh
MIHhBAIAAjCB2gMHACoBycDAAAMHACoBycDAAgMHACoBycDABAMHACoBycDABgMH
ACoBycDACAMHACoBycDACgMHACoBycDADDASAwcAKgHJwMAPAwcAKgHJwMAQAwcA
KgHJwMASAwcAKgHJwMAUAwcAKgHJwMAWAwcAKgHJwMAYAwcAKgHJwMAaAwcAKgHJ
wMAcAwcAKgHJwMAeAwcAKgHJwMAgAwcAKgHJwMAiAwcAKgHJwMAkAwcAKgHJwMAm
AwcAKgHJwMBAAwcAKgHJwMBgAwcAKgHJwMBiAwcAKgHJwMCAMA0GCSqGSIb3DQEB
CwUAA4IBAQCCvCr0PHhtawTulFSZU5ZaWAKPBe20n3jrZO0IjSn8IR628SKOV0oL
MU3Ip5hYqbRmZQvxTtKX3D6bdNUw5CROiLkZfDsbH1ZgutBUeyQCBXenbsxaAdjS
YUV/+BTaruBB8Sg9wCilpHKpzeBdxM4Pr0XzW5Ih8cFvoENXtgwQjs9SdXAbobok
HIBov7I+vJdxOYZyMA5SVIcrl7VoFYGHjIYXeozRQamZRZ7DBph2dqiZTSJJwOUf
JzevWOYhGWB3cbktnASAZS6aBK4SEd9lphsP/wzM7Lrrsd3L6thDfv8KstsKCoSm
iANQUgWyOYNbPCXPvJ52h8aSFDJar9KX
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:36:26 2025 by rpki-client