Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/33Pn-LHZppsQZFpID0TiQorVTRY.roa
File: 33Pn-LHZppsQZFpID0TiQorVTRY.roa (raw, json)
Hash identifier: 1eBdgA/BzLXQqTr2yYTbWEIqHLw1LvmO1uSvrvDr0OE=
Subject key identifier: DF:73:E7:F8:B1:D9:A6:9B:10:64:5A:48:0F:44:E2:42:8A:D5:4D:16
Certificate issuer: /CN=0a7a1277ef1d56415498c712a943f53006b6cd17
Certificate serial: 0A0A3992
Authority key identifier: 0A:7A:12:77:EF:1D:56:41:54:98:C7:12:A9:43:F5:30:06:B6:CD:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnoSd-8dVkFUmMcSqUP1MAa2zRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/33Pn-LHZppsQZFpID0TiQorVTRY.roa
Signing time: Sat 01 Jan 2022 08:02:35 +0000
ROA not before: Sat 01 Jan 2022 08:02:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43267
IP address blocks: 82.112.184.0/23 maxlen: 23
82.112.186.0/23 maxlen: 24
82.112.187.0/24 maxlen: 24
82.112.188.0/24 maxlen: 24
82.112.188.0/23 maxlen: 24
82.112.188.0/22 maxlen: 24
91.196.74.0/24 maxlen: 24
91.196.72.0/24 maxlen: 24
91.196.73.0/24 maxlen: 24
82.112.191.254/32 maxlen: 32
2a06:aa80::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168442258 (0xa0a3992)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7a1277ef1d56415498c712a943f53006b6cd17
Validity
Not Before: Jan 1 08:02:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df73e7f8b1d9a69b10645a480f44e2428ad54d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:23:d3:b9:b3:b7:d1:9b:25:a3:ab:01:96:43:
ff:e6:6b:75:01:f5:45:9e:79:b0:4c:c1:ae:09:dd:
70:a3:e7:ef:b5:c6:db:3c:3b:96:53:68:80:b6:10:
e6:31:6e:87:1e:01:2f:88:29:0d:09:59:a8:a1:5c:
59:cf:8f:9b:fb:c1:41:07:a3:48:e7:88:ac:27:a0:
2f:4a:1e:0f:2a:32:a7:2f:4a:4b:a1:f6:bd:54:7b:
e9:79:ef:16:8a:cb:96:d4:47:96:91:17:07:17:9b:
7b:7c:f0:96:fc:55:54:18:86:8c:16:df:25:18:ee:
2a:bb:23:f5:d1:a6:44:2f:f8:6d:d9:a1:ad:58:65:
0f:0f:10:f0:03:0e:43:85:a5:68:3d:b0:dc:4a:ec:
b5:71:5c:61:99:bb:86:4f:41:9f:a8:3c:50:e1:f5:
c4:c8:f4:0d:06:f1:d0:55:53:4e:25:b6:bf:d8:df:
77:d2:cb:31:f9:b8:30:f2:6a:48:89:93:0f:f4:15:
24:d9:b7:e3:49:7b:41:9c:6c:32:3b:75:11:16:67:
43:a4:9d:d4:37:99:ea:93:96:e7:85:74:88:0a:14:
dc:15:5b:1c:ee:a3:12:60:72:6c:e4:ba:da:2f:14:
36:9b:b4:1d:f0:ff:88:b6:10:30:29:13:26:c6:f3:
c4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:73:E7:F8:B1:D9:A6:9B:10:64:5A:48:0F:44:E2:42:8A:D5:4D:16
X509v3 Authority Key Identifier:
keyid:0A:7A:12:77:EF:1D:56:41:54:98:C7:12:A9:43:F5:30:06:B6:CD:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnoSd-8dVkFUmMcSqUP1MAa2zRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/33Pn-LHZppsQZFpID0TiQorVTRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/658206-b52b-45f0-ba5d-53e5a99b6708/1/CnoSd-8dVkFUmMcSqUP1MAa2zRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.112.184.0/21
91.196.72.0-91.196.74.255
IPv6:
2a06:aa80::/32
Signature Algorithm: sha256WithRSAEncryption
9f:7c:96:2a:c1:5a:84:12:66:ba:f2:c9:91:36:02:aa:c1:75:
39:c3:f6:cc:99:a2:8e:8a:09:df:45:04:b5:8e:2b:4f:29:fc:
8a:83:46:63:15:e2:ed:21:db:31:dd:ed:5a:73:93:cb:b0:7e:
96:b3:41:9c:78:72:41:16:d9:8b:46:58:86:ba:b0:78:34:68:
b8:52:fb:93:2d:cc:27:de:d4:77:fe:c6:e9:e7:7d:52:0b:70:
4b:65:6e:8f:84:93:0f:c2:f4:50:48:42:0e:3f:98:68:b9:e3:
93:76:9e:1c:9b:5b:91:a2:ec:a8:7f:fe:43:61:24:a0:87:d6:
51:53:e1:20:5e:c9:28:d9:10:16:77:70:20:fa:86:c3:09:ba:
bb:85:b4:bb:fb:af:69:0a:98:eb:ca:95:7a:35:cd:a5:34:5e:
4c:8b:9c:59:47:89:3f:a6:5d:37:a0:32:b1:99:0a:fc:94:b0:
de:26:fe:5a:a5:75:e8:2a:31:27:e9:74:0b:c0:e2:4e:d2:95:
60:d5:f4:d5:47:4f:c6:f6:62:b9:1f:74:d5:5a:37:40:07:d3:
a8:b1:5a:3f:26:3b:f2:54:80:fb:ce:e2:52:ad:18:65:d7:1a:
79:4f:a7:68:bd:1d:37:23:ab:ad:a9:0c:31:48:59:85:9b:b2:
e8:c8:bd:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECgo5kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTdhMTI3N2VmMWQ1NjQxNTQ5OGM3MTJhOTQzZjUzMDA2YjZjZDE3MB4XDTIyMDEw
MTA4MDIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGY3M2U3ZjhiMWQ5
YTY5YjEwNjQ1YTQ4MGY0NGUyNDI4YWQ1NGQxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQj07mzt9GbJaOrAZZD/+ZrdQH1RZ55sEzBrgndcKPn77XG
2zw7llNogLYQ5jFuhx4BL4gpDQlZqKFcWc+Pm/vBQQejSOeIrCegL0oeDyoypy9K
S6H2vVR76XnvForLltRHlpEXBxebe3zwlvxVVBiGjBbfJRjuKrsj9dGmRC/4bdmh
rVhlDw8Q8AMOQ4WlaD2w3ErstXFcYZm7hk9Bn6g8UOH1xMj0DQbx0FVTTiW2v9jf
d9LLMfm4MPJqSImTD/QVJNm340l7QZxsMjt1ERZnQ6Sd1DeZ6pOW54V0iAoU3BVb
HO6jEmBybOS62i8UNpu0HfD/iLYQMCkTJsbzxK8CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTfc+f4sdmmmxBkWkgPROJCitVNFjAfBgNVHSMEGDAWgBQKehJ37x1WQVSY
xxKpQ/UwBrbNFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Nub1NkLThkVmtGVW1NY1NxVVAxTUFhMnpSYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvNjU4MjA2LWI1MmItNDVmMC1iYTVkLTUzZTVhOTliNjcwOC8x
LzMzUG4tTEhacHBzUVpGcElEMFRpUW9yVlRSWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
NjU4MjA2LWI1MmItNDVmMC1iYTVkLTUzZTVhOTliNjcwOC8xL0Nub1NkLThkVmtG
VW1NY1NxVVAxTUFhMnpSYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEA1JwuDAMAwQDW8RIAwQAW8RKMA0E
AgACMAcDBQAqBqqAMA0GCSqGSIb3DQEBCwUAA4IBAQCffJYqwVqEEma68smRNgKq
wXU5w/bMmaKOignfRQS1jitPKfyKg0ZjFeLtIdsx3e1ac5PLsH6Ws0GceHJBFtmL
RliGurB4NGi4UvuTLcwn3tR3/sbp531SC3BLZW6PhJMPwvRQSEIOP5houeOTdp4c
m1uRouyof/5DYSSgh9ZRU+EgXsko2RAWd3Ag+obDCbq7hbS7+69pCpjrypV6Nc2l
NF5Mi5xZR4k/pl03oDKxmQr8lLDeJv5apXXoKjEn6XQLwOJO0pVg1fTVR0/G9mK5
H3TVWjdAB9OosVo/JjvyVID7zuJSrRhl1xp5T6dovR03I6utqQwxSFmFm7LoyL2l
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:54:56 2025 by rpki-client