Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/aNSLdSxe6oMrNeJxmnIRoxAm8_o.roa
File: aNSLdSxe6oMrNeJxmnIRoxAm8_o.roa (raw, json)
Hash identifier: DKMztnTnUUl1PtYozJ71QGt0wSahG2G++Fy5Z5NUTzI=
Subject key identifier: 68:D4:8B:75:2C:5E:EA:83:2B:35:E2:71:9A:72:11:A3:10:26:F3:FA
Certificate issuer: /CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Certificate serial: 018CCA2A3031A28E9017125AEE1CD3F5715A
Authority key identifier: 80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/aNSLdSxe6oMrNeJxmnIRoxAm8_o.roa
Signing time: Tue 02 Jan 2024 12:33:31 +0000
ROA not before: Tue 02 Jan 2024 12:33:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3212
IP address blocks: 213.172.224.0/19 maxlen: 19
185.66.148.0/22 maxlen: 22
77.38.0.0/17 maxlen: 17
77.73.104.0/22 maxlen: 22
46.182.224.0/21 maxlen: 21
217.72.64.0/19 maxlen: 19
77.111.0.0/18 maxlen: 18
78.153.32.0/19 maxlen: 19
87.119.128.0/19 maxlen: 19
185.97.68.0/22 maxlen: 22
92.53.128.0/19 maxlen: 19
185.85.148.0/22 maxlen: 22
212.85.160.0/19 maxlen: 19
91.132.208.0/22 maxlen: 22
185.30.136.0/22 maxlen: 22
185.65.228.0/22 maxlen: 22
176.76.0.0/16 maxlen: 16
46.150.32.0/19 maxlen: 19
84.52.128.0/18 maxlen: 18
31.15.128.0/17 maxlen: 17
95.143.144.0/20 maxlen: 20
91.237.132.0/22 maxlen: 22
213.143.64.0/19 maxlen: 19
176.57.92.0/22 maxlen: 22
82.192.32.0/19 maxlen: 19
84.20.224.0/19 maxlen: 19
193.111.220.0/22 maxlen: 22
185.79.228.0/22 maxlen: 22
92.63.16.0/20 maxlen: 20
94.140.64.0/19 maxlen: 19
2a00:b2a0::/32 maxlen: 32
2a00:fc0::/32 maxlen: 32
2a00:13d8::/29 maxlen: 29
2a00:1da8::/32 maxlen: 32
2a00:1c80::/29 maxlen: 29
2a05:acc0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:30:31:a2:8e:90:17:12:5a:ee:1c:d3:f5:71:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80f9a24bd26cc8217518a11f598e6372025e8ae9
Validity
Not Before: Jan 2 12:33:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68d48b752c5eea832b35e2719a7211a31026f3fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:65:04:39:29:2a:fa:10:47:d6:ce:db:e7:
3a:40:cd:6b:fc:99:91:2b:87:4f:3e:e8:69:b7:1c:
91:d7:73:fd:51:db:93:9f:b6:cf:96:ed:8c:67:72:
b8:05:9e:ea:37:af:ea:3e:1c:80:14:6d:30:3b:7a:
24:20:53:13:ba:13:14:8a:f3:f4:ab:f1:7b:b4:2d:
69:84:13:b0:02:aa:b7:30:c7:de:fb:e2:00:e0:74:
0e:24:4d:cc:a2:b4:42:ba:23:e4:de:5c:74:c1:f9:
a3:cc:be:33:d7:38:e3:8f:4c:bc:c1:36:ed:4f:67:
52:58:5b:e7:80:6e:9b:eb:2e:63:45:1e:d2:5b:a1:
0d:e5:84:f5:cc:ae:fb:c8:03:40:a8:5e:4f:73:d0:
5b:43:0d:ea:07:c1:2a:b9:cb:26:06:0b:bc:33:22:
35:27:a4:eb:e8:0c:b5:4a:05:5c:61:5b:19:00:f6:
75:c3:0b:e3:ad:85:2f:7d:12:5f:d7:b5:c5:41:b8:
fe:25:22:f2:05:f3:ae:b7:ee:3e:eb:1e:d4:72:16:
4a:46:86:ef:e3:03:5f:ec:28:56:50:42:f5:ec:5a:
a2:8e:03:5b:f8:9e:7d:15:03:1f:a5:46:d1:0e:06:
c7:bd:18:ce:84:e6:71:96:a9:a2:85:5f:1d:70:51:
9d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D4:8B:75:2C:5E:EA:83:2B:35:E2:71:9A:72:11:A3:10:26:F3:FA
X509v3 Authority Key Identifier:
keyid:80:F9:A2:4B:D2:6C:C8:21:75:18:A1:1F:59:8E:63:72:02:5E:8A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gPmiS9JsyCF1GKEfWY5jcgJeiuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/aNSLdSxe6oMrNeJxmnIRoxAm8_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/fb212a-7a76-42e2-8989-965529f20d11/1/gPmiS9JsyCF1GKEfWY5jcgJeiuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.128.0/17
46.150.32.0/19
46.182.224.0/21
77.38.0.0/17
77.73.104.0/22
77.111.0.0/18
78.153.32.0/19
82.192.32.0/19
84.20.224.0/19
84.52.128.0/18
87.119.128.0/19
91.132.208.0/22
91.237.132.0/22
92.53.128.0/19
92.63.16.0/20
94.140.64.0/19
95.143.144.0/20
176.57.92.0/22
176.76.0.0/16
185.30.136.0/22
185.65.228.0/22
185.66.148.0/22
185.79.228.0/22
185.85.148.0/22
185.97.68.0/22
193.111.220.0/22
212.85.160.0/19
213.143.64.0/19
213.172.224.0/19
217.72.64.0/19
IPv6:
2a00:fc0::/32
2a00:13d8::/29
2a00:1c80::/29
2a00:1da8::/32
2a00:b2a0::/32
2a05:acc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:04:73:04:c3:ad:fa:11:db:f1:8f:1a:2c:ef:0e:80:b0:82:
6d:4e:9a:72:df:e8:16:f0:ef:89:b0:a4:5e:0b:0f:00:85:e4:
e1:9e:5c:1a:8e:1a:a6:7c:76:61:f0:61:b0:64:9f:13:40:40:
f7:32:09:2e:1b:02:06:6d:35:91:07:85:eb:00:d4:bb:dc:fe:
49:dc:43:48:8b:4a:8a:bc:6c:0d:c1:7a:e6:ce:9f:9e:78:55:
09:de:d5:8e:2f:28:97:e3:c9:33:b5:f3:99:b7:79:2b:ec:05:
50:eb:3d:80:b7:b9:a1:64:9e:c2:a1:33:37:cf:85:e6:74:ce:
62:dd:a9:af:2e:8f:f6:2d:dc:f4:59:7a:04:3e:47:78:51:36:
92:bd:a0:33:2a:ed:f3:e3:33:5b:4d:e0:86:a4:4c:1c:94:ba:
9d:5d:a4:e1:8f:af:76:ce:f8:2f:ce:af:75:09:74:8a:4e:0b:
ba:c0:6e:de:f7:41:32:8b:a6:d0:c3:a9:fb:93:90:78:eb:d7:
8e:09:b5:67:c2:ad:b2:83:aa:59:37:c7:9f:24:f0:48:06:cd:
c9:91:68:e1:98:6a:1d:4e:a4:a1:44:99:5b:8d:ee:18:b1:a8:
0d:d0:df:f0:84:06:51:5c:99:b5:46:f0:ae:e0:17:4f:a4:48:
44:b3:00:9f
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAYzKKjAxoo6QFxJa7hzT9XFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwZjlhMjRiZDI2Y2M4MjE3NTE4YTExZjU5OGU2MzcyMDI1
ZThhZTkwHhcNMjQwMTAyMTIzMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQ0OGI3NTJjNWVlYTgzMmIzNWUyNzE5YTcyMTFhMzEwMjZmM2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6VlBDkpKvoQR9bO2+c6QM1r/JmR
K4dPPuhptxyR13P9UduTn7bPlu2MZ3K4BZ7qN6/qPhyAFG0wO3okIFMTuhMUivP0
q/F7tC1phBOwAqq3MMfe++IA4HQOJE3MorRCuiPk3lx0wfmjzL4z1zjjj0y8wTbt
T2dSWFvngG6b6y5jRR7SW6EN5YT1zK77yANAqF5Pc9BbQw3qB8EqucsmBgu8MyI1
J6Tr6Ay1SgVcYVsZAPZ1wwvjrYUvfRJf17XFQbj+JSLyBfOut+4+6x7UchZKRobv
4wNf7ChWUEL17FqijgNb+J59FQMfpUbRDgbHvRjOhOZxlqmihV8dcFGdJwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFGjUi3UsXuqDKzXicZpyEaMQJvP6MB8GA1UdIwQY
MBaAFID5okvSbMghdRihH1mOY3ICXorpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODkt
OTY1NTI5ZjIwZDExLzEvYU5TTGRTeGU2b01yTmVKeG1uSVJveEFtOF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9mYjIxMmEtN2E3Ni00MmUyLTg5ODktOTY1NTI5ZjIwZDEx
LzEvZ1BtaVM5SnN5Q0YxR0tFZldZNWpjZ0plaXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgboEAgABMIGzAwQH
Hw+AAwQFLpYgAwQDLrbgAwQHTSYAAwQCTUloAwQGTW8AAwQFTpkgAwQFUsAgAwQF
VBTgAwQGVDSAAwQFV3eAAwQCW4TQAwQCW+2EAwQFXDWAAwQEXD8QAwQFXoxAAwQE
X4+QAwQCsDlcAwMAsEwDBAK5HogDBAK5QeQDBAK5QpQDBAK5T+QDBAK5VZQDBAK5
YUQDBALBb9wDBAXUVaADBAXVj0ADBAXVrOADBAXZSEAwMAQCAAIwKgMFACoAD8AD
BQMqABPYAwUDKgAcgAMFACoAHagDBQAqALKgAwUDKgWswDANBgkqhkiG9w0BAQsF
AAOCAQEAOARzBMOt+hHb8Y8aLO8OgLCCbU6act/oFvDvibCkXgsPAIXk4Z5cGo4a
pnx2YfBhsGSfE0BA9zIJLhsCBm01kQeF6wDUu9z+SdxDSItKirxsDcF65s6fnnhV
Cd7Vji8ol+PJM7Xzmbd5K+wFUOs9gLe5oWSewqEzN8+F5nTOYt2pry6P9i3c9Fl6
BD5HeFE2kr2gMyrt8+MzW03ghqRMHJS6nV2k4Y+vds74L86vdQl0ik4LusBu3vdB
Moum0MOp+5OQeOvXjgm1Z8KtsoOqWTfHnyTwSAbNyZFo4ZhqHU6koUSZW43uGLGo
DdDf8IQGUVyZtUbwruAXT6RIRLMAnw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:23:48 2025 by rpki-client