Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/N0TrX27tnz3tYjbZK6LnUOrQR0Q.roa
File: N0TrX27tnz3tYjbZK6LnUOrQR0Q.roa (raw, json)
Hash identifier: 7xyqtEAUB5AIi2I+RUImV3wwJDDZ59DJFsQz2lIjK1Y=
Subject key identifier: 37:44:EB:5F:6E:ED:9F:3D:ED:62:36:D9:2B:A2:E7:50:EA:D0:47:44
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 018CC64AE9AF9587EA9907979801BDCB69B9
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/N0TrX27tnz3tYjbZK6LnUOrQR0Q.roa
Signing time: Mon 01 Jan 2024 18:30:47 +0000
ROA not before: Mon 01 Jan 2024 18:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21334
IP address blocks: 195.184.160.0/20 maxlen: 20
195.184.160.0/19 maxlen: 19
195.184.176.0/20 maxlen: 20
176.63.128.0/17 maxlen: 17
89.134.0.0/15 maxlen: 15
86.101.0.0/17 maxlen: 17
130.43.192.0/18 maxlen: 18
86.101.0.0/16 maxlen: 16
185.33.80.0/23 maxlen: 23
185.33.80.0/24 maxlen: 24
185.33.81.0/24 maxlen: 24
37.188.80.0/22 maxlen: 22
37.188.80.0/21 maxlen: 21
37.188.84.0/22 maxlen: 22
5.63.192.0/18 maxlen: 18
212.48.240.0/21 maxlen: 21
212.48.240.0/20 maxlen: 20
37.220.192.0/18 maxlen: 18
212.96.32.0/20 maxlen: 20
212.48.248.0/21 maxlen: 21
212.96.32.0/19 maxlen: 19
80.244.96.0/20 maxlen: 20
185.123.28.0/22 maxlen: 23
212.96.48.0/20 maxlen: 20
37.191.0.0/19 maxlen: 19
176.63.0.0/17 maxlen: 17
37.191.0.0/18 maxlen: 18
176.63.0.0/16 maxlen: 16
37.191.32.0/19 maxlen: 19
188.142.160.0/20 maxlen: 20
188.142.160.0/19 maxlen: 19
89.223.128.0/17 maxlen: 17
89.223.128.0/18 maxlen: 18
188.142.176.0/20 maxlen: 20
178.48.0.0/17 maxlen: 17
178.48.0.0/16 maxlen: 16
78.139.0.0/19 maxlen: 19
78.139.0.0/18 maxlen: 18
78.139.32.0/19 maxlen: 19
5.206.128.0/18 maxlen: 18
188.142.192.0/19 maxlen: 19
188.142.192.0/18 maxlen: 18
80.99.0.0/16 maxlen: 16
178.48.128.0/17 maxlen: 17
188.142.224.0/19 maxlen: 19
89.223.192.0/18 maxlen: 18
94.44.0.0/17 maxlen: 17
94.44.0.0/16 maxlen: 16
151.0.64.0/18 maxlen: 18
213.222.160.0/19 maxlen: 19
88.87.240.0/22 maxlen: 22
80.98.0.0/16 maxlen: 16
88.87.240.0/21 maxlen: 21
88.87.244.0/22 maxlen: 22
80.98.0.0/15 maxlen: 15
185.10.124.0/22 maxlen: 22
185.10.124.0/23 maxlen: 23
185.10.126.0/23 maxlen: 23
213.222.128.0/19 maxlen: 19
213.222.128.0/18 maxlen: 18
5.148.224.0/19 maxlen: 19
89.132.0.0/15 maxlen: 15
94.44.128.0/17 maxlen: 17
89.132.0.0/14 maxlen: 14
86.101.128.0/17 maxlen: 17
89.135.60.0/24 maxlen: 24
5.148.192.0/19 maxlen: 19
5.148.192.0/18 maxlen: 18
2a02:ab80::/29 maxlen: 29
2a02:ab80::/28 maxlen: 28
2a02:ab88::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e9:af:95:87:ea:99:07:97:98:01:bd:cb:69:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 1 18:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3744eb5f6eed9f3ded6236d92ba2e750ead04744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:70:50:b7:c9:c8:82:1b:7a:82:bc:49:0b:ee:
3c:f2:f6:bb:65:7c:ad:2a:3c:14:49:a5:7e:ab:9e:
92:a4:be:5e:04:49:cf:15:b9:3e:84:9c:6c:12:f4:
8a:d6:97:2e:1c:42:c4:97:ce:ea:46:ab:8b:58:90:
fd:a4:28:32:a0:42:61:88:01:0b:d6:53:d9:4d:c5:
ca:5d:36:68:5a:ee:f5:69:c3:87:ee:55:06:38:47:
cf:39:e1:50:bd:35:41:19:b2:29:2f:3b:46:db:f1:
48:a5:03:56:99:d4:e6:1e:ac:c9:13:29:f9:7e:58:
e9:7c:18:94:f0:e6:22:9d:2d:e5:a3:1c:e7:b6:93:
77:19:f9:64:dd:c4:52:18:e7:ce:88:15:44:22:ec:
02:3f:74:c8:a3:3e:80:f4:c7:04:73:5d:73:2c:18:
09:6c:f5:c2:3f:10:8f:c9:5b:51:77:45:4f:2e:88:
a0:31:5c:90:fe:fd:d3:9b:e9:e1:ab:6b:20:77:c6:
ae:7a:3c:8a:e2:d9:17:7c:52:4e:0d:be:e9:c7:da:
70:b4:4c:80:a8:9b:06:85:9e:87:b5:a6:75:5a:a4:
81:33:3b:6f:3d:f7:51:a0:2f:fb:39:ef:c6:85:3f:
51:f2:d1:57:4e:41:91:7b:12:66:3f:ce:89:82:3a:
1b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:44:EB:5F:6E:ED:9F:3D:ED:62:36:D9:2B:A2:E7:50:EA:D0:47:44
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/N0TrX27tnz3tYjbZK6LnUOrQR0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.148.192.0/18
5.206.128.0/18
37.188.80.0/21
37.191.0.0/18
37.220.192.0/18
78.139.0.0/18
80.98.0.0/15
80.244.96.0/20
86.101.0.0/16
88.87.240.0/21
89.132.0.0/14
89.223.128.0/17
94.44.0.0/16
130.43.192.0/18
151.0.64.0/18
176.63.0.0/16
178.48.0.0/16
185.10.124.0/22
185.33.80.0/23
185.123.28.0/22
188.142.160.0-188.142.255.255
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
IPv6:
2a02:ab80::/28
Signature Algorithm: sha256WithRSAEncryption
44:10:47:fa:fc:88:c8:d3:19:6d:6d:72:60:13:6b:24:b4:75:
3a:1f:d0:5b:30:5a:29:81:f3:13:34:8a:62:ed:d6:b4:4c:a7:
70:fe:88:61:0d:fd:38:28:f6:53:fa:4a:5f:71:50:50:f8:5b:
b8:06:62:f7:bc:50:7e:fe:a6:e4:c8:81:a5:e3:e1:db:3d:53:
f9:0d:07:67:de:75:ae:8a:fe:2c:38:a3:53:c9:a1:bc:f9:c0:
b1:d2:42:ec:cb:bb:7f:4c:2a:9d:b6:85:12:8a:6d:35:d8:e9:
6f:52:3a:90:ec:b5:64:46:1e:97:7e:a9:09:91:1a:b8:23:8b:
98:62:68:37:ac:f6:c5:de:13:72:a0:d4:89:fa:32:3c:c3:c8:
bf:a2:33:72:19:85:d6:44:35:0e:64:fd:d9:58:c7:a8:fb:b9:
a3:77:9a:36:f3:fe:26:f3:cb:9a:83:52:9e:64:e3:a3:cb:58:
20:32:a8:fe:fe:6d:d4:ec:ef:67:b0:32:7e:f2:86:62:77:50:
5c:26:41:04:b2:65:39:61:b8:d5:57:02:0f:9c:02:1a:39:ad:
49:01:66:fb:eb:21:bb:be:02:e7:a3:35:7e:fd:7e:48:9a:bd:
6b:d8:5a:70:8b:11:5d:32:9b:11:77:ff:ef:f6:44:b5:09:9b:
69:28:45:0e
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYzGSumvlYfqmQeXmAG9y2m5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjQwMTAxMTgzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzQ0ZWI1ZjZlZWQ5ZjNkZWQ2MjM2ZDkyYmEyZTc1MGVhZDA0NzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHBQt8nIght6grxJC+488va7ZXyt
KjwUSaV+q56SpL5eBEnPFbk+hJxsEvSK1pcuHELEl87qRquLWJD9pCgyoEJhiAEL
1lPZTcXKXTZoWu71acOH7lUGOEfPOeFQvTVBGbIpLztG2/FIpQNWmdTmHqzJEyn5
fljpfBiU8OYinS3loxzntpN3Gflk3cRSGOfOiBVEIuwCP3TIoz6A9McEc11zLBgJ
bPXCPxCPyVtRd0VPLoigMVyQ/v3Tm+nhq2sgd8auejyK4tkXfFJODb7px9pwtEyA
qJsGhZ6HtaZ1WqSBMztvPfdRoC/7Oe/GhT9R8tFXTkGRexJmP86Jgjob1QIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFDdE619u7Z897WI22Sui51Dq0EdEMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvTjBUclgyN3RuejN0WWpiWks2TG5VT3JRUjBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBpAQCAAEwgZ0DBAYF
P8ADBAYFlMADBAYFzoADBAMlvFADBAYlvwADBAYl3MADBAZOiwADAwFQYgMEBFD0
YAMDAFZlAwQDWFfwAwMCWYQDBAdZ34ADAwBeLAMEBoIrwAMEBpcAQAMDALA/AwMA
sjADBAK5CnwDBAG5IVADBAK5exwwCwMEBbyOoAMDALyOAwQFw7igAwQE1DDwAwQF
1GAgAwQG1d6AMA0EAgACMAcDBQQqAquAMA0GCSqGSIb3DQEBCwUAA4IBAQBEEEf6
/IjI0xltbXJgE2sktHU6H9BbMFopgfMTNIpi7da0TKdw/ohhDf04KPZT+kpfcVBQ
+Fu4BmL3vFB+/qbkyIGl4+HbPVP5DQdn3nWuiv4sOKNTyaG8+cCx0kLsy7t/TCqd
toUSim012OlvUjqQ7LVkRh6XfqkJkRq4I4uYYmg3rPbF3hNyoNSJ+jI8w8i/ojNy
GYXWRDUOZP3ZWMeo+7mjd5o28/4m88uag1KeZOOjy1ggMqj+/m3U7O9nsDJ+8oZi
d1BcJkEEsmU5YbjVVwIPnAIaOa1JAWb76yG7vgLnozV+/X5Imr1r2FpwixFdMpsR
d//v9kS1CZtpKEUO
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:23 2025 by rpki-client