Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/3veHcD33NWmzrgfJNI5qdwCjXkg.roa
File: 3veHcD33NWmzrgfJNI5qdwCjXkg.roa (raw, json)
Hash identifier: uX3mAnCnwiYeWCDhavHQg+YHR9blwl5kahQ+auHGs+c=
Subject key identifier: DE:F7:87:70:3D:F7:35:69:B3:AE:07:C9:34:8E:6A:77:00:A3:5E:48
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01874650D24C19CDC867D22F7642B6CF02AA
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/3veHcD33NWmzrgfJNI5qdwCjXkg.roa
Signing time: Mon 03 Apr 2023 08:51:54 +0000
ROA not before: Mon 03 Apr 2023 08:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 185.125.192.0/22 maxlen: 32
84.39.224.0/21 maxlen: 32
93.114.8.0/23 maxlen: 32
93.114.10.0/23 maxlen: 32
93.114.12.0/22 maxlen: 32
92.43.84.0/22 maxlen: 32
95.215.36.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
185.229.250.0/24 maxlen: 32
203.166.152.0/22 maxlen: 32
203.166.148.0/22 maxlen: 32
188.119.116.0/22 maxlen: 32
89.249.51.0/24 maxlen: 32
94.176.112.0/20 maxlen: 32
185.38.102.0/24 maxlen: 32
150.129.92.0/22 maxlen: 32
43.240.140.0/22 maxlen: 32
89.38.132.0/23 maxlen: 32
83.229.76.0/22 maxlen: 32
119.13.192.0/20 maxlen: 32
83.229.104.0/22 maxlen: 32
121.91.80.0/21 maxlen: 32
185.90.243.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
89.19.42.0/23 maxlen: 32
103.204.124.0/22 maxlen: 32
209.20.176.0/21 maxlen: 32
185.131.220.0/24 maxlen: 32
93.180.192.0/20 maxlen: 32
93.115.12.0/23 maxlen: 32
89.34.78.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:46:50:d2:4c:19:cd:c8:67:d2:2f:76:42:b6:cf:02:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Apr 3 08:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=def787703df73569b3ae07c9348e6a7700a35e48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3a:0c:74:96:d0:51:72:41:69:0d:ee:9d:21:
13:da:50:9e:78:33:8f:e3:89:2e:61:d8:cf:07:27:
0f:da:9d:51:ce:62:44:9c:50:c8:56:9c:e2:f8:df:
db:89:64:b3:25:10:01:fd:72:10:8e:08:1a:55:d9:
79:d3:88:75:ef:32:f2:84:f0:5a:96:70:41:69:7a:
ee:f0:2f:9f:12:08:e7:3e:de:a0:d3:5f:57:83:49:
c2:a8:a9:26:eb:db:7c:92:c8:db:b0:11:91:cf:c2:
de:d7:31:67:9b:65:05:79:9c:c0:de:5d:4d:41:0a:
7c:a8:d5:d2:5b:0d:6b:1c:55:7d:f5:74:30:2a:54:
9b:5d:9e:57:82:38:2e:48:5f:48:7c:bf:9c:dc:89:
90:71:84:2a:86:65:a0:a6:00:ee:fc:03:76:e9:50:
a2:a2:61:64:39:bf:60:ae:6a:f5:91:f3:f9:1d:66:
0e:b9:1b:17:ad:50:f3:55:d7:af:84:e4:e3:bc:d8:
61:4f:68:8b:6a:e8:37:aa:d8:d4:9e:b6:47:39:2b:
9a:ce:af:f8:ee:ef:44:9b:7e:4c:06:74:ab:54:d6:
49:13:c8:9c:f4:cb:42:ef:50:bb:67:89:23:51:ad:
fc:50:ae:98:8d:22:4f:2a:f0:91:d3:68:22:30:66:
96:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F7:87:70:3D:F7:35:69:B3:AE:07:C9:34:8E:6A:77:00:A3:5E:48
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/3veHcD33NWmzrgfJNI5qdwCjXkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.240.140.0/22
45.142.92.0/22
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
89.19.42.0/23
89.34.78.0/23
89.38.132.0/23
89.249.51.0/24
92.43.84.0/22
93.114.8.0/21
93.115.12.0/23
93.180.192.0/20
94.176.112.0/20
95.215.36.0/22
103.204.124.0/22
119.13.192.0/20
121.91.80.0/21
150.129.92.0/22
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/24
185.229.250.0/24
188.119.116.0/22
203.166.148.0-203.166.155.255
209.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:af:f3:60:cc:bf:ec:4b:8c:37:2a:d1:30:55:97:f1:a6:c8:
13:96:d2:42:29:9e:da:1f:d8:2d:c7:e4:90:d7:c3:a6:5c:54:
27:a2:9f:15:e7:54:8b:27:33:52:55:98:79:61:71:20:4c:15:
39:4d:65:f9:5b:99:27:f4:45:87:84:62:99:aa:38:27:d9:c4:
77:9a:de:d8:78:88:b6:94:9d:9e:77:98:22:d2:ff:b7:d6:aa:
ca:86:6b:9d:03:ef:70:dd:ab:76:90:e2:f6:3d:e6:50:f3:1c:
e2:3f:be:3c:d9:be:e4:fb:ac:30:36:27:9a:79:11:c0:a6:7c:
c7:a0:d0:94:b6:c4:5a:1b:43:21:a6:df:3e:3a:c3:a2:53:37:
0e:87:09:03:af:75:28:f6:4d:8a:33:a3:01:7f:2e:10:a4:73:
72:4f:db:71:f0:5c:17:a4:36:60:65:a3:d0:bf:f1:97:03:48:
7e:69:08:a7:b1:de:48:af:2e:a7:f3:59:b5:76:7b:84:32:82:
b4:ea:4e:3d:da:7a:8e:e9:25:ce:d7:92:11:41:30:9a:30:3f:
f3:22:e6:b9:5e:b7:be:02:40:07:f7:91:23:21:38:8b:b9:ed:
64:83:41:94:94:70:4c:54:f5:b2:6a:fe:48:e0:00:0d:65:49:
29:7c:f1:0e
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAYdGUNJMGc3IZ9IvdkK2zwKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjMwNDAzMDg1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY3ODc3MDNkZjczNTY5YjNhZTA3YzkzNDhlNmE3NzAwYTM1ZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDoMdJbQUXJBaQ3unSET2lCeeDOP
44kuYdjPBycP2p1RzmJEnFDIVpzi+N/biWSzJRAB/XIQjggaVdl504h17zLyhPBa
lnBBaXru8C+fEgjnPt6g019Xg0nCqKkm69t8ksjbsBGRz8Le1zFnm2UFeZzA3l1N
QQp8qNXSWw1rHFV99XQwKlSbXZ5XgjguSF9IfL+c3ImQcYQqhmWgpgDu/AN26VCi
omFkOb9grmr1kfP5HWYOuRsXrVDzVdevhOTjvNhhT2iLaug3qtjUnrZHOSuazq/4
7u9Em35MBnSrVNZJE8ic9MtC71C7Z4kjUa38UK6YjSJPKvCR02giMGaWzwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFN73h3A99zVps64HyTSOancAo15IMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvM3ZlSGNEMzNOV216cmdmSk5JNXFkd0NqWGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAIr
8IwDBAItjlwDBABOiigwDAMEAE6KLwMEAE6KMAMEAE6KMgMEAlPlTAMEAlPlaAME
A1Qn4AMEAVkTKgMEAVkiTgMEAVkmhAMEAFn5MwMEAlwrVAMEA11yCAMEAV1zDAME
BF20wAMEBF6wcAMEAl/XJAMEAmfMfAMEBHcNwAMEA3lbUAMEApaBXAMEALkmZgME
ALla8wMEArl9wAMEALmD3AMEALnl+gMEArx3dDAMAwQCy6aUAwQCy6aYAwQD0RSw
MA0GCSqGSIb3DQEBCwUAA4IBAQA/r/NgzL/sS4w3KtEwVZfxpsgTltJCKZ7aH9gt
x+SQ18OmXFQnop8V51SLJzNSVZh5YXEgTBU5TWX5W5kn9EWHhGKZqjgn2cR3mt7Y
eIi2lJ2ed5gi0v+31qrKhmudA+9w3at2kOL2PeZQ8xziP7482b7k+6wwNieaeRHA
pnzHoNCUtsRaG0Mhpt8+OsOiUzcOhwkDr3Uo9k2KM6MBfy4QpHNyT9tx8FwXpDZg
ZaPQv/GXA0h+aQinsd5Iry6n81m1dnuEMoK06k492nqO6SXO15IRQTCaMD/zIua5
Xre+AkAH95EjITiLue1kg0GUlHBMVPWyav5I4AANZUkpfPEO
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:09 2025 by rpki-client