Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/tJh122419FX7oJQGYtZtkXOvqn0.roa
File: tJh122419FX7oJQGYtZtkXOvqn0.roa (raw, json)
Hash identifier: 80WcSAxcwtJA+++UZrQ3DpOoXBp5rklUr6m+pRMbNZo=
Subject key identifier: B4:98:75:DB:6E:35:F4:55:FB:A0:94:06:62:D6:6D:91:73:AF:AA:7D
Certificate issuer: /CN=3cca849b375015f433e9a240ecabf03cf152c781
Certificate serial: 019426D92D4B999B3338F9A530ED190D0313
Authority key identifier: 3C:CA:84:9B:37:50:15:F4:33:E9:A2:40:EC:AB:F0:3C:F1:52:C7:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PMqEmzdQFfQz6aJA7KvwPPFSx4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/tJh122419FX7oJQGYtZtkXOvqn0.roa
Signing time: Thu 02 Jan 2025 11:49:14 +0000
ROA not before: Thu 02 Jan 2025 11:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6776
IP address blocks: 185.150.52.0/22 maxlen: 22
193.135.152.0/23 maxlen: 23
193.135.164.0/24 maxlen: 24
193.135.165.0/24 maxlen: 24
193.135.252.0/24 maxlen: 24
193.135.253.0/24 maxlen: 24
193.247.78.0/23 maxlen: 23
193.247.93.0/24 maxlen: 24
193.247.100.0/24 maxlen: 24
193.247.102.0/24 maxlen: 24
193.247.120.0/22 maxlen: 22
193.247.184.0/23 maxlen: 23
193.247.239.0/24 maxlen: 24
193.247.251.0/24 maxlen: 24
193.247.252.0/23 maxlen: 23
2a00:efa0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:2d:4b:99:9b:33:38:f9:a5:30:ed:19:0d:03:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cca849b375015f433e9a240ecabf03cf152c781
Validity
Not Before: Jan 2 11:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b49875db6e35f455fba0940662d66d9173afaa7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:5b:3b:cf:de:7f:7d:c1:6f:e5:41:cb:8c:
8e:b0:b1:cf:e0:25:ad:10:57:ec:52:f1:b0:54:b6:
4d:90:bd:c7:f6:aa:f6:73:09:fc:94:d9:31:40:49:
69:5e:2c:9f:f5:ea:aa:d1:e7:8a:65:c6:6c:67:02:
c6:ef:90:96:9d:93:9e:6a:54:a8:b0:3e:17:27:32:
48:e8:a6:49:76:be:69:c0:85:4f:c6:c0:a8:65:19:
72:8d:36:21:b2:60:84:b0:90:59:8c:71:38:40:04:
d7:59:4b:5e:05:c7:64:40:96:d8:66:e2:92:ae:9c:
db:07:7e:47:e1:01:b6:c7:07:a0:03:79:61:64:25:
18:e7:68:12:7f:7d:f7:7d:76:9e:1e:70:24:95:dc:
b7:67:8d:4c:11:54:24:63:90:c5:99:e0:f1:07:c7:
6f:2e:4c:18:08:a4:90:97:03:2d:4d:99:08:cd:45:
ed:1c:24:3d:a3:f5:62:85:8b:f8:c1:56:01:75:89:
d6:a6:ae:4a:0b:54:09:16:14:3c:c0:1e:e6:98:18:
91:42:d5:5b:e0:f8:04:67:8e:d7:06:8b:84:f4:45:
a0:35:13:f0:92:5f:d0:ea:6a:20:af:37:e0:c1:3a:
02:a3:50:1f:b0:e7:b5:f4:e2:32:b1:9b:28:b8:2b:
3d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:98:75:DB:6E:35:F4:55:FB:A0:94:06:62:D6:6D:91:73:AF:AA:7D
X509v3 Authority Key Identifier:
keyid:3C:CA:84:9B:37:50:15:F4:33:E9:A2:40:EC:AB:F0:3C:F1:52:C7:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PMqEmzdQFfQz6aJA7KvwPPFSx4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/tJh122419FX7oJQGYtZtkXOvqn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/275636-fe3f-4528-bd7e-d6255f2527da/1/PMqEmzdQFfQz6aJA7KvwPPFSx4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.52.0/22
193.135.152.0/23
193.135.164.0/23
193.135.252.0/23
193.247.78.0/23
193.247.93.0/24
193.247.100.0/24
193.247.102.0/24
193.247.120.0/22
193.247.184.0/23
193.247.239.0/24
193.247.251.0-193.247.253.255
IPv6:
2a00:efa0::/32
Signature Algorithm: sha256WithRSAEncryption
6f:f8:9e:0c:bd:2d:90:2d:ef:9b:7f:94:4f:60:8a:5c:1f:a1:
b0:77:5c:b3:c2:e3:dd:9b:c5:ba:dc:4e:19:36:b2:c5:20:e4:
c0:78:3d:d1:90:e7:96:84:4e:a6:ad:84:32:83:af:79:ec:13:
a1:94:a1:83:09:b2:8e:f9:71:c2:7f:32:a2:33:c8:74:19:73:
d9:c9:d7:63:d8:24:db:03:65:36:22:3f:5a:d9:7c:2e:bc:af:
04:82:9d:0a:65:09:a6:8a:fb:69:30:e9:72:5b:87:74:0c:02:
a0:6a:b6:71:8e:62:d5:c2:d2:72:68:6e:3d:9a:40:57:93:ad:
01:a1:6d:d0:11:2f:7e:29:3c:9b:33:86:8c:5c:30:54:72:6c:
37:cb:f8:1a:d3:65:ee:52:b9:7d:f5:70:ab:ef:af:de:e8:a5:
50:c3:c0:2d:5f:2d:52:e4:a6:4e:c8:51:9d:a6:50:26:f0:e0:
70:18:11:e3:47:3c:15:d5:db:96:17:5d:16:98:56:66:44:22:
7d:40:55:27:92:1f:5f:f9:c9:17:1a:bd:ca:20:c9:04:8c:08:
7e:83:78:22:39:54:44:fa:75:c0:f0:db:4b:b6:68:0e:ea:ab:
42:32:ab:0a:d7:88:76:23:cb:d4:67:54:0d:a7:64:6c:1c:3a:
36:e4:2c:0f
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZQm2S1LmZszOPmlMO0ZDQMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjY2E4NDliMzc1MDE1ZjQzM2U5YTI0MGVjYWJmMDNjZjE1
MmM3ODEwHhcNMjUwMTAyMTE0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDk4NzVkYjZlMzVmNDU1ZmJhMDk0MDY2MmQ2NmQ5MTczYWZhYTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUVbO8/ef33Bb+VBy4yOsLHP4CWt
EFfsUvGwVLZNkL3H9qr2cwn8lNkxQElpXiyf9eqq0eeKZcZsZwLG75CWnZOealSo
sD4XJzJI6KZJdr5pwIVPxsCoZRlyjTYhsmCEsJBZjHE4QATXWUteBcdkQJbYZuKS
rpzbB35H4QG2xwegA3lhZCUY52gSf333fXaeHnAkldy3Z41MEVQkY5DFmeDxB8dv
LkwYCKSQlwMtTZkIzUXtHCQ9o/VihYv4wVYBdYnWpq5KC1QJFhQ8wB7mmBiRQtVb
4PgEZ47XBouE9EWgNRPwkl/Q6mogrzfgwToCo1AfsOe19OIysZsouCs9+wIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFLSYddtuNfRV+6CUBmLWbZFzr6p9MB8GA1UdIwQY
MBaAFDzKhJs3UBX0M+miQOyr8DzxUseBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE1xRW16ZFFGZlF6NmFKQTdLdndQUEZTeDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yNzU2MzYtZmUzZi00NTI4LWJkN2Ut
ZDYyNTVmMjUyN2RhLzEvdEpoMTIyNDE5Rlg3b0pRR1l0WnRrWE92cW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi8yNzU2MzYtZmUzZi00NTI4LWJkN2UtZDYyNTVmMjUyN2Rh
LzEvUE1xRW16ZFFGZlF6NmFKQTdLdndQUEZTeDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBWBAIAATBQAwQCuZY0AwQB
wYeYAwQBwYekAwQBwYf8AwQBwfdOAwQAwfddAwQAwfdkAwQAwfdmAwQCwfd4AwQB
wfe4AwQAwffvMAwDBADB9/sDBAHB9/wwDQQCAAIwBwMFACoA76AwDQYJKoZIhvcN
AQELBQADggEBAG/4ngy9LZAt75t/lE9gilwfobB3XLPC492bxbrcThk2ssUg5MB4
PdGQ55aETqathDKDr3nsE6GUoYMJso75ccJ/MqIzyHQZc9nJ12PYJNsDZTYiP1rZ
fC68rwSCnQplCaaK+2kw6XJbh3QMAqBqtnGOYtXC0nJobj2aQFeTrQGhbdARL34p
PJszhoxcMFRybDfL+BrTZe5SuX31cKvvr97opVDDwC1fLVLkpk7IUZ2mUCbw4HAY
EeNHPBXV25YXXRaYVmZEIn1AVSeSH1/5yRcavcogyQSMCH6DeCI5VET6dcDw20u2
aA7qq0IyqwrXiHYjy9RnVA2nZGwcOjbkLA8=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:19 2025 by rpki-client