Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/THr3g9OkPvsy14BHilEZG56BiqU.roa
File: THr3g9OkPvsy14BHilEZG56BiqU.roa (raw, json)
Hash identifier: 3xhlPP170oH7ChTM2ZqRCOHhpB5jGmO+80m0RUL/u1M=
Subject key identifier: 4C:7A:F7:83:D3:A4:3E:FB:32:D7:80:47:8A:51:19:1B:9E:81:8A:A5
Certificate issuer: /CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Certificate serial: 0194266B9C551FD535CE32D3F7E1E96A2C55
Authority key identifier: FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/THr3g9OkPvsy14BHilEZG56BiqU.roa
Signing time: Thu 02 Jan 2025 09:49:34 +0000
ROA not before: Thu 02 Jan 2025 09:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211309
IP address blocks: 46.227.152.0/21 maxlen: 21
81.88.64.0/21 maxlen: 21
81.95.80.0/20 maxlen: 20
82.148.168.0/21 maxlen: 21
82.148.176.0/20 maxlen: 20
89.207.136.0/21 maxlen: 21
109.169.112.0/21 maxlen: 21
178.174.112.0/20 maxlen: 20
185.176.244.0/23 maxlen: 23
185.176.244.0/24 maxlen: 24
185.176.245.0/24 maxlen: 24
185.178.4.0/22 maxlen: 22
185.190.36.0/24 maxlen: 24
193.168.156.0/22 maxlen: 22
212.89.96.0/19 maxlen: 19
2a0a:2780::/31 maxlen: 31
2a0a:2780::/32 maxlen: 32
2a0a:2781::/32 maxlen: 32
2a10:d640::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:9c:55:1f:d5:35:ce:32:d3:f7:e1:e9:6a:2c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8208b129c53e87c3f0d0ed1bca85730140f390
Validity
Not Before: Jan 2 09:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c7af783d3a43efb32d780478a51191b9e818aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:6e:36:1c:1c:05:dd:53:bb:53:19:cb:b3:
91:75:1d:57:bb:da:16:62:5c:e4:98:09:23:cb:64:
dd:75:33:32:40:17:07:a2:e0:93:cc:aa:ab:32:ad:
60:0d:da:dc:30:d9:d7:7e:6c:5e:1f:64:9e:23:55:
5b:ea:c1:7b:85:66:18:66:f8:7a:f7:ba:8e:30:33:
11:21:51:d6:75:95:40:34:7f:07:49:0d:09:0b:a3:
44:94:6d:28:d5:e4:9b:e2:ce:70:be:7c:16:8b:c7:
95:54:15:02:a7:54:94:7b:e7:45:bc:c5:06:06:60:
a4:ba:a8:d6:02:e8:af:85:49:e4:35:a9:d6:11:36:
30:57:f8:fd:e7:bd:48:f6:0d:d0:b8:83:0c:e6:a1:
80:db:f6:4b:fa:b2:45:6f:27:7d:cf:d3:47:88:21:
ef:cd:ec:01:71:75:4f:6a:ab:55:46:28:11:b8:27:
25:b4:55:90:65:64:ff:8e:e4:75:1e:4f:7d:6b:b0:
e5:71:8b:b1:68:a8:6a:b1:ba:a0:4a:a5:3a:61:b0:
3e:df:26:e2:b0:f6:86:81:a8:eb:02:f6:19:9d:a8:
25:25:a7:0c:d3:db:39:53:ff:d6:e4:34:5b:17:e7:
18:bc:c2:b3:6c:17:98:0a:37:40:ab:6c:58:8e:ce:
40:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:7A:F7:83:D3:A4:3E:FB:32:D7:80:47:8A:51:19:1B:9E:81:8A:A5
X509v3 Authority Key Identifier:
keyid:FF:82:08:B1:29:C5:3E:87:C3:F0:D0:ED:1B:CA:85:73:01:40:F3:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IIsSnFPofD8NDtG8qFcwFA85A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/THr3g9OkPvsy14BHilEZG56BiqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/9680c7-57d7-49c6-8b63-40153c5d0a47/1/_4IIsSnFPofD8NDtG8qFcwFA85A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.152.0/21
81.88.64.0/21
81.95.80.0/20
82.148.168.0-82.148.191.255
89.207.136.0/21
109.169.112.0/21
178.174.112.0/20
185.176.244.0/23
185.178.4.0/22
185.190.36.0/24
193.168.156.0/22
212.89.96.0/19
IPv6:
2a0a:2780::/31
2a10:d640::/29
Signature Algorithm: sha256WithRSAEncryption
97:50:49:a8:4b:34:da:fe:8f:ba:7a:c2:60:b1:54:19:95:e3:
83:3c:8d:f6:41:e9:4d:93:7f:43:ea:78:12:d1:3f:b1:5d:16:
f7:23:8c:bf:c6:37:6a:48:16:0e:43:04:c1:7a:ef:79:8f:d9:
ba:d5:21:ff:c3:8c:21:df:ce:e6:25:3b:89:2e:6e:c8:2b:0c:
e2:22:b9:50:15:eb:fd:b9:03:c3:7c:ab:50:c3:2c:da:ae:37:
7b:0e:dc:29:cc:1e:33:07:64:d2:5b:bb:be:52:fd:56:5d:7f:
5e:ca:ab:2c:92:d1:88:f0:9f:4a:36:5d:ad:d6:14:82:a9:26:
6d:8b:28:db:13:fc:e4:7c:54:19:d2:1b:0e:8a:9f:45:1b:51:
f5:69:21:52:bc:24:93:aa:8a:bf:53:d2:31:81:c8:d0:71:57:
8e:29:3e:31:6f:08:5a:cf:bc:9f:62:30:a8:0d:40:77:92:5b:
e6:bd:31:57:93:cc:10:ef:41:45:cf:8b:82:80:ad:d6:77:23:
c3:24:77:a7:32:4f:47:dc:35:0b:6f:3d:c9:0f:e4:45:e9:ee:
ed:76:78:d4:60:ba:77:2f:68:a5:86:13:ee:95:76:c9:b3:e2:
7e:b6:00:c1:e1:cb:65:aa:58:16:69:94:e6:5d:9b:e4:11:f5:
6b:7b:b7:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZQma5xVH9U1zjLT9+HpaixVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIwOGIxMjljNTNlODdjM2YwZDBlZDFiY2E4NTczMDE0
MGYzOTAwHhcNMjUwMTAyMDk0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzdhZjc4M2QzYTQzZWZiMzJkNzgwNDc4YTUxMTkxYjllODE4YWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUZuNhwcBd1Tu1MZy7ORdR1Xu9oW
YlzkmAkjy2TddTMyQBcHouCTzKqrMq1gDdrcMNnXfmxeH2SeI1Vb6sF7hWYYZvh6
97qOMDMRIVHWdZVANH8HSQ0JC6NElG0o1eSb4s5wvnwWi8eVVBUCp1SUe+dFvMUG
BmCkuqjWAuivhUnkNanWETYwV/j9571I9g3QuIMM5qGA2/ZL+rJFbyd9z9NHiCHv
zewBcXVPaqtVRigRuCcltFWQZWT/juR1Hk99a7DlcYuxaKhqsbqgSqU6YbA+3ybi
sPaGgajrAvYZnaglJacM09s5U//W5DRbF+cYvMKzbBeYCjdAq2xYjs5AcQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFEx694PTpD77MteAR4pRGRuegYqlMB8GA1UdIwQY
MBaAFP+CCLEpxT6Hw/DQ7RvKhXMBQPOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMt
NDAxNTNjNWQwYTQ3LzEvVEhyM2c5T2tQdnN5MTRCSGlsRVpHNTZCaXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS85NjgwYzctNTdkNy00OWM2LThiNjMtNDAxNTNjNWQwYTQ3
LzEvXzRJSXNTbkZQb2ZEOE5EdEc4cUZjd0ZBODVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQAwQDLuOYAwQD
UVhAAwQEUV9QMAwDBANSlKgDBAZSlIADBANZz4gDBANtqXADBASyrnADBAG5sPQD
BAK5sgQDBAC5viQDBALBqJwDBAXUWWAwFAQCAAIwDgMFASoKJ4ADBQMqENZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCXUEmoSzTa/o+6esJgsVQZleODPI32QelNk39D6ngS
0T+xXRb3I4y/xjdqSBYOQwTBeu95j9m61SH/w4wh387mJTuJLm7IKwziIrlQFev9
uQPDfKtQwyzarjd7DtwpzB4zB2TSW7u+Uv1WXX9eyqssktGI8J9KNl2t1hSCqSZt
iyjbE/zkfFQZ0hsOip9FG1H1aSFSvCSTqoq/U9IxgcjQcVeOKT4xbwhaz7yfYjCo
DUB3klvmvTFXk8wQ70FFz4uCgK3WdyPDJHenMk9H3DULbz3JD+RF6e7tdnjUYLp3
L2ilhhPulXbJs+J+tgDB4ctlqlgWaZTmXZvkEfVre7fZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:10 2025 by rpki-client