Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/32zc-LXmMR6x0xIUhBWcHNAbwtU.roa
File: 32zc-LXmMR6x0xIUhBWcHNAbwtU.roa (raw, json)
Hash identifier: u8NkHnjtIFcLlrXnANHRipTUbJu+OSRN4OG5POQXt6s=
Subject key identifier: DF:6C:DC:F8:B5:E6:31:1E:B1:D3:12:14:84:15:9C:1C:D0:1B:C2:D5
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 019420D646F6674A07B21BFB0B2154C2C2CC
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/32zc-LXmMR6x0xIUhBWcHNAbwtU.roa
Signing time: Wed 01 Jan 2025 07:48:21 +0000
ROA not before: Wed 01 Jan 2025 07:48:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205516
IP address blocks: 45.86.80.0/22 maxlen: 24
89.223.4.0/24 maxlen: 24
89.223.11.0/24 maxlen: 24
91.147.96.0/22 maxlen: 24
185.215.160.0/22 maxlen: 24
2a0b:abc0::/29 maxlen: 48
2a0e:db80::/29 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:46:f6:67:4a:07:b2:1b:fb:0b:21:54:c2:c2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Jan 1 07:48:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df6cdcf8b5e6311eb1d3121484159c1cd01bc2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2e:cf:fa:6e:e2:7c:c9:9e:b5:a8:ac:ba:f5:
52:52:6f:20:be:0c:8b:60:79:e0:f0:50:bc:91:e9:
e2:19:8b:64:f8:60:fb:8b:12:96:94:a9:6c:58:63:
8e:02:f1:2e:44:97:77:12:5a:0a:70:0a:65:71:41:
3d:f2:e3:92:08:cb:3b:cf:c2:73:52:df:d7:23:96:
01:65:49:ff:1b:75:2c:66:9d:41:36:a0:ab:1e:79:
55:5c:52:bb:a1:92:aa:12:88:93:97:14:2f:a5:c2:
67:66:36:aa:26:80:5c:e6:d9:38:b6:bc:c7:59:58:
97:0d:b7:95:19:b5:9d:15:00:c6:31:3f:79:c2:c6:
e6:1d:0c:4e:5f:7c:60:56:c3:fd:9b:92:3d:57:ec:
03:3c:fc:30:0e:08:2f:9e:b5:de:75:9d:9d:58:f0:
9e:12:fc:52:33:07:2f:bf:03:07:b1:fb:73:b1:01:
1b:61:e3:fd:47:37:ff:3d:ed:8f:14:65:dc:03:8a:
ca:19:80:59:16:38:34:7e:fe:1f:3e:ef:31:aa:88:
61:a9:3c:25:6a:bc:b4:9c:e3:1a:b9:d6:a8:7e:2a:
5d:2b:a6:59:cd:ef:3e:85:98:ea:ea:83:82:db:da:
2b:6a:03:20:66:69:a2:ff:c0:fb:da:06:9d:fe:72:
98:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6C:DC:F8:B5:E6:31:1E:B1:D3:12:14:84:15:9C:1C:D0:1B:C2:D5
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/32zc-LXmMR6x0xIUhBWcHNAbwtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.80.0/22
89.223.4.0/24
89.223.11.0/24
91.147.96.0/22
185.215.160.0/22
IPv6:
2a0b:abc0::/29
2a0e:db80::/29
Signature Algorithm: sha256WithRSAEncryption
2d:b2:91:ab:1c:db:db:74:c2:82:ca:f3:3b:54:fa:9b:9a:76:
ef:cf:7a:ea:57:08:94:fe:da:e2:6b:22:ca:eb:b0:5c:27:1f:
36:d8:b5:9c:09:92:66:80:86:9a:be:b8:52:00:c7:68:a0:10:
c3:52:7a:74:2f:c8:35:e0:58:72:31:cd:0c:77:91:f4:30:9a:
42:04:1d:23:2c:af:23:51:1b:2e:21:23:2b:03:59:fa:90:c0:
fe:c5:a0:6c:d0:4d:25:02:1a:84:cc:19:42:4c:cb:95:30:10:
22:63:9c:e5:9f:ca:24:91:8e:cf:64:61:e3:2e:1c:7c:b9:ff:
b4:c3:1c:a3:a4:d4:d0:74:78:ee:0e:e6:1b:88:38:87:32:6c:
e3:40:9b:dd:de:c0:e5:c2:fd:e1:41:89:2c:72:ea:bb:cb:b9:
5d:05:8d:ae:f3:f9:52:84:20:3e:0d:3d:5c:3a:a2:1c:9d:79:
42:b0:f6:15:21:d8:3a:6c:50:dd:d3:f4:e6:c1:3a:b5:cf:03:
08:af:e9:e1:a9:1d:1e:4f:d0:aa:76:6f:e2:a9:4b:39:9d:28:
09:c9:60:24:8f:a3:8c:29:ae:a9:76:cd:48:16:3e:66:8f:c0:
37:b2:96:3e:9f:57:67:24:08:66:11:04:c4:81:ab:2f:f3:5d:
12:a7:63:96
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZQg1kb2Z0oHshv7CyFUwsLMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjUwMTAxMDc0ODIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZjZGNmOGI1ZTYzMTFlYjFkMzEyMTQ4NDE1OWMxY2QwMWJjMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC7P+m7ifMmetaisuvVSUm8gvgyL
YHng8FC8keniGYtk+GD7ixKWlKlsWGOOAvEuRJd3EloKcAplcUE98uOSCMs7z8Jz
Ut/XI5YBZUn/G3UsZp1BNqCrHnlVXFK7oZKqEoiTlxQvpcJnZjaqJoBc5tk4trzH
WViXDbeVGbWdFQDGMT95wsbmHQxOX3xgVsP9m5I9V+wDPPwwDggvnrXedZ2dWPCe
EvxSMwcvvwMHsftzsQEbYeP9Rzf/Pe2PFGXcA4rKGYBZFjg0fv4fPu8xqohhqTwl
ary0nOMaudaofipdK6ZZze8+hZjq6oOC29oragMgZmmi/8D72gad/nKYewIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFN9s3Pi15jEesdMSFIQVnBzQG8LVMB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvMzJ6Yy1MWG1NUjZ4MHhJVWhCV2NITkFid3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVZQAwQA
Wd8EAwQAWd8LAwQCW5NgAwQCudegMBQEAgACMA4DBQMqC6vAAwUDKg7bgDANBgkq
hkiG9w0BAQsFAAOCAQEALbKRqxzb23TCgsrzO1T6m5p278966lcIlP7a4msiyuuw
XCcfNti1nAmSZoCGmr64UgDHaKAQw1J6dC/INeBYcjHNDHeR9DCaQgQdIyyvI1Eb
LiEjKwNZ+pDA/sWgbNBNJQIahMwZQkzLlTAQImOc5Z/KJJGOz2Rh4y4cfLn/tMMc
o6TU0HR47g7mG4g4hzJs40Cb3d7A5cL94UGJLHLqu8u5XQWNrvP5UoQgPg09XDqi
HJ15QrD2FSHYOmxQ3dP05sE6tc8DCK/p4akdHk/QqnZv4qlLOZ0oCclgJI+jjCmu
qXbNSBY+Zo/AN7KWPp9XZyQIZhEExIGrL/NdEqdjlg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:50:48 2025 by rpki-client